Mnoho procesů, havěť?
Napsal: 18 pro 2018 22:22
Zdravíčko, poslední dobou notebooku nějak všecko trvá a hlavně mě překvapilo, že procesy typu csrss.exe dwm.exe logonui, winlogon jedou ve více jak 10 kopiích toho samého procesu - to předtím nebývalo. Můžete prosím mrknout, zda se usídlila ve stroji nějaká potvora? Díky!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.12.2018
Ran by admin (administrator) on KACER (18-12-2018 22:13:54)
Running from C:\Users\Josif\Desktop
Loaded Profiles: Petr & admin & UpdatusUser (Available Profiles: Petr & admin & UpdatusUser & Administrator & Guest)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (IvoSoft)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-08-12] (AVAST Software)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2014-03-19] (Dritek System Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3750208 2018-08-28] (Dropbox, Inc.)
HKLM\...\RunOnce: [*Restore] => C:\WINDOWS\System32\rstrui.exe [273920 2014-11-21] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [CoreTemp.{2CB63EF0-592C-401B-81E1-1264D2A22854}] => "C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{2CB63EF0-592C-401B-81E1-1264D2A22854}\NVI2.DLL",Resume C:\Program Files\NVIDIA Corporation\Installer2\insta (the data entry has 53 more characters).
HKLM-x32\...\RunOnce: [CoreTemp.{EF5B3817-1E38-4C69-9C33-65B9A250057F}] => "C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{EF5B3817-1E38-4C69-9C33-65B9A250057F}\NVI2.DLL",Resume C:\Program Files\NVIDIA Corporation\Installer2\insta (the data entry has 53 more characters).
HKLM-x32\...\RunOnce: [{6095CEB1-C07E-4EA7-9ADC-333B6E617B46}] => cmd.exe /C start /D "C:\Users\admin\AppData\Local\Temp\{6095CEB1-C07E-4EA7-9ADC-333B6E617B46}" /B {AE5912C9-0D68-430C-A415-46D1F7B38CA7}.exe -accepteula -accepteulaksn -postboot <==== ATTENTION
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] (Qualcomm Atheros Commnucations)
HKU\S-1-5-21-3756156275-3785935927-1959247443-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-11] (Piriform Ltd)
HKU\S-1-5-21-3756156275-3785935927-1959247443-1006\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-11] (Piriform Ltd)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{18F933EA-C684-4CB7-9067-3C5A1AB5690E}: [DhcpNameServer] 79.98.72.27 8.8.8.8
Tcpip\..\Interfaces\{720AE84B-BA74-48BA-8156-B1A41B32200C}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-3756156275-3785935927-1959247443-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/
HKU\S-1-5-21-3756156275-3785935927-1959247443-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-3756156275-3785935927-1959247443-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/
HKU\S-1-5-21-3756156275-3785935927-1959247443-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
URLSearchHook: [S-1-5-21-3756156275-3785935927-1959247443-1011] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\S-1-5-21-3756156275-3785935927-1959247443-1002 -> DefaultScope {8C17FCBB-C3EF-4060-8D6F-B462874A4EDA} URL =
SearchScopes: HKU\S-1-5-21-3756156275-3785935927-1959247443-1002 -> {8C17FCBB-C3EF-4060-8D6F-B462874A4EDA} URL =
SearchScopes: HKU\S-1-5-21-3756156275-3785935927-1959247443-1006 -> DefaultScope {8C17FCBB-C3EF-4060-8D6F-B462874A4EDA} URL =
SearchScopes: HKU\S-1-5-21-3756156275-3785935927-1959247443-1006 -> {8C17FCBB-C3EF-4060-8D6F-B462874A4EDA} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-25] (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-05-14] (AVAST Software)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-05-14] (AVAST Software)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
FireFox:
========
FF DefaultProfile: F861DC2F.default
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\F861DC2F.default [2018-12-12]
FF Extension: (Avast Online Security) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\F861DC2F.default\Extensions\wrc@avast.com.xpi [2018-08-12]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files\Acer ProShield\FFExt20 => not found
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3756156275-3785935927-1959247443-1006: @lingea.com/x-lingea-translate -> C:\Program Files (x86)\Common Files\Lingea Shared\LG_Mozilla.dll [2014-04-18] (Lingea s.r.o.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ligocpecgmjonmijmlompafnhnpgjccd] - C:\Program Files (x86)\Lingea\Lexicon5\syst\LG_Chrome.crx [2014-04-18]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-08-12] (AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-12] (AVAST Software)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-21] (Broadcom Corp.) [File not signed]
S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-08] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-08] (Dropbox, Inc.)
S3 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-08-28] (Dropbox, Inc.)
R3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [237920 2012-06-22] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2014-03-19] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-11-08] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-11-08] (Microsoft Corporation)
S2 NewServiceInstall1; "C:\Program Files (x86)\SDL International\T2007\TT\Lng\Dialogs1031.lng" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [197160 2018-08-12] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229392 2018-08-12] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201328 2018-08-12] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-08-12] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59592 2018-08-12] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239680 2018-08-12] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-08-12] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159640 2018-08-12] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111872 2018-08-12] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-08-12] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027728 2018-08-12] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465640 2018-08-24] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [211160 2018-08-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381584 2018-08-12] (AVAST Software)
S3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [106112 2012-06-22] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2014-03-19] (Dritek System Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12528 2018-09-24] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-11-08] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-11-08] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-11-08] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-12-18 22:03 - 2018-12-18 22:04 - 000032158 _____ C:\Users\Josif\Desktop\Addition.txt
2018-12-18 22:01 - 2018-12-18 22:14 - 000019945 _____ C:\Users\Josif\Desktop\FRST.txt
2018-12-18 22:01 - 2018-12-18 22:13 - 000000000 ____D C:\FRST
2018-12-18 22:00 - 2018-12-18 22:00 - 002417152 _____ (Farbar) C:\Users\Josif\Desktop\FRST64.exe
2018-12-18 21:46 - 2018-12-18 21:54 - 838848651 _____ C:\Users\Josif\Downloads\Vikings.S05E13.720p.HDTV.x264-AVS.mkv
2018-12-18 21:45 - 2018-12-18 21:45 - 000028801 _____ C:\Users\Josif\Downloads\Vikings-5x13.zip
2018-12-12 22:28 - 2018-12-12 22:28 - 000000000 ____D C:\Users\Josif\Desktop\Původní data aplikace Firefox
2018-12-12 18:19 - 2018-12-12 18:19 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\32374371.sys
2018-12-11 20:50 - 2018-12-11 21:03 - 1949414008 _____ C:\Users\Josif\Downloads\Spojenci (2016) CZ dabing.mkv
2018-12-09 20:20 - 2018-12-09 20:22 - 156776480 _____ C:\Users\Josif\Downloads\The.Big.Bang.Theory.S12E10.HDTV.x264-SVA.mkv
2018-12-09 20:20 - 2018-12-09 20:20 - 000022748 _____ C:\Users\Josif\Downloads\The.Big.Bang.Theory.S12E10.zip
2018-12-09 20:03 - 2018-12-09 20:10 - 726545156 _____ C:\Users\Josif\Downloads\Vikings.S05E12.Murder.Most.Foul.720p.AMZN.WEB-DL.DDP5.1.H.264-MZABI.mkv
2018-12-09 19:57 - 2018-12-09 20:04 - 847797935 _____ C:\Users\Josif\Downloads\vikings.s05e11.720p.web.h264-convoy.mkv
2018-12-09 19:56 - 2018-12-09 19:56 - 000028884 _____ C:\Users\Josif\Downloads\Vikings-5x12.zip
2018-12-09 19:56 - 2018-12-09 19:56 - 000014530 _____ C:\Users\Josif\Downloads\Vikings-5x11.zip
2018-12-09 18:10 - 2018-12-09 18:10 - 008918119 _____ C:\Users\Josif\Downloads\nemesis-deck-game.pdf
2018-12-09 18:09 - 2018-12-09 18:10 - 055677157 _____ C:\Users\Josif\Downloads\nemesis-wallpapers(1).zip
2018-11-25 14:44 - 2018-11-25 14:51 - 207807728 _____ C:\Users\Josif\Downloads\disenchantment.s01e09.web.x264-strife.mkv
2018-11-25 14:44 - 2018-11-25 14:51 - 205659110 _____ C:\Users\Josif\Downloads\disenchantment.s01e10.web.x264-strife.mkv
2018-11-25 14:43 - 2018-11-25 14:56 - 231392468 _____ C:\Users\Josif\Downloads\disenchantment.s01e05.web.x264-strife.mkv
2018-11-25 14:43 - 2018-11-25 14:56 - 191334631 _____ C:\Users\Josif\Downloads\disenchantment.s01e04.web.x264-strife.mkv
2018-11-25 14:43 - 2018-11-25 14:52 - 327561517 _____ C:\Users\Josif\Downloads\disenchantment.s01e08.web.x264-strife.mkv
2018-11-25 14:43 - 2018-11-25 14:52 - 287226540 _____ C:\Users\Josif\Downloads\disenchantment.s01e07.web.x264-strife.mkv
2018-11-25 14:43 - 2018-11-25 14:52 - 221440127 _____ C:\Users\Josif\Downloads\disenchantment.s01e06.web.x264-strife.mkv
2018-11-25 14:37 - 2018-11-25 14:47 - 230119183 _____ C:\Users\Josif\Downloads\disenchantment.s01e02.web.x264-strife.mkv
2018-11-25 14:37 - 2018-11-25 14:40 - 275529901 _____ C:\Users\Josif\Downloads\disenchantment.s01e03.web.x264-strife.mkv
2018-11-25 14:37 - 2018-11-25 14:37 - 000140445 _____ C:\Users\Josif\Downloads\disenchantment-subtitles-cz-1.zip
2018-11-25 14:36 - 2018-11-25 14:42 - 351433096 _____ C:\Users\Josif\Downloads\disenchantment.s01e01.web.x264-strife.mkv
2018-11-25 14:35 - 2018-11-25 14:35 - 000013902 _____ C:\Users\Josif\Downloads\disenchantment.s01e01.web.x264-strife.zip
2018-11-22 22:33 - 2018-12-12 19:53 - 000001632 _____ C:\Users\Josif\Desktop\fcb.txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-12-18 22:05 - 2017-11-08 18:12 - 000000000 ____D C:\Users\Josif\AppData\Local\ClassicShell
2018-12-18 21:37 - 2017-11-08 18:12 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3756156275-3785935927-1959247443-1002
2018-12-18 21:34 - 2017-11-08 18:34 - 000000000 ____D C:\Users\Josif\AppData\LocalLow\Mozilla
2018-12-17 17:58 - 2017-11-08 18:33 - 000000952 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-12-17 17:58 - 2017-11-08 18:33 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-12-12 22:49 - 2017-11-08 18:59 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-12-12 22:48 - 2017-11-08 19:00 - 000004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-12-12 22:38 - 2017-11-08 18:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-12-12 18:58 - 2018-09-16 20:44 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-12-12 18:19 - 2018-09-16 20:44 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2018-12-09 20:06 - 2014-11-21 05:53 - 001739092 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-09 20:06 - 2014-11-21 05:10 - 000734510 _____ C:\WINDOWS\system32\perfh005.dat
2018-12-09 20:06 - 2014-11-21 05:10 - 000148820 _____ C:\WINDOWS\system32\perfc005.dat
2018-12-09 20:06 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2018-12-09 18:38 - 2014-11-08 20:32 - 000000000 ____D C:\Ultima Online 2D
2018-11-29 21:53 - 2017-06-13 23:55 - 000000000 ____D C:\Users\Josif\Desktop\txt
==================== Files in the root of some directories =======
2018-01-02 08:26 - 2018-01-02 08:26 - 000000096 _____ () C:\Users\admin\AppData\Roaming\version2.xml
2017-11-08 13:13 - 2017-11-08 13:13 - 000013642 _____ () C:\Users\admin\AppData\Local\HWVendorDetection.log
2018-03-04 10:15 - 2018-10-14 18:29 - 000007600 _____ () C:\Users\admin\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-11-29 18:12
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.12.2018
Ran by admin (18-12-2018 22:14:34)
Running from C:\Users\Josif\Desktop
Windows 8.1 (Update) (X64) (2017-11-08 16:36:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
admin (S-1-5-21-3756156275-3785935927-1959247443-1006 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-3756156275-3785935927-1959247443-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-3756156275-3785935927-1959247443-501 - Limited - Disabled) => C:\Users\Guest
Petr (S-1-5-21-3756156275-3785935927-1959247443-1002 - Limited - Enabled) => C:\Users\Josif
UpdatusUser (S-1-5-21-3756156275-3785935927-1959247443-1011 - Limited - Enabled) => C:\Users\UpdatusUser.kAcer
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer Registration (HKLM\...\{64E785C9-B1F9-4889-B199-5FFC69224C60}) (Version: 2.00.3006 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20064 - Adobe Systems Incorporated)
Aktualizace NVIDIA 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation)
calibre 64bit (HKLM\...\{3E7334AB-3B64-4CD0-8DAC-817FF56AED7E}) (Version: 3.12.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Diablo II CZ verze 1.13c (HKLM-x32\...\{F380060E-D8AC-4823-91B8-71B9054C8DD2}_is1) (Version: 1.13c - )
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 56.4.94 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
ETDWare PS/2-X64 11.6.16.003_WHQL (HKLM\...\Elantech) (Version: 11.6.16.003 - ELAN Microelectronic Corp.)
FOTOLAB CEWE fotosvet (HKLM-x32\...\FOTOLAB CEWE fotosvet) (Version: 6.3.5 - CEWE Stiftung u Co. KGaA)
GIMP 2.10.6 (HKLM\...\GIMP-2_is1) (Version: 2.10.6 - The GIMP Team)
Hero Editor V1.04 (HKLM-x32\...\ST6UNST #1) (Version: - )
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.12 - PandoraTV)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.)
Lingea Lexicon 5 (HKLM-x32\...\Lexicon5) (Version: - Lingea s.r.o.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3006 - Acer Incorporated)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
MKVToolNix 26.0.0 (32-bit) (HKLM-x32\...\MKVToolNix) (Version: 26.0.0 - Moritz Bunkus)
Mortal Kombat Komplete Edition (HKLM-x32\...\Mortal Kombat Komplete Edition_is1) (Version: - Warner Bros. Interactive Entertainment)
Mozilla Firefox 64.0 (x64 cs) (HKLM\...\Mozilla Firefox 64.0 (x64 cs)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0 - Mozilla)
NVIDIA Ovladače grafiky 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
Ovládací panel NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
QIP 2012 4.0.9340 (HKU\S-1-5-21-3756156275-3785935927-1959247443-1006\...\QIP 2012) (Version: 4.0.9340 - )
QIP Internet Guardian (HKU\S-1-5-21-3756156275-3785935927-1959247443-1006\...\QipGuard) (Version: - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.39 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
SDLX (HKLM-x32\...\{36E71ED6-AC20-4AED-8C51-0030EE7FB55B}) (Version: 9.2.7035 - SDL International) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1240 - SUPERAntiSpyware.com)
This War of Mine - Anniversary Edition verze 3.0.2 (HKLM-x32\...\{33C6B10A-EE07-4AFB-8545-ED50AA95D5F4}_is1) (Version: 3.0.2 - )
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.10 - Ghisler Software GmbH)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.6.0 - Unified Intents AB)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3756156275-3785935927-1959247443-1006_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-12] (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2013-01-25] (Qualcomm Atheros Commnucations)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-12] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-12] (AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2013-01-25] (Qualcomm Atheros Commnucations)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-08-27] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-12] (AVAST Software)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2017-08-13] (IvoSoft)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {070B4985-F4EE-45D0-9FA8-6CB3531804C3} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Josif\Downloads\adwcleaner_7.1.0.0.exe
Task: {15D3F501-5B7F-4EE0-B7DB-27E9A4586673} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {33A1D1E4-2CB9-4359-AE24-612ADBB0FA45} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-11-06] ()
Task: {34A81390-DE1B-47A6-B6CB-937507BB1F21} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-23] (AVAST Software)
Task: {4AD294E0-02BD-40D8-8292-3F88942845F6} - System32\Tasks\ALU_SelfUpgrade => C:\ProgramData\Acer\updater2\Download\52971980\D\UpgradeDownload.exe [2017-11-08] ()
Task: {659E9D8E-172D-450B-9754-DED4217658D7} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-21] ()
Task: {856A26E0-E402-45A1-8D3C-7B55EE1EC84D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-11] (Piriform Ltd)
Task: {896ABBD2-E3CB-44C7-B153-B8A73C257CEB} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-24] (Acer Incorporated)
Task: {A8933FD3-5600-4CB4-B885-0B6BD2584CA6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-11] (Piriform Ltd)
Task: {BDFB6F68-F204-4CB2-B98E-0313138CF8B2} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {CAC7A49E-A40C-4675-9177-5652B9709786} - System32\Tasks\GREGTask => C:\Program Files\Acer\Acer Registration\GREGLauncher.exe [2013-01-12] ()
Task: {D0FD853F-81ED-4B91-B1BB-5C97641F2EA0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {D6304E69-1A30-4637-A4AB-A76B2C141AD9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-09-16] (AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\admin\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com
==================== Loaded Modules (Whitelisted) ==============
2018-02-11 22:52 - 2016-12-29 14:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-01-25 08:09 - 2013-01-25 08:09 - 000011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-25 08:05 - 2013-01-25 08:05 - 000084992 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-25 08:12 - 2013-01-25 08:12 - 000012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-03-19 04:13 - 2012-06-25 18:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2018-04-29 11:30 - 2018-04-29 11:30 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-08-12 11:10 - 2018-08-12 11:10 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-08-12 11:09 - 2018-08-12 11:09 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\90140185.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\90140185.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-3756156275-3785935927-1959247443-1002\...\kmpmedia.net -> hxxp://player.kmpmedia.net
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2018-11-16 19:06 - 000000937 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 player.kmpmedia.net
127.0.0.1 log.kmplayer.com
127.0.0.1 cdn.kmplayer.com
127.0.0.1 cdn.pandora.tv
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3756156275-3785935927-1959247443-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img5.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-3756156275-3785935927-1959247443-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3756156275-3785935927-1959247443-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3756156275-3785935927-1959247443-1006\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3756156275-3785935927-1959247443-1006\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{769925D5-E3C3-4CD4-8266-41A8DC4DFB70}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D325BFF2-FB1C-4CA8-867F-C6AC1334DE9A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0C862F16-214D-460A-AAEE-429FFC4FEDC4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6468313F-6959-4FF0-A4AF-031D0E3BE06A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{205D23FA-7B3D-4688-8EBA-08841686D0D9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{2F5D34DB-71FA-4CBA-A117-B8F8BD5FDE46}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{EE4CAB8E-2764-4BBF-A06A-B5124E187219}C:\ultima online 2d\injection\uoam\uoam.exe] => (Allow) C:\ultima online 2d\injection\uoam\uoam.exe
FirewallRules: [UDP Query User{0B973455-A25B-407C-B02F-DD411A0E0E56}C:\ultima online 2d\injection\uoam\uoam.exe] => (Allow) C:\ultima online 2d\injection\uoam\uoam.exe
FirewallRules: [TCP Query User{07E3D6DD-31F6-4076-B761-E27D3895D38B}C:\program files (x86)\qip 2012\qip.exe] => (Allow) C:\program files (x86)\qip 2012\qip.exe
FirewallRules: [UDP Query User{19EDDA98-65F8-4810-91E0-CED5B159EF3A}C:\program files (x86)\qip 2012\qip.exe] => (Allow) C:\program files (x86)\qip 2012\qip.exe
FirewallRules: [TCP Query User{9C4F7783-F4B5-4BEC-AFC7-CA08EC0EFB74}C:\hry\openlierox\openlierox.exe] => (Block) C:\hry\openlierox\openlierox.exe
FirewallRules: [UDP Query User{9EA294C7-1311-4932-B28F-B17AB8129F3A}C:\hry\openlierox\openlierox.exe] => (Block) C:\hry\openlierox\openlierox.exe
FirewallRules: [TCP Query User{257FF1AE-1DA4-4F4C-B9FB-448E0FA649D2}C:\hry\quake 3 arena cd\quake3\quake3.exe] => (Allow) C:\hry\quake 3 arena cd\quake3\quake3.exe
FirewallRules: [UDP Query User{79F8FE35-D8A5-4B39-8938-15B46AAEFC7D}C:\hry\quake 3 arena cd\quake3\quake3.exe] => (Allow) C:\hry\quake 3 arena cd\quake3\quake3.exe
FirewallRules: [TCP Query User{7A1B505A-C6FC-428D-BBEE-5E3D365D2DA1}C:\hry\diablo 2\game.exe] => (Allow) C:\hry\diablo 2\game.exe
FirewallRules: [UDP Query User{73E526BB-F4E9-485C-BD07-F8ADB4333E86}C:\hry\diablo 2\game.exe] => (Allow) C:\hry\diablo 2\game.exe
FirewallRules: [TCP Query User{1011C605-86F7-4667-88B6-18A85220B8AE}C:\program files (x86)\unified remote 3\remoteserverwin.exe] => (Allow) C:\program files (x86)\unified remote 3\remoteserverwin.exe
FirewallRules: [UDP Query User{85854994-0DFD-4E15-8A4D-A64F73F22AC4}C:\program files (x86)\unified remote 3\remoteserverwin.exe] => (Allow) C:\program files (x86)\unified remote 3\remoteserverwin.exe
FirewallRules: [TCP Query User{7797A497-6FA4-4CA0-811F-C46000D91E58}C:\users\josif\downloads\utorrent\utorrent.exe] => (Allow) C:\users\josif\downloads\utorrent\utorrent.exe
FirewallRules: [UDP Query User{99AB3894-4B03-495C-8DFB-F8AF18872EFF}C:\users\josif\downloads\utorrent\utorrent.exe] => (Allow) C:\users\josif\downloads\utorrent\utorrent.exe
FirewallRules: [TCP Query User{67D22A15-70C2-4958-AD5B-AA7758FF2650}C:\program files (x86)\calibre\calibre.exe] => (Allow) C:\program files (x86)\calibre\calibre.exe
FirewallRules: [UDP Query User{13926728-5104-49A0-AF97-B9DB7C769C1B}C:\program files (x86)\calibre\calibre.exe] => (Allow) C:\program files (x86)\calibre\calibre.exe
FirewallRules: [TCP Query User{F8CBC091-C4BC-4FBD-A599-90715DC9641C}C:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe] => (Allow) C:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe
FirewallRules: [UDP Query User{88D7CE70-1EEF-4555-B789-8F6BCF345307}C:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe] => (Allow) C:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe
FirewallRules: [{4EE60D83-9082-4FCB-95C7-9369CC6FCDA7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{42C15CA9-09DF-4477-B364-A6A26E703384}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{C79A0DF6-7B47-4BEF-A6A7-4D87FF8C22C6}C:\programdata\visualon\browserpluginhelper\browserpluginhelper.exe] => (Allow) C:\programdata\visualon\browserpluginhelper\browserpluginhelper.exe
FirewallRules: [UDP Query User{DFA40CEC-5AF3-4515-9F43-E702DA23F30D}C:\programdata\visualon\browserpluginhelper\browserpluginhelper.exe] => (Allow) C:\programdata\visualon\browserpluginhelper\browserpluginhelper.exe
FirewallRules: [{69A247E7-EE0F-458A-AB2C-E53459F8936F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{4B4B62B8-00E7-4AB4-922C-B41F0671A8E6}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{D8B68319-F49E-4A4C-ABBC-3736B9D38F4A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{08D2BC6E-306C-49C9-8E9A-1AA3B5D4572F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{755E9391-E367-4C03-A40C-8F81122CFBF2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{6E2231D9-6E8B-4D69-A2EE-10AF3E308E5D}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{FE8EC7F2-A773-4399-901D-CFE5327DF2ED}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
==================== Restore Points =========================
21-10-2018 11:00:13 Windows Update
29-11-2018 19:08:38 Naplánovaný kontrolní bod
06-12-2018 20:47:31 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/17/2018 11:19:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.3.9600.18460 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 2a80
Čas spuštění: 01d496293a2c5b1e
Čas ukončení: 4294967295
Cesta k aplikaci: C:\WINDOWS\Explorer.EXE
ID hlášení: cf2a29a4-0249-11e9-be99-543530c046e4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/16/2018 10:59:34 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Proces přihlášení do systému Windows byl neočekávaně ukončen.
Error: (12/16/2018 10:59:33 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Proces přihlášení do systému Windows byl neočekávaně ukončen.
Error: (12/12/2018 11:13:51 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Proces přihlášení do systému Windows byl neočekávaně ukončen.
Error: (12/12/2018 07:09:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 62.0.0.6816 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 2d44
Čas spuštění: 01d49245b4801b76
Čas ukončení: 0
Cesta k aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe
ID hlášení: fca23c03-fe38-11e8-be99-543530c046e4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/12/2018 12:13:36 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Proces přihlášení do systému Windows byl neočekávaně ukončen.
Error: (12/10/2018 11:33:27 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Proces přihlášení do systému Windows byl neočekávaně ukončen.
Error: (12/09/2018 11:07:52 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Proces přihlášení do systému Windows byl neočekávaně ukončen.
System errors:
=============
Error: (12/12/2018 09:07:52 PM) (Source: DCOM) (EventID: 10010) (User: kAcer)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/11/2018 08:55:52 PM) (Source: DCOM) (EventID: 10010) (User: kAcer)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/11/2018 08:55:22 PM) (Source: DCOM) (EventID: 10010) (User: kAcer)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/10/2018 07:04:50 PM) (Source: DCOM) (EventID: 10010) (User: kAcer)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/09/2018 04:56:13 PM) (Source: DCOM) (EventID: 10010) (User: kAcer)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/09/2018 04:55:43 PM) (Source: DCOM) (EventID: 10010) (User: kAcer)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/06/2018 08:47:27 PM) (Source: DCOM) (EventID: 10010) (User: kAcer)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/06/2018 08:46:56 PM) (Source: DCOM) (EventID: 10010) (User: kAcer)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===================================
Date: 2018-04-29 17:52:49.276
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-04-29 17:52:48.995
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-04-29 17:52:48.713
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-04-29 17:52:48.432
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-04-29 17:52:48.151
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-04-29 17:52:47.870
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-04-29 17:52:47.573
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-04-29 17:52:47.292
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 69%
Total physical RAM: 3985.27 MB
Available physical RAM: 1222.81 MB
Total Virtual: 7636.68 MB
Available Virtual: 3584.59 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:451.25 GB) (Free:22.94 GB) NTFS
\\?\Volume{5d9ae4cc-e271-4d95-9e93-ba1e4c66a998}\ (Recovery) (Fixed) (Total:0.39 GB) (Free:0.13 GB) NTFS
\\?\Volume{b0fab90d-bce1-46ff-9796-e7bfef6e8020}\ () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS
\\?\Volume{80ace1a5-8e79-4e39-98a2-ba5ac4a4fb5c}\ (Push Button Reset) (Fixed) (Total:13.26 GB) (Free:1.84 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: D9EBC07E)
Partition: GPT.
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.12.2018
Ran by admin (administrator) on KACER (18-12-2018 22:13:54)
Running from C:\Users\Josif\Desktop
Loaded Profiles: Petr & admin & UpdatusUser (Available Profiles: Petr & admin & UpdatusUser & Administrator & Guest)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (IvoSoft)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-08-12] (AVAST Software)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2014-03-19] (Dritek System Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3750208 2018-08-28] (Dropbox, Inc.)
HKLM\...\RunOnce: [*Restore] => C:\WINDOWS\System32\rstrui.exe [273920 2014-11-21] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [CoreTemp.{2CB63EF0-592C-401B-81E1-1264D2A22854}] => "C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{2CB63EF0-592C-401B-81E1-1264D2A22854}\NVI2.DLL",Resume C:\Program Files\NVIDIA Corporation\Installer2\insta (the data entry has 53 more characters).
HKLM-x32\...\RunOnce: [CoreTemp.{EF5B3817-1E38-4C69-9C33-65B9A250057F}] => "C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{EF5B3817-1E38-4C69-9C33-65B9A250057F}\NVI2.DLL",Resume C:\Program Files\NVIDIA Corporation\Installer2\insta (the data entry has 53 more characters).
HKLM-x32\...\RunOnce: [{6095CEB1-C07E-4EA7-9ADC-333B6E617B46}] => cmd.exe /C start /D "C:\Users\admin\AppData\Local\Temp\{6095CEB1-C07E-4EA7-9ADC-333B6E617B46}" /B {AE5912C9-0D68-430C-A415-46D1F7B38CA7}.exe -accepteula -accepteulaksn -postboot <==== ATTENTION
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] (Qualcomm Atheros Commnucations)
HKU\S-1-5-21-3756156275-3785935927-1959247443-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-11] (Piriform Ltd)
HKU\S-1-5-21-3756156275-3785935927-1959247443-1006\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-11] (Piriform Ltd)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{18F933EA-C684-4CB7-9067-3C5A1AB5690E}: [DhcpNameServer] 79.98.72.27 8.8.8.8
Tcpip\..\Interfaces\{720AE84B-BA74-48BA-8156-B1A41B32200C}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-3756156275-3785935927-1959247443-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/
HKU\S-1-5-21-3756156275-3785935927-1959247443-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-3756156275-3785935927-1959247443-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/
HKU\S-1-5-21-3756156275-3785935927-1959247443-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
URLSearchHook: [S-1-5-21-3756156275-3785935927-1959247443-1011] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\S-1-5-21-3756156275-3785935927-1959247443-1002 -> DefaultScope {8C17FCBB-C3EF-4060-8D6F-B462874A4EDA} URL =
SearchScopes: HKU\S-1-5-21-3756156275-3785935927-1959247443-1002 -> {8C17FCBB-C3EF-4060-8D6F-B462874A4EDA} URL =
SearchScopes: HKU\S-1-5-21-3756156275-3785935927-1959247443-1006 -> DefaultScope {8C17FCBB-C3EF-4060-8D6F-B462874A4EDA} URL =
SearchScopes: HKU\S-1-5-21-3756156275-3785935927-1959247443-1006 -> {8C17FCBB-C3EF-4060-8D6F-B462874A4EDA} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-25] (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-05-14] (AVAST Software)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-05-14] (AVAST Software)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
FireFox:
========
FF DefaultProfile: F861DC2F.default
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\F861DC2F.default [2018-12-12]
FF Extension: (Avast Online Security) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\F861DC2F.default\Extensions\wrc@avast.com.xpi [2018-08-12]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files\Acer ProShield\FFExt20 => not found
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3756156275-3785935927-1959247443-1006: @lingea.com/x-lingea-translate -> C:\Program Files (x86)\Common Files\Lingea Shared\LG_Mozilla.dll [2014-04-18] (Lingea s.r.o.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ligocpecgmjonmijmlompafnhnpgjccd] - C:\Program Files (x86)\Lingea\Lexicon5\syst\LG_Chrome.crx [2014-04-18]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-08-12] (AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-12] (AVAST Software)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-21] (Broadcom Corp.) [File not signed]
S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-08] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-08] (Dropbox, Inc.)
S3 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-08-28] (Dropbox, Inc.)
R3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [237920 2012-06-22] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2014-03-19] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-11-08] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-11-08] (Microsoft Corporation)
S2 NewServiceInstall1; "C:\Program Files (x86)\SDL International\T2007\TT\Lng\Dialogs1031.lng" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [197160 2018-08-12] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229392 2018-08-12] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201328 2018-08-12] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-08-12] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59592 2018-08-12] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239680 2018-08-12] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-08-12] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159640 2018-08-12] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111872 2018-08-12] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-08-12] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027728 2018-08-12] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465640 2018-08-24] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [211160 2018-08-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381584 2018-08-12] (AVAST Software)
S3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [106112 2012-06-22] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2014-03-19] (Dritek System Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12528 2018-09-24] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-11-08] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-11-08] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-11-08] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-12-18 22:03 - 2018-12-18 22:04 - 000032158 _____ C:\Users\Josif\Desktop\Addition.txt
2018-12-18 22:01 - 2018-12-18 22:14 - 000019945 _____ C:\Users\Josif\Desktop\FRST.txt
2018-12-18 22:01 - 2018-12-18 22:13 - 000000000 ____D C:\FRST
2018-12-18 22:00 - 2018-12-18 22:00 - 002417152 _____ (Farbar) C:\Users\Josif\Desktop\FRST64.exe
2018-12-18 21:46 - 2018-12-18 21:54 - 838848651 _____ C:\Users\Josif\Downloads\Vikings.S05E13.720p.HDTV.x264-AVS.mkv
2018-12-18 21:45 - 2018-12-18 21:45 - 000028801 _____ C:\Users\Josif\Downloads\Vikings-5x13.zip
2018-12-12 22:28 - 2018-12-12 22:28 - 000000000 ____D C:\Users\Josif\Desktop\Původní data aplikace Firefox
2018-12-12 18:19 - 2018-12-12 18:19 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\32374371.sys
2018-12-11 20:50 - 2018-12-11 21:03 - 1949414008 _____ C:\Users\Josif\Downloads\Spojenci (2016) CZ dabing.mkv
2018-12-09 20:20 - 2018-12-09 20:22 - 156776480 _____ C:\Users\Josif\Downloads\The.Big.Bang.Theory.S12E10.HDTV.x264-SVA.mkv
2018-12-09 20:20 - 2018-12-09 20:20 - 000022748 _____ C:\Users\Josif\Downloads\The.Big.Bang.Theory.S12E10.zip
2018-12-09 20:03 - 2018-12-09 20:10 - 726545156 _____ C:\Users\Josif\Downloads\Vikings.S05E12.Murder.Most.Foul.720p.AMZN.WEB-DL.DDP5.1.H.264-MZABI.mkv
2018-12-09 19:57 - 2018-12-09 20:04 - 847797935 _____ C:\Users\Josif\Downloads\vikings.s05e11.720p.web.h264-convoy.mkv
2018-12-09 19:56 - 2018-12-09 19:56 - 000028884 _____ C:\Users\Josif\Downloads\Vikings-5x12.zip
2018-12-09 19:56 - 2018-12-09 19:56 - 000014530 _____ C:\Users\Josif\Downloads\Vikings-5x11.zip
2018-12-09 18:10 - 2018-12-09 18:10 - 008918119 _____ C:\Users\Josif\Downloads\nemesis-deck-game.pdf
2018-12-09 18:09 - 2018-12-09 18:10 - 055677157 _____ C:\Users\Josif\Downloads\nemesis-wallpapers(1).zip
2018-11-25 14:44 - 2018-11-25 14:51 - 207807728 _____ C:\Users\Josif\Downloads\disenchantment.s01e09.web.x264-strife.mkv
2018-11-25 14:44 - 2018-11-25 14:51 - 205659110 _____ C:\Users\Josif\Downloads\disenchantment.s01e10.web.x264-strife.mkv
2018-11-25 14:43 - 2018-11-25 14:56 - 231392468 _____ C:\Users\Josif\Downloads\disenchantment.s01e05.web.x264-strife.mkv
2018-11-25 14:43 - 2018-11-25 14:56 - 191334631 _____ C:\Users\Josif\Downloads\disenchantment.s01e04.web.x264-strife.mkv
2018-11-25 14:43 - 2018-11-25 14:52 - 327561517 _____ C:\Users\Josif\Downloads\disenchantment.s01e08.web.x264-strife.mkv
2018-11-25 14:43 - 2018-11-25 14:52 - 287226540 _____ C:\Users\Josif\Downloads\disenchantment.s01e07.web.x264-strife.mkv
2018-11-25 14:43 - 2018-11-25 14:52 - 221440127 _____ C:\Users\Josif\Downloads\disenchantment.s01e06.web.x264-strife.mkv
2018-11-25 14:37 - 2018-11-25 14:47 - 230119183 _____ C:\Users\Josif\Downloads\disenchantment.s01e02.web.x264-strife.mkv
2018-11-25 14:37 - 2018-11-25 14:40 - 275529901 _____ C:\Users\Josif\Downloads\disenchantment.s01e03.web.x264-strife.mkv
2018-11-25 14:37 - 2018-11-25 14:37 - 000140445 _____ C:\Users\Josif\Downloads\disenchantment-subtitles-cz-1.zip
2018-11-25 14:36 - 2018-11-25 14:42 - 351433096 _____ C:\Users\Josif\Downloads\disenchantment.s01e01.web.x264-strife.mkv
2018-11-25 14:35 - 2018-11-25 14:35 - 000013902 _____ C:\Users\Josif\Downloads\disenchantment.s01e01.web.x264-strife.zip
2018-11-22 22:33 - 2018-12-12 19:53 - 000001632 _____ C:\Users\Josif\Desktop\fcb.txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-12-18 22:05 - 2017-11-08 18:12 - 000000000 ____D C:\Users\Josif\AppData\Local\ClassicShell
2018-12-18 21:37 - 2017-11-08 18:12 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3756156275-3785935927-1959247443-1002
2018-12-18 21:34 - 2017-11-08 18:34 - 000000000 ____D C:\Users\Josif\AppData\LocalLow\Mozilla
2018-12-17 17:58 - 2017-11-08 18:33 - 000000952 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-12-17 17:58 - 2017-11-08 18:33 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-12-12 22:49 - 2017-11-08 18:59 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-12-12 22:48 - 2017-11-08 19:00 - 000004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-12-12 22:38 - 2017-11-08 18:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-12-12 18:58 - 2018-09-16 20:44 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-12-12 18:19 - 2018-09-16 20:44 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2018-12-09 20:06 - 2014-11-21 05:53 - 001739092 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-09 20:06 - 2014-11-21 05:10 - 000734510 _____ C:\WINDOWS\system32\perfh005.dat
2018-12-09 20:06 - 2014-11-21 05:10 - 000148820 _____ C:\WINDOWS\system32\perfc005.dat
2018-12-09 20:06 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2018-12-09 18:38 - 2014-11-08 20:32 - 000000000 ____D C:\Ultima Online 2D
2018-11-29 21:53 - 2017-06-13 23:55 - 000000000 ____D C:\Users\Josif\Desktop\txt
==================== Files in the root of some directories =======
2018-01-02 08:26 - 2018-01-02 08:26 - 000000096 _____ () C:\Users\admin\AppData\Roaming\version2.xml
2017-11-08 13:13 - 2017-11-08 13:13 - 000013642 _____ () C:\Users\admin\AppData\Local\HWVendorDetection.log
2018-03-04 10:15 - 2018-10-14 18:29 - 000007600 _____ () C:\Users\admin\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-11-29 18:12
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.12.2018
Ran by admin (18-12-2018 22:14:34)
Running from C:\Users\Josif\Desktop
Windows 8.1 (Update) (X64) (2017-11-08 16:36:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
admin (S-1-5-21-3756156275-3785935927-1959247443-1006 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-3756156275-3785935927-1959247443-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-3756156275-3785935927-1959247443-501 - Limited - Disabled) => C:\Users\Guest
Petr (S-1-5-21-3756156275-3785935927-1959247443-1002 - Limited - Enabled) => C:\Users\Josif
UpdatusUser (S-1-5-21-3756156275-3785935927-1959247443-1011 - Limited - Enabled) => C:\Users\UpdatusUser.kAcer
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer Registration (HKLM\...\{64E785C9-B1F9-4889-B199-5FFC69224C60}) (Version: 2.00.3006 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20064 - Adobe Systems Incorporated)
Aktualizace NVIDIA 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation)
calibre 64bit (HKLM\...\{3E7334AB-3B64-4CD0-8DAC-817FF56AED7E}) (Version: 3.12.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Diablo II CZ verze 1.13c (HKLM-x32\...\{F380060E-D8AC-4823-91B8-71B9054C8DD2}_is1) (Version: 1.13c - )
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 56.4.94 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
ETDWare PS/2-X64 11.6.16.003_WHQL (HKLM\...\Elantech) (Version: 11.6.16.003 - ELAN Microelectronic Corp.)
FOTOLAB CEWE fotosvet (HKLM-x32\...\FOTOLAB CEWE fotosvet) (Version: 6.3.5 - CEWE Stiftung u Co. KGaA)
GIMP 2.10.6 (HKLM\...\GIMP-2_is1) (Version: 2.10.6 - The GIMP Team)
Hero Editor V1.04 (HKLM-x32\...\ST6UNST #1) (Version: - )
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.12 - PandoraTV)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.)
Lingea Lexicon 5 (HKLM-x32\...\Lexicon5) (Version: - Lingea s.r.o.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3006 - Acer Incorporated)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
MKVToolNix 26.0.0 (32-bit) (HKLM-x32\...\MKVToolNix) (Version: 26.0.0 - Moritz Bunkus)
Mortal Kombat Komplete Edition (HKLM-x32\...\Mortal Kombat Komplete Edition_is1) (Version: - Warner Bros. Interactive Entertainment)
Mozilla Firefox 64.0 (x64 cs) (HKLM\...\Mozilla Firefox 64.0 (x64 cs)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0 - Mozilla)
NVIDIA Ovladače grafiky 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
Ovládací panel NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
QIP 2012 4.0.9340 (HKU\S-1-5-21-3756156275-3785935927-1959247443-1006\...\QIP 2012) (Version: 4.0.9340 - )
QIP Internet Guardian (HKU\S-1-5-21-3756156275-3785935927-1959247443-1006\...\QipGuard) (Version: - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.39 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
SDLX (HKLM-x32\...\{36E71ED6-AC20-4AED-8C51-0030EE7FB55B}) (Version: 9.2.7035 - SDL International) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1240 - SUPERAntiSpyware.com)
This War of Mine - Anniversary Edition verze 3.0.2 (HKLM-x32\...\{33C6B10A-EE07-4AFB-8545-ED50AA95D5F4}_is1) (Version: 3.0.2 - )
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.10 - Ghisler Software GmbH)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.6.0 - Unified Intents AB)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3756156275-3785935927-1959247443-1006_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-12] (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2013-01-25] (Qualcomm Atheros Commnucations)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-12] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-12] (AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2013-01-25] (Qualcomm Atheros Commnucations)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-08-27] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-12] (AVAST Software)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2017-08-13] (IvoSoft)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {070B4985-F4EE-45D0-9FA8-6CB3531804C3} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Josif\Downloads\adwcleaner_7.1.0.0.exe
Task: {15D3F501-5B7F-4EE0-B7DB-27E9A4586673} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {33A1D1E4-2CB9-4359-AE24-612ADBB0FA45} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-11-06] ()
Task: {34A81390-DE1B-47A6-B6CB-937507BB1F21} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-23] (AVAST Software)
Task: {4AD294E0-02BD-40D8-8292-3F88942845F6} - System32\Tasks\ALU_SelfUpgrade => C:\ProgramData\Acer\updater2\Download\52971980\D\UpgradeDownload.exe [2017-11-08] ()
Task: {659E9D8E-172D-450B-9754-DED4217658D7} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-21] ()
Task: {856A26E0-E402-45A1-8D3C-7B55EE1EC84D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-11] (Piriform Ltd)
Task: {896ABBD2-E3CB-44C7-B153-B8A73C257CEB} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-24] (Acer Incorporated)
Task: {A8933FD3-5600-4CB4-B885-0B6BD2584CA6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-11] (Piriform Ltd)
Task: {BDFB6F68-F204-4CB2-B98E-0313138CF8B2} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {CAC7A49E-A40C-4675-9177-5652B9709786} - System32\Tasks\GREGTask => C:\Program Files\Acer\Acer Registration\GREGLauncher.exe [2013-01-12] ()
Task: {D0FD853F-81ED-4B91-B1BB-5C97641F2EA0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {D6304E69-1A30-4637-A4AB-A76B2C141AD9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-09-16] (AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\admin\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com
==================== Loaded Modules (Whitelisted) ==============
2018-02-11 22:52 - 2016-12-29 14:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-01-25 08:09 - 2013-01-25 08:09 - 000011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-25 08:05 - 2013-01-25 08:05 - 000084992 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-25 08:12 - 2013-01-25 08:12 - 000012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-03-19 04:13 - 2012-06-25 18:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2018-04-29 11:30 - 2018-04-29 11:30 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-08-12 11:10 - 2018-08-12 11:10 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-08-12 11:09 - 2018-08-12 11:09 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\90140185.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\90140185.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-3756156275-3785935927-1959247443-1002\...\kmpmedia.net -> hxxp://player.kmpmedia.net
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2018-11-16 19:06 - 000000937 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 player.kmpmedia.net
127.0.0.1 log.kmplayer.com
127.0.0.1 cdn.kmplayer.com
127.0.0.1 cdn.pandora.tv
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3756156275-3785935927-1959247443-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img5.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-3756156275-3785935927-1959247443-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3756156275-3785935927-1959247443-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3756156275-3785935927-1959247443-1006\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3756156275-3785935927-1959247443-1006\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{769925D5-E3C3-4CD4-8266-41A8DC4DFB70}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D325BFF2-FB1C-4CA8-867F-C6AC1334DE9A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0C862F16-214D-460A-AAEE-429FFC4FEDC4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6468313F-6959-4FF0-A4AF-031D0E3BE06A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{205D23FA-7B3D-4688-8EBA-08841686D0D9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{2F5D34DB-71FA-4CBA-A117-B8F8BD5FDE46}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{EE4CAB8E-2764-4BBF-A06A-B5124E187219}C:\ultima online 2d\injection\uoam\uoam.exe] => (Allow) C:\ultima online 2d\injection\uoam\uoam.exe
FirewallRules: [UDP Query User{0B973455-A25B-407C-B02F-DD411A0E0E56}C:\ultima online 2d\injection\uoam\uoam.exe] => (Allow) C:\ultima online 2d\injection\uoam\uoam.exe
FirewallRules: [TCP Query User{07E3D6DD-31F6-4076-B761-E27D3895D38B}C:\program files (x86)\qip 2012\qip.exe] => (Allow) C:\program files (x86)\qip 2012\qip.exe
FirewallRules: [UDP Query User{19EDDA98-65F8-4810-91E0-CED5B159EF3A}C:\program files (x86)\qip 2012\qip.exe] => (Allow) C:\program files (x86)\qip 2012\qip.exe
FirewallRules: [TCP Query User{9C4F7783-F4B5-4BEC-AFC7-CA08EC0EFB74}C:\hry\openlierox\openlierox.exe] => (Block) C:\hry\openlierox\openlierox.exe
FirewallRules: [UDP Query User{9EA294C7-1311-4932-B28F-B17AB8129F3A}C:\hry\openlierox\openlierox.exe] => (Block) C:\hry\openlierox\openlierox.exe
FirewallRules: [TCP Query User{257FF1AE-1DA4-4F4C-B9FB-448E0FA649D2}C:\hry\quake 3 arena cd\quake3\quake3.exe] => (Allow) C:\hry\quake 3 arena cd\quake3\quake3.exe
FirewallRules: [UDP Query User{79F8FE35-D8A5-4B39-8938-15B46AAEFC7D}C:\hry\quake 3 arena cd\quake3\quake3.exe] => (Allow) C:\hry\quake 3 arena cd\quake3\quake3.exe
FirewallRules: [TCP Query User{7A1B505A-C6FC-428D-BBEE-5E3D365D2DA1}C:\hry\diablo 2\game.exe] => (Allow) C:\hry\diablo 2\game.exe
FirewallRules: [UDP Query User{73E526BB-F4E9-485C-BD07-F8ADB4333E86}C:\hry\diablo 2\game.exe] => (Allow) C:\hry\diablo 2\game.exe
FirewallRules: [TCP Query User{1011C605-86F7-4667-88B6-18A85220B8AE}C:\program files (x86)\unified remote 3\remoteserverwin.exe] => (Allow) C:\program files (x86)\unified remote 3\remoteserverwin.exe
FirewallRules: [UDP Query User{85854994-0DFD-4E15-8A4D-A64F73F22AC4}C:\program files (x86)\unified remote 3\remoteserverwin.exe] => (Allow) C:\program files (x86)\unified remote 3\remoteserverwin.exe
FirewallRules: [TCP Query User{7797A497-6FA4-4CA0-811F-C46000D91E58}C:\users\josif\downloads\utorrent\utorrent.exe] => (Allow) C:\users\josif\downloads\utorrent\utorrent.exe
FirewallRules: [UDP Query User{99AB3894-4B03-495C-8DFB-F8AF18872EFF}C:\users\josif\downloads\utorrent\utorrent.exe] => (Allow) C:\users\josif\downloads\utorrent\utorrent.exe
FirewallRules: [TCP Query User{67D22A15-70C2-4958-AD5B-AA7758FF2650}C:\program files (x86)\calibre\calibre.exe] => (Allow) C:\program files (x86)\calibre\calibre.exe
FirewallRules: [UDP Query User{13926728-5104-49A0-AF97-B9DB7C769C1B}C:\program files (x86)\calibre\calibre.exe] => (Allow) C:\program files (x86)\calibre\calibre.exe
FirewallRules: [TCP Query User{F8CBC091-C4BC-4FBD-A599-90715DC9641C}C:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe] => (Allow) C:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe
FirewallRules: [UDP Query User{88D7CE70-1EEF-4555-B789-8F6BCF345307}C:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe] => (Allow) C:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe
FirewallRules: [{4EE60D83-9082-4FCB-95C7-9369CC6FCDA7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{42C15CA9-09DF-4477-B364-A6A26E703384}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{C79A0DF6-7B47-4BEF-A6A7-4D87FF8C22C6}C:\programdata\visualon\browserpluginhelper\browserpluginhelper.exe] => (Allow) C:\programdata\visualon\browserpluginhelper\browserpluginhelper.exe
FirewallRules: [UDP Query User{DFA40CEC-5AF3-4515-9F43-E702DA23F30D}C:\programdata\visualon\browserpluginhelper\browserpluginhelper.exe] => (Allow) C:\programdata\visualon\browserpluginhelper\browserpluginhelper.exe
FirewallRules: [{69A247E7-EE0F-458A-AB2C-E53459F8936F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{4B4B62B8-00E7-4AB4-922C-B41F0671A8E6}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{D8B68319-F49E-4A4C-ABBC-3736B9D38F4A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{08D2BC6E-306C-49C9-8E9A-1AA3B5D4572F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{755E9391-E367-4C03-A40C-8F81122CFBF2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{6E2231D9-6E8B-4D69-A2EE-10AF3E308E5D}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{FE8EC7F2-A773-4399-901D-CFE5327DF2ED}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
==================== Restore Points =========================
21-10-2018 11:00:13 Windows Update
29-11-2018 19:08:38 Naplánovaný kontrolní bod
06-12-2018 20:47:31 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/17/2018 11:19:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.3.9600.18460 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 2a80
Čas spuštění: 01d496293a2c5b1e
Čas ukončení: 4294967295
Cesta k aplikaci: C:\WINDOWS\Explorer.EXE
ID hlášení: cf2a29a4-0249-11e9-be99-543530c046e4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/16/2018 10:59:34 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Proces přihlášení do systému Windows byl neočekávaně ukončen.
Error: (12/16/2018 10:59:33 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Proces přihlášení do systému Windows byl neočekávaně ukončen.
Error: (12/12/2018 11:13:51 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Proces přihlášení do systému Windows byl neočekávaně ukončen.
Error: (12/12/2018 07:09:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 62.0.0.6816 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 2d44
Čas spuštění: 01d49245b4801b76
Čas ukončení: 0
Cesta k aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe
ID hlášení: fca23c03-fe38-11e8-be99-543530c046e4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/12/2018 12:13:36 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Proces přihlášení do systému Windows byl neočekávaně ukončen.
Error: (12/10/2018 11:33:27 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Proces přihlášení do systému Windows byl neočekávaně ukončen.
Error: (12/09/2018 11:07:52 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Proces přihlášení do systému Windows byl neočekávaně ukončen.
System errors:
=============
Error: (12/12/2018 09:07:52 PM) (Source: DCOM) (EventID: 10010) (User: kAcer)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/11/2018 08:55:52 PM) (Source: DCOM) (EventID: 10010) (User: kAcer)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/11/2018 08:55:22 PM) (Source: DCOM) (EventID: 10010) (User: kAcer)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/10/2018 07:04:50 PM) (Source: DCOM) (EventID: 10010) (User: kAcer)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/09/2018 04:56:13 PM) (Source: DCOM) (EventID: 10010) (User: kAcer)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/09/2018 04:55:43 PM) (Source: DCOM) (EventID: 10010) (User: kAcer)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/06/2018 08:47:27 PM) (Source: DCOM) (EventID: 10010) (User: kAcer)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/06/2018 08:46:56 PM) (Source: DCOM) (EventID: 10010) (User: kAcer)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===================================
Date: 2018-04-29 17:52:49.276
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-04-29 17:52:48.995
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-04-29 17:52:48.713
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-04-29 17:52:48.432
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-04-29 17:52:48.151
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-04-29 17:52:47.870
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-04-29 17:52:47.573
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-04-29 17:52:47.292
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 69%
Total physical RAM: 3985.27 MB
Available physical RAM: 1222.81 MB
Total Virtual: 7636.68 MB
Available Virtual: 3584.59 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:451.25 GB) (Free:22.94 GB) NTFS
\\?\Volume{5d9ae4cc-e271-4d95-9e93-ba1e4c66a998}\ (Recovery) (Fixed) (Total:0.39 GB) (Free:0.13 GB) NTFS
\\?\Volume{b0fab90d-bce1-46ff-9796-e7bfef6e8020}\ () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS
\\?\Volume{80ace1a5-8e79-4e39-98a2-ba5ac4a4fb5c}\ (Push Button Reset) (Fixed) (Total:13.26 GB) (Free:1.84 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: D9EBC07E)
Partition: GPT.
==================== End of Addition.txt ============================
Stiahni AdwCleaner: