Prosím o kontrolu logu
Napsal: 15 led 2020 12:41
Zdravim,
ked otvorim prehliadac Firefox alebo Chrome, tak mi zacne vyskakovat okno , aby som zadal udaje na Pay pal , neovladam kurzor a stale to prehadzuje, ako keby s tym niekto pracoval . Dalej sa mi zobrazi dialogove okno na ploche a vyziva ma na zadanie udajov ,, okno sa vola,, Hecker,, , musel som stiahnut daku haved .
Dakujem za pomoc !!!
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-01-2020
Ran by Kamil (administrator) on KAMIL-PC (Gigabyte Technology Co., Ltd. GA-990XA-UD3) (15-01-2020 12:25:31)
Running from C:\Users\Kamil\Desktop
Loaded Profiles: Kamil (Available Profiles: Kamil)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\ProgramData\wininit.exe
() [File not signed] C:\Users\Kamil\AppData\Local\Temp\70.exe
() [File not signed] C:\Users\Kamil\AppData\Local\Temp\command.exe
() [File not signed] C:\Users\Kamil\AppData\Local\Temp\Driver.exe
() [File not signed] C:\Users\Kamil\AppData\Local\Temp\chrome..exe
() [File not signed] C:\Users\Kamil\AppData\Local\Temp\Microsoft\svchost.exe
() [File not signed] C:\Users\Kamil\AppData\Local\Temp\Secript.exe
() [File not signed] C:\Users\Kamil\AppData\Local\Temp\server.exe
() [File not signed] C:\Users\Kamil\AppData\Local\Temp\sovx.exe
() [File not signed] C:\Users\Kamil\AppData\Local\Temp\System64.exe
() [File not signed] C:\Users\Kamil\AppData\Local\Temp\tmpC0B2.tmp.exe
() [File not signed] C:\Users\Kamil\AppData\Roaming\explorer.exe
() [File not signed] C:\Users\Kamil\AppData\Roaming\svchost.exe
() [File not signed] C:\Users\Kamil\AppData\Roaming\system32.exe
() [File not signed] C:\Users\Kamil\svchost.exe
() [File not signed] C:\Users\Kamil\system.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKiller.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\AdminService.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\AthBtTray.exe
(Atheros Communications Inc. -> Atheros Communications) [File not signed] C:\Program Files\Bluetooth Suite\BtvStack.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) C:\Program Files\Dolby Home Theater v4\pcee4.exe
(Duality Software) [File not signed] C:\Program Files\DS Clock\dsclock.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(Hagel Technologies Ltd -> Hagel Technologies Ltd) [File not signed] C:\Program Files\DU Meter\DUMeterSvc.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\Kamil\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Nokia -> Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics) [File not signed] C:\ProgramData\Synaptics\Synaptics.exe
(word file) [File not signed] C:\Users\Kamil\AppData\Local\Temp\Client.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10807912 2011-08-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1571432 2011-08-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Dolby Home Theater v4] => C:\Program Files\Dolby Home Theater v4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [8424898cc4c927994d288319a361b825] => "C:\Users\Kamil\AppData\Roaming\skype.exe" ..
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AtherosBtStack] => C:\Program Files\Bluetooth Suite\BtvStack.exe [490656 2011-03-01] (Atheros Communications Inc. -> Atheros Communications) [File not signed]
HKLM\...\Run: [AthBtTray] => C:\Program Files\Bluetooth Suite\AthBtTray.exe [302240 2011-03-01] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
HKLM\...\Run: [windows] => wscript.exe //B "C:\Users\Kamil\AppData\Roaming\windows.vbs"
HKLM\...\Run: [1998035b685796d01f79197bd5bee7fb] => C:\Users\Kamil\AppData\Local\Temp\chrome..exe .. [24064 2019-12-28] () [File not signed] <==== ATTENTION
HKLM\...\Run: [2c7998d77330dbd296a15992ba62701a] => C:\Users\Kamil\AppData\Roaming\explorer.exe .. [24064 2019-12-28] () [File not signed] <==== ATTENTION
HKLM\...\Run: [3faffb3040aea7f7d7747271c38ce627] => C:\Users\Kamil\AppData\Roaming\svchost.exe .. [471040 2019-09-12] () [File not signed] <==== ATTENTION
HKLM\...\Run: [3933254291d429c757f15b8b22ecccf6] => C:\Users\Kamil\AppData\Roaming\system32.exe .. [24064 2019-12-17] () [File not signed]
HKLM\...\Run: [tmp79D8] => wscript.exe //B "C:\Users\Kamil\AppData\Local\Temp\tmp79D8.tmp.vbs" <==== ATTENTION
HKLM\...\Run: [8914f0ae732a4b8ccda2a57450603ccd] => C:\Users\Kamil\AppData\Local\Temp\70.exe .. [37888 2019-12-19] () [File not signed] <==== ATTENTION
HKLM\...\Run: [tmp3AEC] => wscript.exe //B "C:\Users\Kamil\AppData\Local\Temp\tmp3AEC.tmp.vbs" <==== ATTENTION
HKLM\...\Run: [tmp5169] => wscript.exe //B "C:\Users\Kamil\AppData\Local\Temp\tmp5169.tmp.vbs" <==== ATTENTION
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Run: [d620e348213b3bb3ba0246f26b9e96bc] => C:\Users\Kamil\AppData\Local\Temp\server.exe .. [24064 2020-01-08] () [File not signed] <==== ATTENTION
HKLM\...\Run: [85a1b87c506616a2e533f865475870fe] => C:\Users\Kamil\AppData\Local\Temp\Driver.exe .. [24064 2020-01-08] () [File not signed] <==== ATTENTION
HKLM\...\Run: [5395d531b1a96d36e1aed6f156c1abfc] => C:\Users\Kamil\AppData\Local\Temp\command.exe .. [24064 2020-01-08] () [File not signed] <==== ATTENTION
HKLM\...\Run: [270bc2a14df607672c960a7955ac47ec] => C:\Users\Kamil\AppData\Local\Temp\System64.exe .. [92160 2020-01-15] () [File not signed] <==== ATTENTION
HKLM\...\Run: [tmp7796] => wscript.exe //B "C:\Users\Kamil\AppData\Local\Temp\tmp7796.tmp.vbs" <==== ATTENTION
HKLM\...\Run: [tmp44A5] => wscript.exe //B "C:\Users\Kamil\AppData\Local\Temp\tmp44A5.tmp.vbs" <==== ATTENTION
HKLM\...\Run: [ef68944d54e8b4aa938a84cf943af21e] => C:\Users\Kamil\AppData\Local\Temp\sovx.exe .. [24064 2020-01-12] () [File not signed] <==== ATTENTION
HKLM\...\Run: [2d719acf32f95a0babd6cce10e7d02bd] => C:\ProgramData\wininit.exe .. [74240 2020-01-13] () [File not signed] <==== ATTENTION
HKLM\...\Run: [954275c2a385362432d4f13360ed1ff4] => C:\Users\Kamil\system.exe .. [85504 2020-01-13] () [File not signed] <==== ATTENTION
HKLM\...\Run: [1026470df5385af8d83ee7e2514c8469] => C:\Users\Kamil\AppData\Local\Temp\tmpC0B2.tmp.exe .. [45568 2020-01-13] () [File not signed] <==== ATTENTION
HKLM\...\Run: [cebb308efb152afa9b7e187490cc3a9a] => C:\Users\Kamil\svchost.exe .. [85504 2020-01-13] () [File not signed] <==== ATTENTION
HKLM\...\Run: [b79c121d18108351cf2b69076b3385be] => C:\Users\Kamil\AppData\Local\Temp\Secript.exe .. [119808 2020-01-13] () [File not signed] <==== ATTENTION
HKLM\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start hxxp://www.avg.sk/sk.special-uninstallation-fe ... sxLVRSTTMy (the data entry has 68 more characters).
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [DS Clock] => C:\Program Files\DS Clock\dsclock.exe [323584 2003-06-06] (Duality Software) [File not signed]
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [] => [X]
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [BingSvc] => C:\Users\Kamil\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [8424898cc4c927994d288319a361b825] => "C:\Users\Kamil\AppData\Roaming\skype.exe" ..
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia -> Nokia)
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [windows] => wscript.exe //B "C:\Users\Kamil\AppData\Roaming\windows.vbs" <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [1998035b685796d01f79197bd5bee7fb] => C:\Users\Kamil\AppData\Local\Temp\chrome..exe .. [24064 2019-12-28] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [2c7998d77330dbd296a15992ba62701a] => C:\Users\Kamil\AppData\Roaming\explorer.exe .. [24064 2019-12-28] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [3faffb3040aea7f7d7747271c38ce627] => C:\Users\Kamil\AppData\Roaming\svchost.exe .. [471040 2019-09-12] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [Synaptics Pointing Device Driver] => C:\ProgramData\Synaptics\Synaptics.exe [771584 2019-09-19] (Synaptics) [File not signed]
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [3933254291d429c757f15b8b22ecccf6] => C:\Users\Kamil\AppData\Roaming\system32.exe .. [24064 2019-12-17] () [File not signed]
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [Windows Updates] => C:\Users\Kamil\AppData\Roaming\Microsoft\Updates\winlogon.vbs [235 2019-07-13] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [tmp79D8] => wscript.exe //B "C:\Users\Kamil\AppData\Local\Temp\tmp79D8.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [8914f0ae732a4b8ccda2a57450603ccd] => C:\Users\Kamil\AppData\Local\Temp\70.exe .. [37888 2019-12-19] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [tmp3AEC] => wscript.exe //B "C:\Users\Kamil\AppData\Local\Temp\tmp3AEC.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [tmp5169] => wscript.exe //B "C:\Users\Kamil\AppData\Local\Temp\tmp5169.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [System32] => C:\Users\Kamil\AppData\Local\Temp\Client.exe [54272 2019-11-10] (word file) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [34d91dfb34a7283483d0aaba9d10147d] => C:\Users\Kamil\AppData\Local\Temp\Microsoft\svchost.exe [41472 2019-11-10] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [d620e348213b3bb3ba0246f26b9e96bc] => C:\Users\Kamil\AppData\Local\Temp\server.exe .. [24064 2020-01-08] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [85a1b87c506616a2e533f865475870fe] => C:\Users\Kamil\AppData\Local\Temp\Driver.exe .. [24064 2020-01-08] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [5395d531b1a96d36e1aed6f156c1abfc] => C:\Users\Kamil\AppData\Local\Temp\command.exe .. [24064 2020-01-08] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [270bc2a14df607672c960a7955ac47ec] => C:\Users\Kamil\AppData\Local\Temp\System64.exe .. [92160 2020-01-15] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [tmp7796] => wscript.exe //B "C:\Users\Kamil\AppData\Local\Temp\tmp7796.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [tmp44A5] => wscript.exe //B "C:\Users\Kamil\AppData\Local\Temp\tmp44A5.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [ef68944d54e8b4aa938a84cf943af21e] => C:\Users\Kamil\AppData\Local\Temp\sovx.exe .. [24064 2020-01-12] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [2d719acf32f95a0babd6cce10e7d02bd] => C:\ProgramData\wininit.exe .. [74240 2020-01-13] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [954275c2a385362432d4f13360ed1ff4] => C:\Users\Kamil\system.exe .. [85504 2020-01-13] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [1026470df5385af8d83ee7e2514c8469] => C:\Users\Kamil\AppData\Local\Temp\tmpC0B2.tmp.exe .. [45568 2020-01-13] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [cebb308efb152afa9b7e187490cc3a9a] => C:\Users\Kamil\svchost.exe .. [85504 2020-01-13] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [b79c121d18108351cf2b69076b3385be] => C:\Users\Kamil\AppData\Local\Temp\Secript.exe .. [119808 2020-01-13] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{10880D85-AAD9-4558-ABDC-2AB1552D831F}] -> C:\Program Files\Common Files\LightScribe\LSRunOnce.exe [2010-06-16] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-09] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1026470df5385af8d83ee7e2514c8469.exe [2020-01-13] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1998035b685796d01f79197bd5bee7fb.exe [2019-12-28] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\270bc2a14df607672c960a7955ac47ec.exe [2020-01-15] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2c7998d77330dbd296a15992ba62701a.exe [2019-12-28] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2d719acf32f95a0babd6cce10e7d02bd.exe [2020-01-13] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3933254291d429c757f15b8b22ecccf6.exe [2019-12-17] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3faffb3040aea7f7d7747271c38ce627.exe [2019-09-12] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8914f0ae732a4b8ccda2a57450603ccd.exe [2019-12-19] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\954275c2a385362432d4f13360ed1ff4.exe [2020-01-13] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cebb308efb152afa9b7e187490cc3a9a.exe [2020-01-13] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\d620e348213b3bb3ba0246f26b9e96bc.exe [2020-01-08] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.exe [2019-11-10] () [File not signed] <==== ATTENTION
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3AEC.tmp.vbs [2019-11-10] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp44A5.tmp.vbs [2020-01-10] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp5169.tmp.vbs [2019-11-10] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp7796.tmp.vbs [2020-01-09] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp79D8.tmp.vbs [2019-09-30] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\windows.vbs [2017-01-14] () [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0922236E-AFED-405F-96A5-56679736A1B7} - System32\Tasks\Driver Booster SkipUAC (Kamil) => C:\Program Files\IObit\Driver Booster\4.2.0\DriverBooster.exe
Task: {1744284E-D72B-4FB5-8F75-383DCA0AA80D} - System32\Tasks\{6D875A5B-0703-47AD-919B-1C85F19B83F0} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\TC UP\TC UP.exe" -d "C:\Program Files\TC UP"
Task: {28DE678F-CAA4-43CC-92FD-F915E0ABB696} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {32EAC19F-04CD-4F4A-966B-A0E20DCEA134} - System32\Tasks\sssssssss => C:\Users\Kamil\Music\nn.exe
Task: {3CCC4B84-C260-4A35-A8F4-4148C2BBE5A4} - System32\Tasks\System32 => C:\Users\Kamil\AppData\Local\Temp\Client.exe [54272 2019-11-10] (word file) [File not signed] <==== ATTENTION
Task: {679C185F-C174-41DA-B645-3EAAE5A7E7C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-28] (Google Inc -> Google Inc.)
Task: {718002DC-441E-45EF-A7D3-EC99CCC112D6} - System32\Tasks\{6A9A6746-189F-40E9-866D-A794DD628277} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\VideoDownloaderUltimateWinApp\Uninstall.exe
Task: {87A65AD8-152C-439B-B8F5-EB8507425E69} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_314_Plugin.exe [1457720 2020-01-15] (Adobe Inc. -> Adobe)
Task: {8E437444-E35F-4313-8BC8-91FD1DE2C911} - System32\Tasks\{2F53AFB3-BF87-41BA-9906-924B8988776D} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\VideoDownloaderUltimateWinApp\Uninstall.exe
Task: {8E4DD813-46BA-4117-A16C-34C045517E55} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-28] (Google Inc -> Google Inc.)
Task: {907DBFB6-690F-4BD0-9CF1-E8AE3E9867B1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3867848799-1210266518-3605795662-1000Core => C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {96CCE673-A4E1-48EE-8E1D-33CD41B8B1C4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3867848799-1210266518-3605795662-1000UA => C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {9D863C86-5BED-43A8-87BD-7F9DF0AFBE9D} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe [77824 2008-06-27] () [File not signed]
Task: {C713DE78-1CB1-46C1-BD1B-68B1E44966E9} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {E719B26C-D23E-4B45-A96D-B6635B79C680} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-15] (Adobe Inc. -> Adobe)
Task: {F05BF5B5-2F80-424B-9587-06EBEC1B3A25} - System32\Tasks\{F6C0A0DD-0931-4144-8E4C-FC5BD8DE0259} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\VideoDownloaderUltimateWinApp\Uninstall.exe
Task: {FDBB164E-D8D9-48CF-9F1B-AAB7909490AF} - System32\Tasks\{3AE4C49B-AF29-4392-8EA2-B09B36DB8B5F} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3867848799-1210266518-3605795662-1000Core.job => C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3867848799-1210266518-3605795662-1000UA.job => C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{7CE69006-A9F5-4F2A-9FC9-BA743A4AF9ED}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{D620EBB2-40AB-4CB4-B107-5F6BCF8B53C0}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\ProgramData\LangSoft\WebIE.dll [2016-12-29] () [File not signed]
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-12-31] (Oracle America, Inc. -> Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files\Bluetooth Suite\IEPlugIn.dll [2011-03-01] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-12-31] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2017-01-03] (Eyeo GmbH -> Eyeo GmbH)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Company -> Hewlett-Packard Co.)
Toolbar: HKLM - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll [2016-12-29] () [File not signed]
Handler: WSKVAllmytubechrome - No CLSID Value -
FireFox:
========
FF DefaultProfile: ht3jbfth.default-1368257689736
FF ProfilePath: C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736 [2020-01-15]
FF DownloadDir: C:\Users\Kamil\Downloads
FF Homepage: Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736 -> hxxp://www.google.sk/
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2017-02-02] [Legacy]
FF Extension: (Video Downloader professional) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\ffext_basicvideoext@startpage24.xpi [2018-10-13]
FF Extension: (YouTube mp3) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\info@youtube-mp3.org.xpi [2017-01-03] [Legacy]
FF Extension: (Translate This!) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi [2017-01-03] [Legacy]
FF Extension: (To Google Translate) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2019-12-30]
FF Extension: (Google™ Translator) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi [2017-01-01] [Legacy]
FF Extension: (Translator Widget) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\jid1-Gz4hrxvpY3RFJw@jetpack.xpi [2017-02-20] [Legacy]
FF Extension: (AdBlock) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2018-10-13]
FF Extension: (S3.Translator) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\s3google@translator.xpi [2018-10-13]
FF Extension: (Google Translator for Firefox) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\translator@zoli.bod.xpi [2019-12-14]
FF Extension: (Stylus Blue) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{11a41736-a1d5-4b1d-9cc3-983ed6a3ad30}.xpi [2019-03-21]
FF Extension: (walnut) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{192acb99-bee0-4373-9d46-09b18ad6fba9}.xpi [2019-03-28]
FF Extension: (Autumn Forest) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{46e6b376-15af-4ceb-8ac0-4820dd7e19d4}.xpi [2019-03-28]
FF Extension: (Grungedpaper) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{91ef5856-a93b-4a8a-b102-909b6f6865e9}.xpi [2019-03-21]
FF Extension: (rustic walnut) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{a91e51b1-7ed9-4087-8dce-4f1d42436be8}.xpi [2019-03-21]
FF Extension: (Video DownloadHelper) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-24]
FF Extension: (Online Translator Toolbar) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{BD4B37E6-7AE7-48d7-A2D7-6FF5775924AB}.xpi [2017-02-20] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-10-13]
FF Extension: (Spring and Swallows) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{decd5f4c-bc93-4cc3-a305-0221fa9420c7}.xpi [2019-03-28]
FF SearchPlugin: C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\searchplugins\bing-.xml [2016-12-25]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2017-07-12] [Legacy] [not signed]
FF HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_314.dll [2020-01-15] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-12-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-12-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-12-21] (Nokia -> )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default [2020-01-15]
CHR Extension: (Prekladač Google) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (Speed Test) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeghledigokaedmpimgnfplidhdhlchg [2017-12-12]
CHR Extension: (internet Download Manager For Chrome) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blhjobkfabeopalncconblmakfcllmhk [2017-09-24]
CHR Extension: (YouTube) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-18]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-30]
CHR Extension: (Google Search) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-18]
CHR Extension: (S3.Translator) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\debnnjfbneojbmioajinefnflopdohjk [2019-12-15]
CHR Extension: (Social Network Adblocker) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmgjckeibmdfndlflobjhddhmemajjld [2018-11-22]
CHR Extension: (Translate Selected Text) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbimffnjoeobhjhochngikepgfejjmgj [2017-06-24]
CHR Extension: (uBlock Adblock Plus) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdecnmmdccnkogcidionikojplkjfgie [2017-07-11]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-19]
CHR Extension: (Zoom for Google Chrome) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajondecmobodlejlcjllhojikagldgd [2019-12-31]
CHR Extension: (Skype) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-12]
CHR Extension: (Video DownloadHelper) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2019-06-26]
CHR Extension: (Kontrola pošty Google) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-03-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-08]
CHR Extension: (Hover Zoom+) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pccckmaobkjjboncdfnnofkonhgpceea [2019-10-08]
CHR Extension: (Gmail) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
CHR Profile: C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-15]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88136 2019-09-10] (Adobe Inc. -> Adobe Systems)
R2 AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [72864 2011-03-01] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
R2 DUMeterSvc; C:\Program Files\DU Meter\DUMeterSvc.exe [1382672 2007-10-15] (Hagel Technologies Ltd -> Hagel Technologies Ltd) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2010-06-16] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2905656 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2018360 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2012-04-19] (Even Balance, Inc. -> )
R3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14155832 2020-01-06] (Adlice -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [11944 2017-03-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)
S3 ATHDFU; C:\Windows\System32\Drivers\AthDfu.sys [43680 2011-03-01] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2020-01-08] (Tages SA -> )
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47504 2017-03-28] (IVT CORPORATION -> IVT Corporation.)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [26024 2009-12-17] (Elaborate Bytes AG -> Elaborate Bytes AG)
R3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [51328 2017-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [71552 2017-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [92032 2007-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-03-12] (Martin Malik - REALiX -> REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2020-01-08] (Tages SA -> )
S3 nmwcd; C:\Windows\System32\drivers\ccdcmb.sys [18560 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbo.sys [23168 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [137600 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2015-08-21] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27704 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [50744 2016-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfd.sys [19072 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 Ser2plx86; C:\Windows\System32\DRIVERS\ser2pl.sys [171072 2016-10-06] (WDKTestCert charles-yeh,131069736795923936 -> Prolific Technology Inc.)
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [685816 2012-04-19] (Duplex Secure Ltd -> Duplex Secure Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [24688 2020-01-15] (Adlice -> )
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R1 VD_FileDisk; C:\Windows\System32\Drivers\VD_FileDisk.sys [15872 2006-01-13] (Flint Incorporation) [File not signed]
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam.sys [20256 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 WsAudioDevice_383; C:\Windows\System32\drivers\WsAudioDevice_383.sys [25632 2016-02-29] (Wondershare Software Co., Ltd. -> Wondershare)
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-15 12:25 - 2020-01-15 12:26 - 000042742 _____ C:\Users\Kamil\Desktop\FRST.txt
2020-01-15 12:25 - 2020-01-15 12:26 - 000000000 ____D C:\FRST
2020-01-15 12:25 - 2020-01-15 12:25 - 002303488 ___SH (Farbar) C:\Users\Kamil\Desktop\._cache_FRST.exe
2020-01-15 12:21 - 2020-01-15 12:19 - 003077632 _____ (Synaptics) C:\Users\Kamil\Desktop\FRST.exe
2020-01-15 12:19 - 2020-01-15 12:19 - 003077632 ____N (Synaptics) C:\Users\Kamil\Downloads\FRST.exe
2020-01-15 12:09 - 2020-01-15 12:09 - 000001005 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-01-15 12:09 - 2020-01-15 12:09 - 000001005 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2020-01-15 12:02 - 2020-01-15 12:06 - 046292096 _____ (Adlice Software ) C:\Users\Kamil\Downloads\RogueKiller_setup.exe
2020-01-15 11:19 - 2020-01-15 11:19 - 000000000 ____D C:\ESD
2020-01-15 11:16 - 2020-01-15 11:44 - 020028928 ____N (Synaptics) C:\Users\Kamil\Downloads\MediaCreationTool1909.exe
2020-01-15 11:16 - 2020-01-15 11:16 - 000000000 ___HD C:\$Windows.~WS
2020-01-15 11:16 - 2020-01-15 11:16 - 000000000 ____D C:\$WINDOWS.~BT
2020-01-15 11:06 - 2020-01-15 11:44 - 006279168 ____N (Synaptics) C:\Users\Kamil\Downloads\eset_nod32_antivirus_live_installer (1).exe
2020-01-15 11:01 - 2020-01-15 11:05 - 006279168 ____N (Synaptics) C:\Users\Kamil\Downloads\eset_nod32_antivirus_live_installer(1).exe
2020-01-15 10:59 - 2020-01-15 11:05 - 006279168 ____N (Synaptics) C:\Users\Kamil\Downloads\eset_nod32_antivirus_live_installer.exe
2020-01-13 13:59 - 2020-01-13 13:59 - 000085504 _____ C:\Users\Kamil\svchost.exe
2020-01-13 13:48 - 2020-01-13 13:48 - 000085504 _____ C:\Users\Kamil\system.exe
2020-01-13 13:44 - 2020-01-13 13:44 - 000074240 _____ C:\ProgramData\wininit.exe
2020-01-08 20:50 - 2020-01-08 20:50 - 050540001 ___SH C:\Users\Kamil\Desktop\._cache_An1404.exe
2020-01-08 20:12 - 2020-01-08 20:12 - 000000000 ____D C:\ProgramData\Tages
2020-01-08 20:11 - 2020-01-08 20:11 - 000281760 _____ C:\Windows\system32\Drivers\atksgt.sys
2020-01-08 20:11 - 2020-01-08 20:11 - 000025888 _____ C:\Windows\system32\Drivers\lirsgt.sys
2020-01-08 20:11 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2020-01-08 20:11 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2020-01-08 20:11 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2020-01-08 20:11 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2020-01-08 20:11 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2020-01-08 20:11 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2020-01-08 20:11 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2020-01-08 20:11 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2020-01-08 20:11 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2020-01-08 20:11 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2020-01-08 20:11 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2020-01-08 20:11 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2020-01-08 20:11 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2020-01-08 20:11 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2020-01-08 20:11 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2020-01-08 20:11 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2020-01-08 20:11 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2020-01-08 20:11 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2020-01-08 20:11 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2020-01-08 20:11 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2020-01-08 20:11 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2020-01-08 20:11 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2020-01-08 20:11 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2020-01-08 20:11 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2020-01-08 20:11 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2020-01-08 20:11 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2020-01-08 20:11 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2020-01-08 20:11 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2020-01-08 20:11 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2020-01-08 20:11 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2020-01-08 20:11 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2020-01-08 20:11 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2020-01-08 20:11 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2020-01-08 20:11 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2020-01-08 20:11 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2020-01-08 20:11 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2020-01-08 20:11 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2020-01-08 20:11 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2020-01-08 20:11 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2020-01-08 20:11 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2020-01-08 20:11 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2020-01-08 20:11 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2020-01-08 20:11 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2020-01-08 20:11 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2020-01-08 20:11 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2020-01-08 20:11 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2020-01-08 20:11 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2020-01-08 20:11 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2020-01-08 20:11 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2020-01-08 20:11 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2020-01-08 20:11 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2020-01-08 20:11 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2020-01-08 20:08 - 2020-01-08 20:08 - 000000000 ____D C:\Program Files\Ubisoft
2020-01-07 13:25 - 2020-01-07 13:25 - 000054842 _____ C:\Users\Kamil\Downloads\3620003683.pdf
2019-12-31 12:40 - 2019-12-31 12:40 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Sun
2019-12-31 12:40 - 2019-12-31 12:40 - 000000000 ____D C:\Program Files\Common Files\Java
2019-12-31 12:39 - 2019-12-31 12:39 - 000112696 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2019-12-31 12:39 - 2019-12-31 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-12-31 12:39 - 2019-12-31 12:39 - 000000000 ____D C:\Program Files\Java
2019-12-31 12:39 - 2019-12-31 12:39 - 000000000 ____D C:\Program Files\Common Files\Oracle
2019-12-17 16:08 - 2019-12-17 16:13 - 001590784 ____N (Synaptics) C:\Users\Kamil\Downloads\VideoDownloader-[1463353425.1576595305,691,yt-bcnWysA9gxo,,].exe
2019-12-16 11:12 - 2019-12-16 11:12 - 000000173 _____ C:\Users\Kamil\Desktop\Jednota.txt
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-15 12:11 - 2015-03-21 10:07 - 000024688 _____ C:\Windows\system32\Drivers\truesight.sys
2020-01-15 12:09 - 2015-08-27 23:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-01-15 12:09 - 2015-08-27 23:54 - 000000000 ____D C:\Program Files\RogueKiller
2020-01-15 12:09 - 2015-03-21 10:07 - 000000000 ____D C:\ProgramData\RogueKiller
2020-01-15 11:59 - 2016-12-13 15:38 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Mozilla
2020-01-15 11:56 - 2010-11-20 22:01 - 000008582 _____ C:\Windows\system32\PerfStringBackup.INI
2020-01-15 11:50 - 2009-07-14 05:34 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-01-15 11:50 - 2009-07-14 05:34 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-01-15 11:44 - 2019-03-22 07:33 - 000000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2020-01-15 11:44 - 2019-03-22 07:33 - 000000035 _____ C:\ProgramData\Documents\AtherosServiceConfig.ini
2020-01-15 11:43 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-15 11:39 - 2012-04-18 19:27 - 000000946 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3867848799-1210266518-3605795662-1000UA.job
2020-01-15 11:16 - 2012-04-18 19:19 - 000000000 ____D C:\Windows\Panther
2020-01-15 11:05 - 2019-09-19 15:38 - 000000000 __SHD C:\Users\Kamil\AppData\Roaming\WinSl
2020-01-15 11:05 - 2017-04-25 11:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-15 11:05 - 2017-03-29 04:36 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2020-01-15 11:05 - 2012-04-18 19:27 - 000000894 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3867848799-1210266518-3605795662-1000Core.job
2020-01-15 10:58 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2020-01-15 09:18 - 2018-03-13 23:18 - 000004462 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-15 09:18 - 2012-07-19 15:59 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2020-01-15 09:18 - 2012-07-19 15:59 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2020-01-15 09:18 - 2012-07-19 15:59 - 000004312 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-01-15 09:18 - 2012-07-19 15:59 - 000000000 ____D C:\Windows\system32\Macromed
2020-01-13 13:59 - 2012-04-18 18:26 - 000000000 ____D C:\Users\Kamil
2020-01-12 13:34 - 2012-04-19 15:22 - 000183112 _____ C:\Windows\system32\PnkBstrB.exe
2020-01-12 13:34 - 2012-04-19 15:22 - 000138184 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2020-01-09 05:25 - 2017-03-28 16:19 - 000002182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-08 20:53 - 2012-04-18 18:32 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2020-01-08 20:53 - 2009-07-14 05:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2020-01-04 06:05 - 2014-11-25 19:35 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2020-01-03 14:11 - 2018-07-13 13:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-01-02 16:06 - 2016-06-26 05:21 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\vlc
2020-01-01 11:45 - 2013-03-21 20:27 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Thunderbird
2019-12-31 16:16 - 2012-05-28 10:02 - 000000000 ____D C:\Program Files\JDownloader
2019-12-28 11:20 - 2019-09-12 11:22 - 000024064 _____ C:\Users\Kamil\AppData\Roaming\explorer.exe
2019-12-19 17:18 - 2017-04-25 13:33 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-19 09:02 - 2013-04-02 16:25 - 000001414 _____ C:\Users\Kamil\Desktop\Heslo.txt
2019-12-17 17:01 - 2013-03-14 09:16 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\PC Suite
2019-12-17 16:13 - 2019-09-19 15:37 - 000024064 _____ C:\Users\Kamil\AppData\Roaming\system32.exe
2019-12-17 15:47 - 2013-03-28 06:30 - 000000000 ____D C:\Users\Kamil\dwhelper
==================== Files in the root of some directories ========
2020-01-13 13:44 - 2020-01-13 13:44 - 000074240 _____ () C:\ProgramData\wininit.exe
2020-01-13 13:59 - 2020-01-13 13:59 - 000085504 _____ () C:\Users\Kamil\svchost.exe
2020-01-13 13:48 - 2020-01-13 13:48 - 000085504 _____ () C:\Users\Kamil\system.exe
2019-09-20 06:14 - 2019-08-10 13:37 - 000018184 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-file-l1-2-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018184 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-file-l2-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000020744 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-localization-l1-2-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-processthreads-l1-1-1.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-synch-l1-2-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-timezone-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000022280 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-convert-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-environment-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000020232 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-filesystem-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000019208 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-heap-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-locale-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000028936 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-math-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000026376 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-multibyte-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000022792 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-runtime-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000024328 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-stdio-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000024328 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-string-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000020744 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-time-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-utility-l1-1-0.dll
2019-09-12 11:22 - 2019-12-28 11:20 - 000024064 _____ () C:\Users\Kamil\AppData\Roaming\explorer.exe
2019-09-20 06:14 - 2019-08-10 13:37 - 000453416 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\msvcp140.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 002696736 _____ (Mozilla Foundation) C:\Users\Kamil\AppData\Roaming\nss3.dll
2019-09-12 12:34 - 2019-09-12 12:34 - 000471040 ____H () C:\Users\Kamil\AppData\Roaming\svchost.exe
2019-09-19 15:37 - 2019-12-17 16:13 - 000024064 _____ () C:\Users\Kamil\AppData\Roaming\system32.exe
2019-09-20 06:14 - 2019-08-10 13:37 - 001172232 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\ucrtbase.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000082752 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\vcruntime140.dll
2019-08-18 17:41 - 2019-09-07 10:52 - 000032627 ___SH () C:\Users\Kamil\AppData\Roaming\windows.vbs
2015-10-27 18:05 - 2016-12-21 06:39 - 000057344 _____ () C:\Users\Kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-20 14:11 - 2018-12-20 14:11 - 000002404 _____ () C:\Users\Kamil\AppData\Local\recently-used.xbel
2016-07-22 16:35 - 2019-03-11 09:47 - 000007622 _____ () C:\Users\Kamil\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-01-08 10:19
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-01-2020
Ran by Kamil (15-01-2020 12:27:07)
Running from C:\Users\Kamil\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2012-04-18 17:26:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3867848799-1210266518-3605795662-500 - Administrator - Disabled)
Guest (S-1-5-21-3867848799-1210266518-3605795662-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3867848799-1210266518-3605795662-1002 - Limited - Enabled)
Kamil (S-1-5-21-3867848799-1210266518-3605795662-1000 - Administrator - Enabled) => C:\Users\Kamil
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (HKLM\...\{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}) (Version: 6.1.1 - Hewlett-Packard) Hidden
Adblock Plus pre IE (32-bitová verzia) (HKLM\...\{1C4B00CA-AA30-4A84-9BC0-1F4B52CB8A0A}) (Version: 1.6 - Eyeo GmbH)
Adobe Acrobat Reader DC - Slovak (HKLM\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.314 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.314 - Adobe)
AIDA64 Extreme Edition v2.30 (HKLM\...\AIDA64 Extreme Edition_is1) (Version: 2.30 - FinalWire Ltd.)
Aimersoft Helper Compact 2.5.1 (HKLM\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.1 - Aimersoft)
AIMP (HKLM\...\AIMP) (Version: v4.11.1841, 09.10.2016 - AIMP DevTeam)
Aktualizácie NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Any DVD Converter Professional 4.0.3 (HKLM\...\Any DVD Converter Professional_is1) (Version: - Any-DVD-Converter.com)
Apowersoft Online Launcher version 1.4.6 (HKLM\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.4.6 - APOWERSOFT LIMITED)
Apowersoft Video Konvertor V4.5.9 (HKLM\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.5.9 - APOWERSOFT LIMITED)
Apowersoft Video Stahovač V6.4.6 (HKLM\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.4.6 - APOWERSOFT LIMITED)
Ashampoo Burning Studio 10 v.10.0.15 (HKLM\...\Ashampoo Burning Studio 10_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
ASUS Bluetooth Suite (HKLM\...\{101A497C-7EF6-4001-834D-E5FA1C70FEFA}) (Version: 7.02.000.60 - ASUS Communications)
ASUS nVidia Driver (HKLM\...\{1A1FA4C1-2701-401C-8CE1-FDDE45304FF5}) (Version: 1.00.0000 - ASUSTek) Hidden
BS.Player PRO (HKLM\...\BSPlayerp) (Version: 2.61.1065 - AB Team, d.o.o.)
BufferChm (HKLM\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
C4600 (HKLM\...\{9E0E1E3B-229C-4CF9-8A39-4455477327E4}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
C4600_NCL_Help (HKLM\...\{F39AB038-876C-4FAE-8D40-6A21632BF92D}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.19 - Piriform)
Destinations (HKLM\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Dolby Home Theater v4 (HKLM\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
DU Meter (HKLM\...\DUMeter3_is1) (Version: 4.0 Build R3009 - Hagel Technologies Ltd)
Etron USB3.0 Host Controller (HKLM\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.104 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.104 - Etron Technology)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
GPBaseService2 (HKLM\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden
HD Tune Pro 5.00 (HKLM\...\HD Tune Pro_is1) (Version: - EFD Software)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart C4600 All-In-One Driver Software 14.0 Rel. 5 (HKLM\...\{1E1746EF-F5BF-4677-8F30-04FE399130DA}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (HKLM\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden
Java 8 Update 231 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Jewel Quest III (HKLM\...\{34AF0799-8123-41BA-885A-BDEB157607F9}) (Version: 1.0.0 - LeeGTs Games)
LightScribe System Software (HKLM\...\{07E49BC1-24FF-4D7A-AC74-727BE95801AF}) (Version: 1.18.16.1 - LightScribe)
LightScribe Template Labeler (HKLM\...\{43523FEF-9D8E-4572-BB11-0E914D366E0A}) (Version: 1.18.15.1 - LightScribe)
MarketResearch (HKLM\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
MediaCoder 2011 (HKLM\...\MediaCoder) (Version: 2011 - Broad Intelligence)
MediaInfo 0.7.48 (HKLM\...\MediaInfo) (Version: 0.7.48 - MediaArea.net)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Encarta World Atlas 1998 Edition (HKLM\...\Encarta Virtual Globe 3.0) (Version: - )
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mobile Connect (HKLM\...\{3EAAC5FD-E209-4856-8C49-D4EA40F85032}) (Version: 1.00.0000 - Huawei technologies)
Mozilla Firefox 72.0.1 (x86 sk) (HKLM\...\Mozilla Firefox 72.0.1 (x86 sk)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.1.7311 - Mozilla)
Mozilla Thunderbird 68.3.1 (x86 cs) (HKLM\...\Mozilla Thunderbird 68.3.1 (x86 cs)) (Version: 68.3.1 - Mozilla)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Need for Speed™ Undercover (HKLM\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts)
Nokia Connectivity Cable Driver (HKLM\...\{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}) (Version: 7.1.101.0 - Nokia)
Nokia Suite (HKLM\...\{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}) (Version: 3.7.22.0 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.7.22.0 - Nokia)
NVIDIA 3D Vision radič ovládača 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Opera 11.51 (HKLM\...\Opera 11.51.1087) (Version: 11.51.1087 - Opera Software ASA)
Ovládací panel NVIDIA 353.62 (HKLM\...\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 353.62 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM\...\{6B722793-E77B-41F5-BAB3-6C9832274E75}) (Version: 12.0.76.0 - Nokia)
Počítačový prístup k internetu Nokia (HKLM\...\{653A52D8-127C-476D-BAD9-27117A3A4959}) (Version: 2.0.1.3 - Nokia) Hidden
Počítačový prístup k internetu Nokia (HKLM\...\Nokia PC Internet Access) (Version: 2.0.1.3 - Nokia)
PS_AIO_05_C4600_Software_Min (HKLM\...\{1CA3A991-B03D-4C92-9922-315E5434E87B}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
QuickTransfer (HKLM\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6433 - Realtek Semiconductor Corp.)
RogueKiller version 14.0.4.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.0.4.0 - Adlice Software)
Scan (HKLM\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.80.000 - Hewlett-Packard) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verzia 8.55 (HKLM\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.)
SmartWebPrinting (HKLM\...\{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}) (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM\...\{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}) (Version: 140.0.213.000 - Hewlett-Packard) Hidden
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Status (HKLM\...\{2FB9EA69-51D4-4913-9AD5-762C034DE811}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: - )
Toolbox (HKLM\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total Commander Ultima Prime 4.5.0.0 (HKLM\...\TC UP) (Version: 4.5.0.0 - ULTIMA PRIME)
TrayApp (HKLM\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
UmmyVideoDownloader (HKLM\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.7.2.4 - ) <==== ATTENTION
Uninstall DS Clock (HKLM\...\DS Clock_is1) (Version: 1.5 - Duality Software)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UsbFix (HKLM\...\Usbfix) (Version: 9.001 - http://www.SOSVirus.Net)
VdhCoApp 1.3.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Video Fixer 3.23 (HKLM\...\Video Fixer 3.23_is1) (Version: - video-fixer Inc.)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WebReg (HKLM\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-10-14] (Artem Izmaylov -> AIMP DevTeam) [File not signed]
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files\Bluetooth Suite\BtvAppExt.dll [2011-03-01] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers1: [TCUPShellExt] -> {544F5441-4C43-4D44-5550-5348454C4C00} => C:\Program Files\TC UP\PLUGINS\Library\TCUPShellExt.dll [2008-01-30] () [File not signed]
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () [File not signed]
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files\Bluetooth Suite\ShellContextExt.dll [2011-03-01] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-10-14] (Artem Izmaylov -> AIMP DevTeam) [File not signed]
ContextMenuHandlers4: [TCUPShellExt] -> {544F5441-4C43-4D44-5550-5348454C4C00} => C:\Program Files\TC UP\PLUGINS\Library\TCUPShellExt.dll [2008-01-30] () [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UmmyVideoDownloader\Help\ђусский.lnk -> C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\help\Ummy_rus.pdf () <==== Cyrillic
==================== Loaded Modules (Whitelisted) =============
2012-12-21 15:29 - 2012-12-21 15:29 - 000110080 _____ () [File not signed] C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll
2008-01-30 18:08 - 2008-01-30 18:08 - 000160256 _____ () [File not signed] C:\Program Files\TC UP\PLUGINS\Library\TCUPShellExt.dll
2012-04-18 19:46 - 2011-03-02 11:40 - 000140288 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2016-12-29 22:14 - 2016-12-29 22:15 - 000798771 _____ () [File not signed] C:\ProgramData\LangSoft\WebIE.dll
2019-09-19 15:38 - 2019-09-19 15:38 - 000287744 _____ () [File not signed] C:\ProgramData\Synaptics\libeay32.dll
2019-09-19 15:38 - 2019-09-19 15:38 - 000063488 _____ () [File not signed] C:\ProgramData\Synaptics\ssleay32.dll
2019-09-23 07:23 - 2020-01-15 11:44 - 000015360 ___SH () [File not signed] C:\ProgramData\Synaptics\XSynaptics.dll
2015-08-13 16:13 - 2016-10-14 19:34 - 001317960 _____ (Artem Izmaylov -> AIMP DevTeam) [File not signed] C:\Program Files\AIMP3\System\aimp_menu32.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000064672 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\AthCopyHook.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000033440 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BPP.DLL
2011-03-01 15:42 - 2011-03-01 15:42 - 000037024 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BTBIP.DLL
2011-03-01 15:42 - 2011-03-01 15:42 - 000040096 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtFileStore.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000036000 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtFileStoreOpp.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000158880 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtObexFt.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000158880 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BTOBEXOP.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000154784 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtvAppExt.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000072864 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\goep.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000076960 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\GOEP_bpp.DLL
2011-03-01 15:43 - 2011-03-01 15:43 - 000072864 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\GOEP_SINGLE.DLL
2011-03-01 15:43 - 2011-03-01 15:43 - 000076960 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\Handsfree.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000101536 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\L2capLib.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000879776 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\OutLookLib.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000072864 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\RfcommLib.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000244384 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\ShellContextExt.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000068768 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\Sync.dll
2013-03-24 03:04 - 2007-10-15 15:18 - 000395264 _____ (Hagel Technologies Ltd) [File not signed] C:\Program Files\DU Meter\sqlite3.dll
2009-11-18 03:42 - 2009-11-18 03:42 - 000253568 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpqcxs08.dll
2009-11-18 03:16 - 2009-11-18 03:16 - 000217728 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpqddcmn.dll
2009-11-18 03:16 - 2009-11-18 03:16 - 000137344 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpqddsvc.dll
2010-06-16 12:45 - 2010-06-16 12:45 - 000033792 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSLog.dll
2010-06-16 12:45 - 2010-06-16 12:45 - 000110592 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
2008-12-03 19:05 - 2008-12-03 19:05 - 000044544 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2008-12-03 19:05 - 2008-12-03 19:05 - 000053760 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2012-12-21 15:30 - 2012-12-21 15:30 - 000599552 _____ (Igor Pavlov) [File not signed] C:\Program Files\Nokia\Nokia Suite\7z.DLL
2013-08-17 08:15 - 2013-08-17 08:15 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2013-08-17 08:16 - 2013-08-17 08:16 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2012-12-21 15:28 - 2012-12-21 15:28 - 001106944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Nokia\Nokia Suite\libeay32.DLL
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84 [127]
AlternateDataStreams: C:\ProgramData\TEMP:A8ADE5D8 [230]
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2 [148]
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8 [324]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2009-06-10 22:39 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\PC Connectivity Solution\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TC UP\PLUGINS\Library;C:\Program Files\VDownloader;C:\Program Files\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
MSCONFIG\startupreg: AthBtTray => "C:\Program Files\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: D: =>
MSCONFIG\startupreg: DU Meter => C:\Program Files\DU Meter\DUMeter.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: NokiaPCInternetAccess => "C:\Program Files\Nokia\PC Internet Access\NPCIA.exe" /b
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{FE7AC9CF-3561-47A5-B99A-69042B495B0B}] => (Allow) C:\Program Files\Opera\opera.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{D7A9353B-05AF-41BB-AEC5-24E5A30E4BC9}] => (Allow) C:\Program Files\Opera\opera.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{F388A335-B65D-4EB0-9F4E-867A81A8DEB5}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe (Nokia -> Nokia)
FirewallRules: [{F60AC1A0-B039-4980-A08A-FC770460757C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CB4E05BA-042A-4CCE-985A-2842E3FD6740}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A1B9D84F-D9C4-4F69-B7A7-8123CB72A58F}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BC115943-2074-4D67-86FD-304E973A8A07}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{077124A8-39E9-4C48-8F68-258E5426535D}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{01E3A908-8988-414D-8EFA-76B4264EEF93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{41A4F2EE-D814-434F-8059-6EEFE13045E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DBF38C8D-71CE-41FE-8CC7-D3F53D63EEB2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E5C6334B-DDA4-4EBB-B509-0C3D816A18A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8E0A802B-A8DE-4DAB-BC8C-BDF2CF4E4A93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{E9B6AD04-798C-4BA7-88B4-C0D397E9A1DF}C:\users\kamil\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\kamil\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{AA1B92BD-0FF8-4665-88C0-3C0AA70918D8}C:\users\kamil\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\kamil\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{73ACB86A-9ACB-49D1-B939-813CC1D16D71}] => (Allow) C:\Users\Kamil\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{598C2D51-05EE-4313-AB37-D8A4FE4BD351}] => (Allow) C:\Users\Kamil\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{CE6E99D3-D187-4BEE-9211-1ECBA00A910C}] => (Allow) C:\Users\Kamil\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{89DD17C6-9B3B-4FD2-922E-092D68856D3E}] => (Allow) C:\Users\Kamil\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{649C8FDF-A5D3-4B69-872E-79D05B54C656}] => (Allow) C:\Program Files\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{39CC2FED-E291-4825-9D17-04FD47F52A69}] => (Allow) C:\Program Files\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{B565FEC6-4AA6-43CC-BDAD-4765CE2475B9}] => (Allow) C:\Users\Kamil\AppData\Roaming\skype.exe No File
FirewallRules: [{7746F667-6FC9-48F5-9DF3-96B8BE3FB5D6}] => (Allow) C:\Users\Kamil\AppData\Roaming\skype.exe No File
FirewallRules: [{D4BFA56F-42DD-4729-BC10-7F5D568A0415}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{9834E6EE-D943-4C3F-9CD6-C5E22428B2BF}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{2913477A-8313-4412-AD83-EB90BE61B927}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{FC95DE93-382E-401E-B9FA-CA5E3763026C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{7BB1B054-2824-446D-BB61-56609EB37AC1}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{9CA61943-BBAE-4F24-BD93-D07CD82E5626}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{D416DD57-4189-4309-A68B-043B1EBC022C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{713C67D3-8693-4AA7-BB8A-46A238724BF3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{44BA0745-1436-49E9-8F46-E07661FD8C6F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard) [File not signed]
FirewallRules: [{A5A5FD06-C66B-479C-99FB-3C34745CB483}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{B4549B05-C21C-45C1-88DA-2CC7C746D3FA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{68C9AE4C-A7AF-4990-A530-B0F3E2C70A02}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{50C54499-3900-4437-B5EF-F0DC696F7BEA}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe (Hewlett-Packard Company -> Hewlett-Packard Co.)
FirewallRules: [{F5E00402-58D3-4984-BA38-A7262B7E42BE}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{07E7C946-C6CD-4426-84E6-E45A85CFD3D4}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{05BB745C-4079-4C1E-BAA2-EF970F6B72C0}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [{B183860A-0B39-4E91-A072-E790550A4384}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [TCP Query User{99526F96-7CEF-41F3-A3BB-3A070F596371}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [UDP Query User{551B6C6C-542A-4C44-BE40-E9F34A859164}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [{770CBAE4-EE3F-4386-A4FC-E50CA29E48FD}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D1614519-6472-4369-82DD-332040705988}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DC265BB4-0A03-4C18-AF94-584A889A38FB}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
08-01-2020 20:11:02 Installed DirectX
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/15/2020 11:56:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is WMI Objects. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
Error: (01/15/2020 11:56:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (01/15/2020 11:45:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/15/2020 11:36:05 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is WMI Objects. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
Error: (01/15/2020 11:36:05 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (01/15/2020 11:07:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/15/2020 11:06:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is WMI Objects. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
Error: (01/15/2020 11:06:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
System errors:
=============
Error: (01/15/2020 11:56:31 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WMI Performance Adapter bola ukončená s nasledujúcou chybou:
Neznáma chyba
Error: (01/15/2020 11:43:43 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
sptd
Error: (01/15/2020 11:43:25 AM) (Source: sptd) (EventID: 4) (User: )
Description: Driver detected an internal error in its data structures for .
Error: (01/15/2020 11:36:08 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WMI Performance Adapter bola ukončená s nasledujúcou chybou:
Neznáma chyba
Error: (01/15/2020 11:06:33 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WMI Performance Adapter bola ukončená s nasledujúcou chybou:
Neznáma chyba
Error: (01/15/2020 11:05:22 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
sptd
Error: (01/15/2020 11:05:03 AM) (Source: sptd) (EventID: 4) (User: )
Description: Driver detected an internal error in its data structures for .
Error: (01/15/2020 09:58:30 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WMI Performance Adapter bola ukončená s nasledujúcou chybou:
Neznáma chyba
==================== Memory info ===========================
BIOS: Award Software International, Inc. F9 10/13/2011
Motherboard: Gigabyte Technology Co., Ltd. GA-990XA-UD3
Processor: AMD Phenom(tm) II X6 1045T Processor
Percentage of memory in use: 85%
Total physical RAM: 3069.24 MB
Available physical RAM: 445.08 MB
Total Virtual: 6136.77 MB
Available Virtual: 1913.65 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:107.42 GB) (Free:37.53 GB) NTFS
Drive d: () (Fixed) (Total:1289.74 GB) (Free:22.11 GB) NTFS
\\?\Volume{bacf6a23-897a-11e1-a07a-806e6f6e6963}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1397.3 GB) (Disk ID: 809EDEEA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=107.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1289.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-01-2020
Ran by Kamil (15-01-2020 12:27:07)
Running from C:\Users\Kamil\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2012-04-18 17:26:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3867848799-1210266518-3605795662-500 - Administrator - Disabled)
Guest (S-1-5-21-3867848799-1210266518-3605795662-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3867848799-1210266518-3605795662-1002 - Limited - Enabled)
Kamil (S-1-5-21-3867848799-1210266518-3605795662-1000 - Administrator - Enabled) => C:\Users\Kamil
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (HKLM\...\{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}) (Version: 6.1.1 - Hewlett-Packard) Hidden
Adblock Plus pre IE (32-bitová verzia) (HKLM\...\{1C4B00CA-AA30-4A84-9BC0-1F4B52CB8A0A}) (Version: 1.6 - Eyeo GmbH)
Adobe Acrobat Reader DC - Slovak (HKLM\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.314 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.314 - Adobe)
AIDA64 Extreme Edition v2.30 (HKLM\...\AIDA64 Extreme Edition_is1) (Version: 2.30 - FinalWire Ltd.)
Aimersoft Helper Compact 2.5.1 (HKLM\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.1 - Aimersoft)
AIMP (HKLM\...\AIMP) (Version: v4.11.1841, 09.10.2016 - AIMP DevTeam)
Aktualizácie NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Any DVD Converter Professional 4.0.3 (HKLM\...\Any DVD Converter Professional_is1) (Version: - Any-DVD-Converter.com)
Apowersoft Online Launcher version 1.4.6 (HKLM\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.4.6 - APOWERSOFT LIMITED)
Apowersoft Video Konvertor V4.5.9 (HKLM\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.5.9 - APOWERSOFT LIMITED)
Apowersoft Video Stahovač V6.4.6 (HKLM\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.4.6 - APOWERSOFT LIMITED)
Ashampoo Burning Studio 10 v.10.0.15 (HKLM\...\Ashampoo Burning Studio 10_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
ASUS Bluetooth Suite (HKLM\...\{101A497C-7EF6-4001-834D-E5FA1C70FEFA}) (Version: 7.02.000.60 - ASUS Communications)
ASUS nVidia Driver (HKLM\...\{1A1FA4C1-2701-401C-8CE1-FDDE45304FF5}) (Version: 1.00.0000 - ASUSTek) Hidden
BS.Player PRO (HKLM\...\BSPlayerp) (Version: 2.61.1065 - AB Team, d.o.o.)
BufferChm (HKLM\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
C4600 (HKLM\...\{9E0E1E3B-229C-4CF9-8A39-4455477327E4}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
C4600_NCL_Help (HKLM\...\{F39AB038-876C-4FAE-8D40-6A21632BF92D}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.19 - Piriform)
Destinations (HKLM\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Dolby Home Theater v4 (HKLM\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
DU Meter (HKLM\...\DUMeter3_is1) (Version: 4.0 Build R3009 - Hagel Technologies Ltd)
Etron USB3.0 Host Controller (HKLM\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.104 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.104 - Etron Technology)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
GPBaseService2 (HKLM\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden
HD Tune Pro 5.00 (HKLM\...\HD Tune Pro_is1) (Version: - EFD Software)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart C4600 All-In-One Driver Software 14.0 Rel. 5 (HKLM\...\{1E1746EF-F5BF-4677-8F30-04FE399130DA}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (HKLM\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden
Java 8 Update 231 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Jewel Quest III (HKLM\...\{34AF0799-8123-41BA-885A-BDEB157607F9}) (Version: 1.0.0 - LeeGTs Games)
LightScribe System Software (HKLM\...\{07E49BC1-24FF-4D7A-AC74-727BE95801AF}) (Version: 1.18.16.1 - LightScribe)
LightScribe Template Labeler (HKLM\...\{43523FEF-9D8E-4572-BB11-0E914D366E0A}) (Version: 1.18.15.1 - LightScribe)
MarketResearch (HKLM\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
MediaCoder 2011 (HKLM\...\MediaCoder) (Version: 2011 - Broad Intelligence)
MediaInfo 0.7.48 (HKLM\...\MediaInfo) (Version: 0.7.48 - MediaArea.net)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Encarta World Atlas 1998 Edition (HKLM\...\Encarta Virtual Globe 3.0) (Version: - )
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mobile Connect (HKLM\...\{3EAAC5FD-E209-4856-8C49-D4EA40F85032}) (Version: 1.00.0000 - Huawei technologies)
Mozilla Firefox 72.0.1 (x86 sk) (HKLM\...\Mozilla Firefox 72.0.1 (x86 sk)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.1.7311 - Mozilla)
Mozilla Thunderbird 68.3.1 (x86 cs) (HKLM\...\Mozilla Thunderbird 68.3.1 (x86 cs)) (Version: 68.3.1 - Mozilla)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Need for Speed™ Undercover (HKLM\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts)
Nokia Connectivity Cable Driver (HKLM\...\{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}) (Version: 7.1.101.0 - Nokia)
Nokia Suite (HKLM\...\{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}) (Version: 3.7.22.0 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.7.22.0 - Nokia)
NVIDIA 3D Vision radič ovládača 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Opera 11.51 (HKLM\...\Opera 11.51.1087) (Version: 11.51.1087 - Opera Software ASA)
Ovládací panel NVIDIA 353.62 (HKLM\...\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 353.62 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM\...\{6B722793-E77B-41F5-BAB3-6C9832274E75}) (Version: 12.0.76.0 - Nokia)
Počítačový prístup k internetu Nokia (HKLM\...\{653A52D8-127C-476D-BAD9-27117A3A4959}) (Version: 2.0.1.3 - Nokia) Hidden
Počítačový prístup k internetu Nokia (HKLM\...\Nokia PC Internet Access) (Version: 2.0.1.3 - Nokia)
PS_AIO_05_C4600_Software_Min (HKLM\...\{1CA3A991-B03D-4C92-9922-315E5434E87B}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
QuickTransfer (HKLM\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6433 - Realtek Semiconductor Corp.)
RogueKiller version 14.0.4.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.0.4.0 - Adlice Software)
Scan (HKLM\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.80.000 - Hewlett-Packard) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verzia 8.55 (HKLM\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.)
SmartWebPrinting (HKLM\...\{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}) (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM\...\{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}) (Version: 140.0.213.000 - Hewlett-Packard) Hidden
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Status (HKLM\...\{2FB9EA69-51D4-4913-9AD5-762C034DE811}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: - )
Toolbox (HKLM\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total Commander Ultima Prime 4.5.0.0 (HKLM\...\TC UP) (Version: 4.5.0.0 - ULTIMA PRIME)
TrayApp (HKLM\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
UmmyVideoDownloader (HKLM\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.7.2.4 - ) <==== ATTENTION
Uninstall DS Clock (HKLM\...\DS Clock_is1) (Version: 1.5 - Duality Software)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UsbFix (HKLM\...\Usbfix) (Version: 9.001 - www.SOSVirus.Net)
VdhCoApp 1.3.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Video Fixer 3.23 (HKLM\...\Video Fixer 3.23_is1) (Version: - video-fixer Inc.)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WebReg (HKLM\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-10-14] (Artem Izmaylov -> AIMP DevTeam) [File not signed]
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files\Bluetooth Suite\BtvAppExt.dll [2011-03-01] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers1: [TCUPShellExt] -> {544F5441-4C43-4D44-5550-5348454C4C00} => C:\Program Files\TC UP\PLUGINS\Library\TCUPShellExt.dll [2008-01-30] () [File not signed]
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () [File not signed]
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files\Bluetooth Suite\ShellContextExt.dll [2011-03-01] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-10-14] (Artem Izmaylov -> AIMP DevTeam) [File not signed]
ContextMenuHandlers4: [TCUPShellExt] -> {544F5441-4C43-4D44-5550-5348454C4C00} => C:\Program Files\TC UP\PLUGINS\Library\TCUPShellExt.dll [2008-01-30] () [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UmmyVideoDownloader\Help\ђусский.lnk -> C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\help\Ummy_rus.pdf () <==== Cyrillic
==================== Loaded Modules (Whitelisted) =============
2012-12-21 15:29 - 2012-12-21 15:29 - 000110080 _____ () [File not signed] C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll
2008-01-30 18:08 - 2008-01-30 18:08 - 000160256 _____ () [File not signed] C:\Program Files\TC UP\PLUGINS\Library\TCUPShellExt.dll
2012-04-18 19:46 - 2011-03-02 11:40 - 000140288 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2016-12-29 22:14 - 2016-12-29 22:15 - 000798771 _____ () [File not signed] C:\ProgramData\LangSoft\WebIE.dll
2019-09-19 15:38 - 2019-09-19 15:38 - 000287744 _____ () [File not signed] C:\ProgramData\Synaptics\libeay32.dll
2019-09-19 15:38 - 2019-09-19 15:38 - 000063488 _____ () [File not signed] C:\ProgramData\Synaptics\ssleay32.dll
2019-09-23 07:23 - 2020-01-15 11:44 - 000015360 ___SH () [File not signed] C:\ProgramData\Synaptics\XSynaptics.dll
2015-08-13 16:13 - 2016-10-14 19:34 - 001317960 _____ (Artem Izmaylov -> AIMP DevTeam) [File not signed] C:\Program Files\AIMP3\System\aimp_menu32.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000064672 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\AthCopyHook.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000033440 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BPP.DLL
2011-03-01 15:42 - 2011-03-01 15:42 - 000037024 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BTBIP.DLL
2011-03-01 15:42 - 2011-03-01 15:42 - 000040096 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtFileStore.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000036000 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtFileStoreOpp.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000158880 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtObexFt.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000158880 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BTOBEXOP.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000154784 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtvAppExt.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000072864 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\goep.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000076960 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\GOEP_bpp.DLL
2011-03-01 15:43 - 2011-03-01 15:43 - 000072864 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\GOEP_SINGLE.DLL
2011-03-01 15:43 - 2011-03-01 15:43 - 000076960 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\Handsfree.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000101536 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\L2capLib.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000879776 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\OutLookLib.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000072864 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\RfcommLib.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000244384 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\ShellContextExt.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000068768 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\Sync.dll
2013-03-24 03:04 - 2007-10-15 15:18 - 000395264 _____ (Hagel Technologies Ltd) [File not signed] C:\Program Files\DU Meter\sqlite3.dll
2009-11-18 03:42 - 2009-11-18 03:42 - 000253568 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpqcxs08.dll
2009-11-18 03:16 - 2009-11-18 03:16 - 000217728 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpqddcmn.dll
2009-11-18 03:16 - 2009-11-18 03:16 - 000137344 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpqddsvc.dll
2010-06-16 12:45 - 2010-06-16 12:45 - 000033792 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSLog.dll
2010-06-16 12:45 - 2010-06-16 12:45 - 000110592 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
2008-12-03 19:05 - 2008-12-03 19:05 - 000044544 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2008-12-03 19:05 - 2008-12-03 19:05 - 000053760 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2012-12-21 15:30 - 2012-12-21 15:30 - 000599552 _____ (Igor Pavlov) [File not signed] C:\Program Files\Nokia\Nokia Suite\7z.DLL
2013-08-17 08:15 - 2013-08-17 08:15 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2013-08-17 08:16 - 2013-08-17 08:16 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2012-12-21 15:28 - 2012-12-21 15:28 - 001106944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Nokia\Nokia Suite\libeay32.DLL
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84 [127]
AlternateDataStreams: C:\ProgramData\TEMP:A8ADE5D8 [230]
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2 [148]
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8 [324]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2009-06-10 22:39 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\PC Connectivity Solution\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TC UP\PLUGINS\Library;C:\Program Files\VDownloader;C:\Program Files\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
MSCONFIG\startupreg: AthBtTray => "C:\Program Files\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: D: =>
MSCONFIG\startupreg: DU Meter => C:\Program Files\DU Meter\DUMeter.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: NokiaPCInternetAccess => "C:\Program Files\Nokia\PC Internet Access\NPCIA.exe" /b
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{FE7AC9CF-3561-47A5-B99A-69042B495B0B}] => (Allow) C:\Program Files\Opera\opera.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{D7A9353B-05AF-41BB-AEC5-24E5A30E4BC9}] => (Allow) C:\Program Files\Opera\opera.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{F388A335-B65D-4EB0-9F4E-867A81A8DEB5}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe (Nokia -> Nokia)
FirewallRules: [{F60AC1A0-B039-4980-A08A-FC770460757C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CB4E05BA-042A-4CCE-985A-2842E3FD6740}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A1B9D84F-D9C4-4F69-B7A7-8123CB72A58F}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BC115943-2074-4D67-86FD-304E973A8A07}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{077124A8-39E9-4C48-8F68-258E5426535D}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{01E3A908-8988-414D-8EFA-76B4264EEF93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{41A4F2EE-D814-434F-8059-6EEFE13045E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DBF38C8D-71CE-41FE-8CC7-D3F53D63EEB2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E5C6334B-DDA4-4EBB-B509-0C3D816A18A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8E0A802B-A8DE-4DAB-BC8C-BDF2CF4E4A93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{E9B6AD04-798C-4BA7-88B4-C0D397E9A1DF}C:\users\kamil\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\kamil\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{AA1B92BD-0FF8-4665-88C0-3C0AA70918D8}C:\users\kamil\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\kamil\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{73ACB86A-9ACB-49D1-B939-813CC1D16D71}] => (Allow) C:\Users\Kamil\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{598C2D51-05EE-4313-AB37-D8A4FE4BD351}] => (Allow) C:\Users\Kamil\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{CE6E99D3-D187-4BEE-9211-1ECBA00A910C}] => (Allow) C:\Users\Kamil\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{89DD17C6-9B3B-4FD2-922E-092D68856D3E}] => (Allow) C:\Users\Kamil\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{649C8FDF-A5D3-4B69-872E-79D05B54C656}] => (Allow) C:\Program Files\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{39CC2FED-E291-4825-9D17-04FD47F52A69}] => (Allow) C:\Program Files\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{B565FEC6-4AA6-43CC-BDAD-4765CE2475B9}] => (Allow) C:\Users\Kamil\AppData\Roaming\skype.exe No File
FirewallRules: [{7746F667-6FC9-48F5-9DF3-96B8BE3FB5D6}] => (Allow) C:\Users\Kamil\AppData\Roaming\skype.exe No File
FirewallRules: [{D4BFA56F-42DD-4729-BC10-7F5D568A0415}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{9834E6EE-D943-4C3F-9CD6-C5E22428B2BF}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{2913477A-8313-4412-AD83-EB90BE61B927}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{FC95DE93-382E-401E-B9FA-CA5E3763026C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{7BB1B054-2824-446D-BB61-56609EB37AC1}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{9CA61943-BBAE-4F24-BD93-D07CD82E5626}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{D416DD57-4189-4309-A68B-043B1EBC022C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{713C67D3-8693-4AA7-BB8A-46A238724BF3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{44BA0745-1436-49E9-8F46-E07661FD8C6F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard) [File not signed]
FirewallRules: [{A5A5FD06-C66B-479C-99FB-3C34745CB483}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{B4549B05-C21C-45C1-88DA-2CC7C746D3FA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{68C9AE4C-A7AF-4990-A530-B0F3E2C70A02}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{50C54499-3900-4437-B5EF-F0DC696F7BEA}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe (Hewlett-Packard Company -> Hewlett-Packard Co.)
FirewallRules: [{F5E00402-58D3-4984-BA38-A7262B7E42BE}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{07E7C946-C6CD-4426-84E6-E45A85CFD3D4}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{05BB745C-4079-4C1E-BAA2-EF970F6B72C0}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [{B183860A-0B39-4E91-A072-E790550A4384}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [TCP Query User{99526F96-7CEF-41F3-A3BB-3A070F596371}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [UDP Query User{551B6C6C-542A-4C44-BE40-E9F34A859164}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [{770CBAE4-EE3F-4386-A4FC-E50CA29E48FD}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D1614519-6472-4369-82DD-332040705988}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DC265BB4-0A03-4C18-AF94-584A889A38FB}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
08-01-2020 20:11:02 Installed DirectX
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/15/2020 11:56:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is WMI Objects. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
Error: (01/15/2020 11:56:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (01/15/2020 11:45:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/15/2020 11:36:05 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is WMI Objects. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
Error: (01/15/2020 11:36:05 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (01/15/2020 11:07:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/15/2020 11:06:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is WMI Objects. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
Error: (01/15/2020 11:06:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
System errors:
=============
Error: (01/15/2020 11:56:31 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WMI Performance Adapter bola ukončená s nasledujúcou chybou:
Neznáma chyba
Error: (01/15/2020 11:43:43 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
sptd
Error: (01/15/2020 11:43:25 AM) (Source: sptd) (EventID: 4) (User: )
Description: Driver detected an internal error in its data structures for .
Error: (01/15/2020 11:36:08 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WMI Performance Adapter bola ukončená s nasledujúcou chybou:
Neznáma chyba
Error: (01/15/2020 11:06:33 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WMI Performance Adapter bola ukončená s nasledujúcou chybou:
Neznáma chyba
Error: (01/15/2020 11:05:22 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
sptd
Error: (01/15/2020 11:05:03 AM) (Source: sptd) (EventID: 4) (User: )
Description: Driver detected an internal error in its data structures for .
Error: (01/15/2020 09:58:30 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WMI Performance Adapter bola ukončená s nasledujúcou chybou:
Neznáma chyba
==================== Memory info ===========================
BIOS: Award Software International, Inc. F9 10/13/2011
Motherboard: Gigabyte Technology Co., Ltd. GA-990XA-UD3
Processor: AMD Phenom(tm) II X6 1045T Processor
Percentage of memory in use: 85%
Total physical RAM: 3069.24 MB
Available physical RAM: 445.08 MB
Total Virtual: 6136.77 MB
Available Virtual: 1913.65 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:107.42 GB) (Free:37.53 GB) NTFS
Drive d: () (Fixed) (Total:1289.74 GB) (Free:22.11 GB) NTFS
\\?\Volume{bacf6a23-897a-11e1-a07a-806e6f6e6963}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1397.3 GB) (Disk ID: 809EDEEA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=107.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1289.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
ked otvorim prehliadac Firefox alebo Chrome, tak mi zacne vyskakovat okno , aby som zadal udaje na Pay pal , neovladam kurzor a stale to prehadzuje, ako keby s tym niekto pracoval . Dalej sa mi zobrazi dialogove okno na ploche a vyziva ma na zadanie udajov ,, okno sa vola,, Hecker,, , musel som stiahnut daku haved .
Dakujem za pomoc !!!
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-01-2020
Ran by Kamil (administrator) on KAMIL-PC (Gigabyte Technology Co., Ltd. GA-990XA-UD3) (15-01-2020 12:25:31)
Running from C:\Users\Kamil\Desktop
Loaded Profiles: Kamil (Available Profiles: Kamil)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\ProgramData\wininit.exe
() [File not signed] C:\Users\Kamil\AppData\Local\Temp\70.exe
() [File not signed] C:\Users\Kamil\AppData\Local\Temp\command.exe
() [File not signed] C:\Users\Kamil\AppData\Local\Temp\Driver.exe
() [File not signed] C:\Users\Kamil\AppData\Local\Temp\chrome..exe
() [File not signed] C:\Users\Kamil\AppData\Local\Temp\Microsoft\svchost.exe
() [File not signed] C:\Users\Kamil\AppData\Local\Temp\Secript.exe
() [File not signed] C:\Users\Kamil\AppData\Local\Temp\server.exe
() [File not signed] C:\Users\Kamil\AppData\Local\Temp\sovx.exe
() [File not signed] C:\Users\Kamil\AppData\Local\Temp\System64.exe
() [File not signed] C:\Users\Kamil\AppData\Local\Temp\tmpC0B2.tmp.exe
() [File not signed] C:\Users\Kamil\AppData\Roaming\explorer.exe
() [File not signed] C:\Users\Kamil\AppData\Roaming\svchost.exe
() [File not signed] C:\Users\Kamil\AppData\Roaming\system32.exe
() [File not signed] C:\Users\Kamil\svchost.exe
() [File not signed] C:\Users\Kamil\system.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKiller.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\AdminService.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\AthBtTray.exe
(Atheros Communications Inc. -> Atheros Communications) [File not signed] C:\Program Files\Bluetooth Suite\BtvStack.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) C:\Program Files\Dolby Home Theater v4\pcee4.exe
(Duality Software) [File not signed] C:\Program Files\DS Clock\dsclock.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(Hagel Technologies Ltd -> Hagel Technologies Ltd) [File not signed] C:\Program Files\DU Meter\DUMeterSvc.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\Kamil\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Nokia -> Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics) [File not signed] C:\ProgramData\Synaptics\Synaptics.exe
(word file) [File not signed] C:\Users\Kamil\AppData\Local\Temp\Client.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10807912 2011-08-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1571432 2011-08-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Dolby Home Theater v4] => C:\Program Files\Dolby Home Theater v4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [8424898cc4c927994d288319a361b825] => "C:\Users\Kamil\AppData\Roaming\skype.exe" ..
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AtherosBtStack] => C:\Program Files\Bluetooth Suite\BtvStack.exe [490656 2011-03-01] (Atheros Communications Inc. -> Atheros Communications) [File not signed]
HKLM\...\Run: [AthBtTray] => C:\Program Files\Bluetooth Suite\AthBtTray.exe [302240 2011-03-01] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
HKLM\...\Run: [windows] => wscript.exe //B "C:\Users\Kamil\AppData\Roaming\windows.vbs"
HKLM\...\Run: [1998035b685796d01f79197bd5bee7fb] => C:\Users\Kamil\AppData\Local\Temp\chrome..exe .. [24064 2019-12-28] () [File not signed] <==== ATTENTION
HKLM\...\Run: [2c7998d77330dbd296a15992ba62701a] => C:\Users\Kamil\AppData\Roaming\explorer.exe .. [24064 2019-12-28] () [File not signed] <==== ATTENTION
HKLM\...\Run: [3faffb3040aea7f7d7747271c38ce627] => C:\Users\Kamil\AppData\Roaming\svchost.exe .. [471040 2019-09-12] () [File not signed] <==== ATTENTION
HKLM\...\Run: [3933254291d429c757f15b8b22ecccf6] => C:\Users\Kamil\AppData\Roaming\system32.exe .. [24064 2019-12-17] () [File not signed]
HKLM\...\Run: [tmp79D8] => wscript.exe //B "C:\Users\Kamil\AppData\Local\Temp\tmp79D8.tmp.vbs" <==== ATTENTION
HKLM\...\Run: [8914f0ae732a4b8ccda2a57450603ccd] => C:\Users\Kamil\AppData\Local\Temp\70.exe .. [37888 2019-12-19] () [File not signed] <==== ATTENTION
HKLM\...\Run: [tmp3AEC] => wscript.exe //B "C:\Users\Kamil\AppData\Local\Temp\tmp3AEC.tmp.vbs" <==== ATTENTION
HKLM\...\Run: [tmp5169] => wscript.exe //B "C:\Users\Kamil\AppData\Local\Temp\tmp5169.tmp.vbs" <==== ATTENTION
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Run: [d620e348213b3bb3ba0246f26b9e96bc] => C:\Users\Kamil\AppData\Local\Temp\server.exe .. [24064 2020-01-08] () [File not signed] <==== ATTENTION
HKLM\...\Run: [85a1b87c506616a2e533f865475870fe] => C:\Users\Kamil\AppData\Local\Temp\Driver.exe .. [24064 2020-01-08] () [File not signed] <==== ATTENTION
HKLM\...\Run: [5395d531b1a96d36e1aed6f156c1abfc] => C:\Users\Kamil\AppData\Local\Temp\command.exe .. [24064 2020-01-08] () [File not signed] <==== ATTENTION
HKLM\...\Run: [270bc2a14df607672c960a7955ac47ec] => C:\Users\Kamil\AppData\Local\Temp\System64.exe .. [92160 2020-01-15] () [File not signed] <==== ATTENTION
HKLM\...\Run: [tmp7796] => wscript.exe //B "C:\Users\Kamil\AppData\Local\Temp\tmp7796.tmp.vbs" <==== ATTENTION
HKLM\...\Run: [tmp44A5] => wscript.exe //B "C:\Users\Kamil\AppData\Local\Temp\tmp44A5.tmp.vbs" <==== ATTENTION
HKLM\...\Run: [ef68944d54e8b4aa938a84cf943af21e] => C:\Users\Kamil\AppData\Local\Temp\sovx.exe .. [24064 2020-01-12] () [File not signed] <==== ATTENTION
HKLM\...\Run: [2d719acf32f95a0babd6cce10e7d02bd] => C:\ProgramData\wininit.exe .. [74240 2020-01-13] () [File not signed] <==== ATTENTION
HKLM\...\Run: [954275c2a385362432d4f13360ed1ff4] => C:\Users\Kamil\system.exe .. [85504 2020-01-13] () [File not signed] <==== ATTENTION
HKLM\...\Run: [1026470df5385af8d83ee7e2514c8469] => C:\Users\Kamil\AppData\Local\Temp\tmpC0B2.tmp.exe .. [45568 2020-01-13] () [File not signed] <==== ATTENTION
HKLM\...\Run: [cebb308efb152afa9b7e187490cc3a9a] => C:\Users\Kamil\svchost.exe .. [85504 2020-01-13] () [File not signed] <==== ATTENTION
HKLM\...\Run: [b79c121d18108351cf2b69076b3385be] => C:\Users\Kamil\AppData\Local\Temp\Secript.exe .. [119808 2020-01-13] () [File not signed] <==== ATTENTION
HKLM\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start hxxp://www.avg.sk/sk.special-uninstallation-fe ... sxLVRSTTMy (the data entry has 68 more characters).
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [DS Clock] => C:\Program Files\DS Clock\dsclock.exe [323584 2003-06-06] (Duality Software) [File not signed]
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [] => [X]
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [BingSvc] => C:\Users\Kamil\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [8424898cc4c927994d288319a361b825] => "C:\Users\Kamil\AppData\Roaming\skype.exe" ..
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia -> Nokia)
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [windows] => wscript.exe //B "C:\Users\Kamil\AppData\Roaming\windows.vbs" <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [1998035b685796d01f79197bd5bee7fb] => C:\Users\Kamil\AppData\Local\Temp\chrome..exe .. [24064 2019-12-28] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [2c7998d77330dbd296a15992ba62701a] => C:\Users\Kamil\AppData\Roaming\explorer.exe .. [24064 2019-12-28] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [3faffb3040aea7f7d7747271c38ce627] => C:\Users\Kamil\AppData\Roaming\svchost.exe .. [471040 2019-09-12] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [Synaptics Pointing Device Driver] => C:\ProgramData\Synaptics\Synaptics.exe [771584 2019-09-19] (Synaptics) [File not signed]
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [3933254291d429c757f15b8b22ecccf6] => C:\Users\Kamil\AppData\Roaming\system32.exe .. [24064 2019-12-17] () [File not signed]
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [Windows Updates] => C:\Users\Kamil\AppData\Roaming\Microsoft\Updates\winlogon.vbs [235 2019-07-13] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [tmp79D8] => wscript.exe //B "C:\Users\Kamil\AppData\Local\Temp\tmp79D8.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [8914f0ae732a4b8ccda2a57450603ccd] => C:\Users\Kamil\AppData\Local\Temp\70.exe .. [37888 2019-12-19] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [tmp3AEC] => wscript.exe //B "C:\Users\Kamil\AppData\Local\Temp\tmp3AEC.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [tmp5169] => wscript.exe //B "C:\Users\Kamil\AppData\Local\Temp\tmp5169.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [System32] => C:\Users\Kamil\AppData\Local\Temp\Client.exe [54272 2019-11-10] (word file) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [34d91dfb34a7283483d0aaba9d10147d] => C:\Users\Kamil\AppData\Local\Temp\Microsoft\svchost.exe [41472 2019-11-10] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [d620e348213b3bb3ba0246f26b9e96bc] => C:\Users\Kamil\AppData\Local\Temp\server.exe .. [24064 2020-01-08] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [85a1b87c506616a2e533f865475870fe] => C:\Users\Kamil\AppData\Local\Temp\Driver.exe .. [24064 2020-01-08] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [5395d531b1a96d36e1aed6f156c1abfc] => C:\Users\Kamil\AppData\Local\Temp\command.exe .. [24064 2020-01-08] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [270bc2a14df607672c960a7955ac47ec] => C:\Users\Kamil\AppData\Local\Temp\System64.exe .. [92160 2020-01-15] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [tmp7796] => wscript.exe //B "C:\Users\Kamil\AppData\Local\Temp\tmp7796.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [tmp44A5] => wscript.exe //B "C:\Users\Kamil\AppData\Local\Temp\tmp44A5.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [ef68944d54e8b4aa938a84cf943af21e] => C:\Users\Kamil\AppData\Local\Temp\sovx.exe .. [24064 2020-01-12] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [2d719acf32f95a0babd6cce10e7d02bd] => C:\ProgramData\wininit.exe .. [74240 2020-01-13] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [954275c2a385362432d4f13360ed1ff4] => C:\Users\Kamil\system.exe .. [85504 2020-01-13] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [1026470df5385af8d83ee7e2514c8469] => C:\Users\Kamil\AppData\Local\Temp\tmpC0B2.tmp.exe .. [45568 2020-01-13] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [cebb308efb152afa9b7e187490cc3a9a] => C:\Users\Kamil\svchost.exe .. [85504 2020-01-13] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [b79c121d18108351cf2b69076b3385be] => C:\Users\Kamil\AppData\Local\Temp\Secript.exe .. [119808 2020-01-13] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{10880D85-AAD9-4558-ABDC-2AB1552D831F}] -> C:\Program Files\Common Files\LightScribe\LSRunOnce.exe [2010-06-16] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-09] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1026470df5385af8d83ee7e2514c8469.exe [2020-01-13] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1998035b685796d01f79197bd5bee7fb.exe [2019-12-28] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\270bc2a14df607672c960a7955ac47ec.exe [2020-01-15] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2c7998d77330dbd296a15992ba62701a.exe [2019-12-28] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2d719acf32f95a0babd6cce10e7d02bd.exe [2020-01-13] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3933254291d429c757f15b8b22ecccf6.exe [2019-12-17] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3faffb3040aea7f7d7747271c38ce627.exe [2019-09-12] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8914f0ae732a4b8ccda2a57450603ccd.exe [2019-12-19] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\954275c2a385362432d4f13360ed1ff4.exe [2020-01-13] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cebb308efb152afa9b7e187490cc3a9a.exe [2020-01-13] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\d620e348213b3bb3ba0246f26b9e96bc.exe [2020-01-08] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.exe [2019-11-10] () [File not signed] <==== ATTENTION
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3AEC.tmp.vbs [2019-11-10] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp44A5.tmp.vbs [2020-01-10] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp5169.tmp.vbs [2019-11-10] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp7796.tmp.vbs [2020-01-09] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp79D8.tmp.vbs [2019-09-30] () [File not signed]
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\windows.vbs [2017-01-14] () [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0922236E-AFED-405F-96A5-56679736A1B7} - System32\Tasks\Driver Booster SkipUAC (Kamil) => C:\Program Files\IObit\Driver Booster\4.2.0\DriverBooster.exe
Task: {1744284E-D72B-4FB5-8F75-383DCA0AA80D} - System32\Tasks\{6D875A5B-0703-47AD-919B-1C85F19B83F0} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\TC UP\TC UP.exe" -d "C:\Program Files\TC UP"
Task: {28DE678F-CAA4-43CC-92FD-F915E0ABB696} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {32EAC19F-04CD-4F4A-966B-A0E20DCEA134} - System32\Tasks\sssssssss => C:\Users\Kamil\Music\nn.exe
Task: {3CCC4B84-C260-4A35-A8F4-4148C2BBE5A4} - System32\Tasks\System32 => C:\Users\Kamil\AppData\Local\Temp\Client.exe [54272 2019-11-10] (word file) [File not signed] <==== ATTENTION
Task: {679C185F-C174-41DA-B645-3EAAE5A7E7C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-28] (Google Inc -> Google Inc.)
Task: {718002DC-441E-45EF-A7D3-EC99CCC112D6} - System32\Tasks\{6A9A6746-189F-40E9-866D-A794DD628277} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\VideoDownloaderUltimateWinApp\Uninstall.exe
Task: {87A65AD8-152C-439B-B8F5-EB8507425E69} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_314_Plugin.exe [1457720 2020-01-15] (Adobe Inc. -> Adobe)
Task: {8E437444-E35F-4313-8BC8-91FD1DE2C911} - System32\Tasks\{2F53AFB3-BF87-41BA-9906-924B8988776D} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\VideoDownloaderUltimateWinApp\Uninstall.exe
Task: {8E4DD813-46BA-4117-A16C-34C045517E55} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-28] (Google Inc -> Google Inc.)
Task: {907DBFB6-690F-4BD0-9CF1-E8AE3E9867B1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3867848799-1210266518-3605795662-1000Core => C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {96CCE673-A4E1-48EE-8E1D-33CD41B8B1C4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3867848799-1210266518-3605795662-1000UA => C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {9D863C86-5BED-43A8-87BD-7F9DF0AFBE9D} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe [77824 2008-06-27] () [File not signed]
Task: {C713DE78-1CB1-46C1-BD1B-68B1E44966E9} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {E719B26C-D23E-4B45-A96D-B6635B79C680} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-15] (Adobe Inc. -> Adobe)
Task: {F05BF5B5-2F80-424B-9587-06EBEC1B3A25} - System32\Tasks\{F6C0A0DD-0931-4144-8E4C-FC5BD8DE0259} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\VideoDownloaderUltimateWinApp\Uninstall.exe
Task: {FDBB164E-D8D9-48CF-9F1B-AAB7909490AF} - System32\Tasks\{3AE4C49B-AF29-4392-8EA2-B09B36DB8B5F} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3867848799-1210266518-3605795662-1000Core.job => C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3867848799-1210266518-3605795662-1000UA.job => C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{7CE69006-A9F5-4F2A-9FC9-BA743A4AF9ED}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{D620EBB2-40AB-4CB4-B107-5F6BCF8B53C0}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\ProgramData\LangSoft\WebIE.dll [2016-12-29] () [File not signed]
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-12-31] (Oracle America, Inc. -> Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files\Bluetooth Suite\IEPlugIn.dll [2011-03-01] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-12-31] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2017-01-03] (Eyeo GmbH -> Eyeo GmbH)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Company -> Hewlett-Packard Co.)
Toolbar: HKLM - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll [2016-12-29] () [File not signed]
Handler: WSKVAllmytubechrome - No CLSID Value -
FireFox:
========
FF DefaultProfile: ht3jbfth.default-1368257689736
FF ProfilePath: C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736 [2020-01-15]
FF DownloadDir: C:\Users\Kamil\Downloads
FF Homepage: Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736 -> hxxp://www.google.sk/
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2017-02-02] [Legacy]
FF Extension: (Video Downloader professional) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\ffext_basicvideoext@startpage24.xpi [2018-10-13]
FF Extension: (YouTube mp3) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\info@youtube-mp3.org.xpi [2017-01-03] [Legacy]
FF Extension: (Translate This!) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi [2017-01-03] [Legacy]
FF Extension: (To Google Translate) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2019-12-30]
FF Extension: (Google™ Translator) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi [2017-01-01] [Legacy]
FF Extension: (Translator Widget) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\jid1-Gz4hrxvpY3RFJw@jetpack.xpi [2017-02-20] [Legacy]
FF Extension: (AdBlock) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2018-10-13]
FF Extension: (S3.Translator) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\s3google@translator.xpi [2018-10-13]
FF Extension: (Google Translator for Firefox) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\translator@zoli.bod.xpi [2019-12-14]
FF Extension: (Stylus Blue) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{11a41736-a1d5-4b1d-9cc3-983ed6a3ad30}.xpi [2019-03-21]
FF Extension: (walnut) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{192acb99-bee0-4373-9d46-09b18ad6fba9}.xpi [2019-03-28]
FF Extension: (Autumn Forest) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{46e6b376-15af-4ceb-8ac0-4820dd7e19d4}.xpi [2019-03-28]
FF Extension: (Grungedpaper) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{91ef5856-a93b-4a8a-b102-909b6f6865e9}.xpi [2019-03-21]
FF Extension: (rustic walnut) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{a91e51b1-7ed9-4087-8dce-4f1d42436be8}.xpi [2019-03-21]
FF Extension: (Video DownloadHelper) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-24]
FF Extension: (Online Translator Toolbar) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{BD4B37E6-7AE7-48d7-A2D7-6FF5775924AB}.xpi [2017-02-20] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-10-13]
FF Extension: (Spring and Swallows) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{decd5f4c-bc93-4cc3-a305-0221fa9420c7}.xpi [2019-03-28]
FF SearchPlugin: C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\searchplugins\bing-.xml [2016-12-25]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2017-07-12] [Legacy] [not signed]
FF HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_314.dll [2020-01-15] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-12-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-12-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-12-21] (Nokia -> )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default [2020-01-15]
CHR Extension: (Prekladač Google) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (Speed Test) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeghledigokaedmpimgnfplidhdhlchg [2017-12-12]
CHR Extension: (internet Download Manager For Chrome) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blhjobkfabeopalncconblmakfcllmhk [2017-09-24]
CHR Extension: (YouTube) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-18]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-30]
CHR Extension: (Google Search) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-18]
CHR Extension: (S3.Translator) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\debnnjfbneojbmioajinefnflopdohjk [2019-12-15]
CHR Extension: (Social Network Adblocker) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmgjckeibmdfndlflobjhddhmemajjld [2018-11-22]
CHR Extension: (Translate Selected Text) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbimffnjoeobhjhochngikepgfejjmgj [2017-06-24]
CHR Extension: (uBlock Adblock Plus) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdecnmmdccnkogcidionikojplkjfgie [2017-07-11]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-19]
CHR Extension: (Zoom for Google Chrome) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajondecmobodlejlcjllhojikagldgd [2019-12-31]
CHR Extension: (Skype) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-12]
CHR Extension: (Video DownloadHelper) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2019-06-26]
CHR Extension: (Kontrola pošty Google) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-03-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-08]
CHR Extension: (Hover Zoom+) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pccckmaobkjjboncdfnnofkonhgpceea [2019-10-08]
CHR Extension: (Gmail) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
CHR Profile: C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-15]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88136 2019-09-10] (Adobe Inc. -> Adobe Systems)
R2 AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [72864 2011-03-01] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
R2 DUMeterSvc; C:\Program Files\DU Meter\DUMeterSvc.exe [1382672 2007-10-15] (Hagel Technologies Ltd -> Hagel Technologies Ltd) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2010-06-16] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2905656 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2018360 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2012-04-19] (Even Balance, Inc. -> )
R3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14155832 2020-01-06] (Adlice -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [11944 2017-03-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)
S3 ATHDFU; C:\Windows\System32\Drivers\AthDfu.sys [43680 2011-03-01] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2020-01-08] (Tages SA -> )
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47504 2017-03-28] (IVT CORPORATION -> IVT Corporation.)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [26024 2009-12-17] (Elaborate Bytes AG -> Elaborate Bytes AG)
R3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [51328 2017-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [71552 2017-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [92032 2007-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-03-12] (Martin Malik - REALiX -> REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2020-01-08] (Tages SA -> )
S3 nmwcd; C:\Windows\System32\drivers\ccdcmb.sys [18560 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbo.sys [23168 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [137600 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2015-08-21] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27704 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [50744 2016-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfd.sys [19072 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 Ser2plx86; C:\Windows\System32\DRIVERS\ser2pl.sys [171072 2016-10-06] (WDKTestCert charles-yeh,131069736795923936 -> Prolific Technology Inc.)
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [685816 2012-04-19] (Duplex Secure Ltd -> Duplex Secure Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [24688 2020-01-15] (Adlice -> )
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R1 VD_FileDisk; C:\Windows\System32\Drivers\VD_FileDisk.sys [15872 2006-01-13] (Flint Incorporation) [File not signed]
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam.sys [20256 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 WsAudioDevice_383; C:\Windows\System32\drivers\WsAudioDevice_383.sys [25632 2016-02-29] (Wondershare Software Co., Ltd. -> Wondershare)
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-15 12:25 - 2020-01-15 12:26 - 000042742 _____ C:\Users\Kamil\Desktop\FRST.txt
2020-01-15 12:25 - 2020-01-15 12:26 - 000000000 ____D C:\FRST
2020-01-15 12:25 - 2020-01-15 12:25 - 002303488 ___SH (Farbar) C:\Users\Kamil\Desktop\._cache_FRST.exe
2020-01-15 12:21 - 2020-01-15 12:19 - 003077632 _____ (Synaptics) C:\Users\Kamil\Desktop\FRST.exe
2020-01-15 12:19 - 2020-01-15 12:19 - 003077632 ____N (Synaptics) C:\Users\Kamil\Downloads\FRST.exe
2020-01-15 12:09 - 2020-01-15 12:09 - 000001005 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-01-15 12:09 - 2020-01-15 12:09 - 000001005 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2020-01-15 12:02 - 2020-01-15 12:06 - 046292096 _____ (Adlice Software ) C:\Users\Kamil\Downloads\RogueKiller_setup.exe
2020-01-15 11:19 - 2020-01-15 11:19 - 000000000 ____D C:\ESD
2020-01-15 11:16 - 2020-01-15 11:44 - 020028928 ____N (Synaptics) C:\Users\Kamil\Downloads\MediaCreationTool1909.exe
2020-01-15 11:16 - 2020-01-15 11:16 - 000000000 ___HD C:\$Windows.~WS
2020-01-15 11:16 - 2020-01-15 11:16 - 000000000 ____D C:\$WINDOWS.~BT
2020-01-15 11:06 - 2020-01-15 11:44 - 006279168 ____N (Synaptics) C:\Users\Kamil\Downloads\eset_nod32_antivirus_live_installer (1).exe
2020-01-15 11:01 - 2020-01-15 11:05 - 006279168 ____N (Synaptics) C:\Users\Kamil\Downloads\eset_nod32_antivirus_live_installer(1).exe
2020-01-15 10:59 - 2020-01-15 11:05 - 006279168 ____N (Synaptics) C:\Users\Kamil\Downloads\eset_nod32_antivirus_live_installer.exe
2020-01-13 13:59 - 2020-01-13 13:59 - 000085504 _____ C:\Users\Kamil\svchost.exe
2020-01-13 13:48 - 2020-01-13 13:48 - 000085504 _____ C:\Users\Kamil\system.exe
2020-01-13 13:44 - 2020-01-13 13:44 - 000074240 _____ C:\ProgramData\wininit.exe
2020-01-08 20:50 - 2020-01-08 20:50 - 050540001 ___SH C:\Users\Kamil\Desktop\._cache_An1404.exe
2020-01-08 20:12 - 2020-01-08 20:12 - 000000000 ____D C:\ProgramData\Tages
2020-01-08 20:11 - 2020-01-08 20:11 - 000281760 _____ C:\Windows\system32\Drivers\atksgt.sys
2020-01-08 20:11 - 2020-01-08 20:11 - 000025888 _____ C:\Windows\system32\Drivers\lirsgt.sys
2020-01-08 20:11 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2020-01-08 20:11 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2020-01-08 20:11 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2020-01-08 20:11 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2020-01-08 20:11 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2020-01-08 20:11 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2020-01-08 20:11 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2020-01-08 20:11 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2020-01-08 20:11 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2020-01-08 20:11 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2020-01-08 20:11 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2020-01-08 20:11 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2020-01-08 20:11 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2020-01-08 20:11 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2020-01-08 20:11 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2020-01-08 20:11 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2020-01-08 20:11 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2020-01-08 20:11 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2020-01-08 20:11 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2020-01-08 20:11 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2020-01-08 20:11 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2020-01-08 20:11 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2020-01-08 20:11 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2020-01-08 20:11 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2020-01-08 20:11 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2020-01-08 20:11 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2020-01-08 20:11 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2020-01-08 20:11 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2020-01-08 20:11 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2020-01-08 20:11 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2020-01-08 20:11 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2020-01-08 20:11 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2020-01-08 20:11 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2020-01-08 20:11 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2020-01-08 20:11 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2020-01-08 20:11 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2020-01-08 20:11 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2020-01-08 20:11 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2020-01-08 20:11 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2020-01-08 20:11 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2020-01-08 20:11 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2020-01-08 20:11 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2020-01-08 20:11 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2020-01-08 20:11 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2020-01-08 20:11 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2020-01-08 20:11 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2020-01-08 20:11 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2020-01-08 20:11 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2020-01-08 20:11 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2020-01-08 20:11 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2020-01-08 20:11 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2020-01-08 20:11 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2020-01-08 20:08 - 2020-01-08 20:08 - 000000000 ____D C:\Program Files\Ubisoft
2020-01-07 13:25 - 2020-01-07 13:25 - 000054842 _____ C:\Users\Kamil\Downloads\3620003683.pdf
2019-12-31 12:40 - 2019-12-31 12:40 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Sun
2019-12-31 12:40 - 2019-12-31 12:40 - 000000000 ____D C:\Program Files\Common Files\Java
2019-12-31 12:39 - 2019-12-31 12:39 - 000112696 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2019-12-31 12:39 - 2019-12-31 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-12-31 12:39 - 2019-12-31 12:39 - 000000000 ____D C:\Program Files\Java
2019-12-31 12:39 - 2019-12-31 12:39 - 000000000 ____D C:\Program Files\Common Files\Oracle
2019-12-17 16:08 - 2019-12-17 16:13 - 001590784 ____N (Synaptics) C:\Users\Kamil\Downloads\VideoDownloader-[1463353425.1576595305,691,yt-bcnWysA9gxo,,].exe
2019-12-16 11:12 - 2019-12-16 11:12 - 000000173 _____ C:\Users\Kamil\Desktop\Jednota.txt
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-15 12:11 - 2015-03-21 10:07 - 000024688 _____ C:\Windows\system32\Drivers\truesight.sys
2020-01-15 12:09 - 2015-08-27 23:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-01-15 12:09 - 2015-08-27 23:54 - 000000000 ____D C:\Program Files\RogueKiller
2020-01-15 12:09 - 2015-03-21 10:07 - 000000000 ____D C:\ProgramData\RogueKiller
2020-01-15 11:59 - 2016-12-13 15:38 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Mozilla
2020-01-15 11:56 - 2010-11-20 22:01 - 000008582 _____ C:\Windows\system32\PerfStringBackup.INI
2020-01-15 11:50 - 2009-07-14 05:34 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-01-15 11:50 - 2009-07-14 05:34 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-01-15 11:44 - 2019-03-22 07:33 - 000000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2020-01-15 11:44 - 2019-03-22 07:33 - 000000035 _____ C:\ProgramData\Documents\AtherosServiceConfig.ini
2020-01-15 11:43 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-15 11:39 - 2012-04-18 19:27 - 000000946 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3867848799-1210266518-3605795662-1000UA.job
2020-01-15 11:16 - 2012-04-18 19:19 - 000000000 ____D C:\Windows\Panther
2020-01-15 11:05 - 2019-09-19 15:38 - 000000000 __SHD C:\Users\Kamil\AppData\Roaming\WinSl
2020-01-15 11:05 - 2017-04-25 11:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-15 11:05 - 2017-03-29 04:36 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2020-01-15 11:05 - 2012-04-18 19:27 - 000000894 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3867848799-1210266518-3605795662-1000Core.job
2020-01-15 10:58 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2020-01-15 09:18 - 2018-03-13 23:18 - 000004462 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-15 09:18 - 2012-07-19 15:59 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2020-01-15 09:18 - 2012-07-19 15:59 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2020-01-15 09:18 - 2012-07-19 15:59 - 000004312 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-01-15 09:18 - 2012-07-19 15:59 - 000000000 ____D C:\Windows\system32\Macromed
2020-01-13 13:59 - 2012-04-18 18:26 - 000000000 ____D C:\Users\Kamil
2020-01-12 13:34 - 2012-04-19 15:22 - 000183112 _____ C:\Windows\system32\PnkBstrB.exe
2020-01-12 13:34 - 2012-04-19 15:22 - 000138184 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2020-01-09 05:25 - 2017-03-28 16:19 - 000002182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-08 20:53 - 2012-04-18 18:32 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2020-01-08 20:53 - 2009-07-14 05:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2020-01-04 06:05 - 2014-11-25 19:35 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2020-01-03 14:11 - 2018-07-13 13:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-01-02 16:06 - 2016-06-26 05:21 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\vlc
2020-01-01 11:45 - 2013-03-21 20:27 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Thunderbird
2019-12-31 16:16 - 2012-05-28 10:02 - 000000000 ____D C:\Program Files\JDownloader
2019-12-28 11:20 - 2019-09-12 11:22 - 000024064 _____ C:\Users\Kamil\AppData\Roaming\explorer.exe
2019-12-19 17:18 - 2017-04-25 13:33 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-19 09:02 - 2013-04-02 16:25 - 000001414 _____ C:\Users\Kamil\Desktop\Heslo.txt
2019-12-17 17:01 - 2013-03-14 09:16 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\PC Suite
2019-12-17 16:13 - 2019-09-19 15:37 - 000024064 _____ C:\Users\Kamil\AppData\Roaming\system32.exe
2019-12-17 15:47 - 2013-03-28 06:30 - 000000000 ____D C:\Users\Kamil\dwhelper
==================== Files in the root of some directories ========
2020-01-13 13:44 - 2020-01-13 13:44 - 000074240 _____ () C:\ProgramData\wininit.exe
2020-01-13 13:59 - 2020-01-13 13:59 - 000085504 _____ () C:\Users\Kamil\svchost.exe
2020-01-13 13:48 - 2020-01-13 13:48 - 000085504 _____ () C:\Users\Kamil\system.exe
2019-09-20 06:14 - 2019-08-10 13:37 - 000018184 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-file-l1-2-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018184 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-file-l2-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000020744 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-localization-l1-2-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-processthreads-l1-1-1.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-synch-l1-2-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-timezone-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000022280 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-convert-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-environment-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000020232 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-filesystem-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000019208 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-heap-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-locale-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000028936 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-math-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000026376 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-multibyte-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000022792 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-runtime-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000024328 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-stdio-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000024328 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-string-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000020744 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-time-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-utility-l1-1-0.dll
2019-09-12 11:22 - 2019-12-28 11:20 - 000024064 _____ () C:\Users\Kamil\AppData\Roaming\explorer.exe
2019-09-20 06:14 - 2019-08-10 13:37 - 000453416 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\msvcp140.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 002696736 _____ (Mozilla Foundation) C:\Users\Kamil\AppData\Roaming\nss3.dll
2019-09-12 12:34 - 2019-09-12 12:34 - 000471040 ____H () C:\Users\Kamil\AppData\Roaming\svchost.exe
2019-09-19 15:37 - 2019-12-17 16:13 - 000024064 _____ () C:\Users\Kamil\AppData\Roaming\system32.exe
2019-09-20 06:14 - 2019-08-10 13:37 - 001172232 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\ucrtbase.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000082752 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\vcruntime140.dll
2019-08-18 17:41 - 2019-09-07 10:52 - 000032627 ___SH () C:\Users\Kamil\AppData\Roaming\windows.vbs
2015-10-27 18:05 - 2016-12-21 06:39 - 000057344 _____ () C:\Users\Kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-20 14:11 - 2018-12-20 14:11 - 000002404 _____ () C:\Users\Kamil\AppData\Local\recently-used.xbel
2016-07-22 16:35 - 2019-03-11 09:47 - 000007622 _____ () C:\Users\Kamil\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-01-08 10:19
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-01-2020
Ran by Kamil (15-01-2020 12:27:07)
Running from C:\Users\Kamil\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2012-04-18 17:26:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3867848799-1210266518-3605795662-500 - Administrator - Disabled)
Guest (S-1-5-21-3867848799-1210266518-3605795662-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3867848799-1210266518-3605795662-1002 - Limited - Enabled)
Kamil (S-1-5-21-3867848799-1210266518-3605795662-1000 - Administrator - Enabled) => C:\Users\Kamil
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (HKLM\...\{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}) (Version: 6.1.1 - Hewlett-Packard) Hidden
Adblock Plus pre IE (32-bitová verzia) (HKLM\...\{1C4B00CA-AA30-4A84-9BC0-1F4B52CB8A0A}) (Version: 1.6 - Eyeo GmbH)
Adobe Acrobat Reader DC - Slovak (HKLM\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.314 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.314 - Adobe)
AIDA64 Extreme Edition v2.30 (HKLM\...\AIDA64 Extreme Edition_is1) (Version: 2.30 - FinalWire Ltd.)
Aimersoft Helper Compact 2.5.1 (HKLM\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.1 - Aimersoft)
AIMP (HKLM\...\AIMP) (Version: v4.11.1841, 09.10.2016 - AIMP DevTeam)
Aktualizácie NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Any DVD Converter Professional 4.0.3 (HKLM\...\Any DVD Converter Professional_is1) (Version: - Any-DVD-Converter.com)
Apowersoft Online Launcher version 1.4.6 (HKLM\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.4.6 - APOWERSOFT LIMITED)
Apowersoft Video Konvertor V4.5.9 (HKLM\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.5.9 - APOWERSOFT LIMITED)
Apowersoft Video Stahovač V6.4.6 (HKLM\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.4.6 - APOWERSOFT LIMITED)
Ashampoo Burning Studio 10 v.10.0.15 (HKLM\...\Ashampoo Burning Studio 10_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
ASUS Bluetooth Suite (HKLM\...\{101A497C-7EF6-4001-834D-E5FA1C70FEFA}) (Version: 7.02.000.60 - ASUS Communications)
ASUS nVidia Driver (HKLM\...\{1A1FA4C1-2701-401C-8CE1-FDDE45304FF5}) (Version: 1.00.0000 - ASUSTek) Hidden
BS.Player PRO (HKLM\...\BSPlayerp) (Version: 2.61.1065 - AB Team, d.o.o.)
BufferChm (HKLM\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
C4600 (HKLM\...\{9E0E1E3B-229C-4CF9-8A39-4455477327E4}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
C4600_NCL_Help (HKLM\...\{F39AB038-876C-4FAE-8D40-6A21632BF92D}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.19 - Piriform)
Destinations (HKLM\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Dolby Home Theater v4 (HKLM\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
DU Meter (HKLM\...\DUMeter3_is1) (Version: 4.0 Build R3009 - Hagel Technologies Ltd)
Etron USB3.0 Host Controller (HKLM\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.104 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.104 - Etron Technology)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
GPBaseService2 (HKLM\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden
HD Tune Pro 5.00 (HKLM\...\HD Tune Pro_is1) (Version: - EFD Software)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart C4600 All-In-One Driver Software 14.0 Rel. 5 (HKLM\...\{1E1746EF-F5BF-4677-8F30-04FE399130DA}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (HKLM\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden
Java 8 Update 231 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Jewel Quest III (HKLM\...\{34AF0799-8123-41BA-885A-BDEB157607F9}) (Version: 1.0.0 - LeeGTs Games)
LightScribe System Software (HKLM\...\{07E49BC1-24FF-4D7A-AC74-727BE95801AF}) (Version: 1.18.16.1 - LightScribe)
LightScribe Template Labeler (HKLM\...\{43523FEF-9D8E-4572-BB11-0E914D366E0A}) (Version: 1.18.15.1 - LightScribe)
MarketResearch (HKLM\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
MediaCoder 2011 (HKLM\...\MediaCoder) (Version: 2011 - Broad Intelligence)
MediaInfo 0.7.48 (HKLM\...\MediaInfo) (Version: 0.7.48 - MediaArea.net)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Encarta World Atlas 1998 Edition (HKLM\...\Encarta Virtual Globe 3.0) (Version: - )
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mobile Connect (HKLM\...\{3EAAC5FD-E209-4856-8C49-D4EA40F85032}) (Version: 1.00.0000 - Huawei technologies)
Mozilla Firefox 72.0.1 (x86 sk) (HKLM\...\Mozilla Firefox 72.0.1 (x86 sk)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.1.7311 - Mozilla)
Mozilla Thunderbird 68.3.1 (x86 cs) (HKLM\...\Mozilla Thunderbird 68.3.1 (x86 cs)) (Version: 68.3.1 - Mozilla)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Need for Speed™ Undercover (HKLM\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts)
Nokia Connectivity Cable Driver (HKLM\...\{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}) (Version: 7.1.101.0 - Nokia)
Nokia Suite (HKLM\...\{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}) (Version: 3.7.22.0 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.7.22.0 - Nokia)
NVIDIA 3D Vision radič ovládača 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Opera 11.51 (HKLM\...\Opera 11.51.1087) (Version: 11.51.1087 - Opera Software ASA)
Ovládací panel NVIDIA 353.62 (HKLM\...\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 353.62 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM\...\{6B722793-E77B-41F5-BAB3-6C9832274E75}) (Version: 12.0.76.0 - Nokia)
Počítačový prístup k internetu Nokia (HKLM\...\{653A52D8-127C-476D-BAD9-27117A3A4959}) (Version: 2.0.1.3 - Nokia) Hidden
Počítačový prístup k internetu Nokia (HKLM\...\Nokia PC Internet Access) (Version: 2.0.1.3 - Nokia)
PS_AIO_05_C4600_Software_Min (HKLM\...\{1CA3A991-B03D-4C92-9922-315E5434E87B}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
QuickTransfer (HKLM\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6433 - Realtek Semiconductor Corp.)
RogueKiller version 14.0.4.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.0.4.0 - Adlice Software)
Scan (HKLM\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.80.000 - Hewlett-Packard) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verzia 8.55 (HKLM\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.)
SmartWebPrinting (HKLM\...\{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}) (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM\...\{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}) (Version: 140.0.213.000 - Hewlett-Packard) Hidden
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Status (HKLM\...\{2FB9EA69-51D4-4913-9AD5-762C034DE811}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: - )
Toolbox (HKLM\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total Commander Ultima Prime 4.5.0.0 (HKLM\...\TC UP) (Version: 4.5.0.0 - ULTIMA PRIME)
TrayApp (HKLM\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
UmmyVideoDownloader (HKLM\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.7.2.4 - ) <==== ATTENTION
Uninstall DS Clock (HKLM\...\DS Clock_is1) (Version: 1.5 - Duality Software)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UsbFix (HKLM\...\Usbfix) (Version: 9.001 - http://www.SOSVirus.Net)
VdhCoApp 1.3.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Video Fixer 3.23 (HKLM\...\Video Fixer 3.23_is1) (Version: - video-fixer Inc.)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WebReg (HKLM\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-10-14] (Artem Izmaylov -> AIMP DevTeam) [File not signed]
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files\Bluetooth Suite\BtvAppExt.dll [2011-03-01] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers1: [TCUPShellExt] -> {544F5441-4C43-4D44-5550-5348454C4C00} => C:\Program Files\TC UP\PLUGINS\Library\TCUPShellExt.dll [2008-01-30] () [File not signed]
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () [File not signed]
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files\Bluetooth Suite\ShellContextExt.dll [2011-03-01] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-10-14] (Artem Izmaylov -> AIMP DevTeam) [File not signed]
ContextMenuHandlers4: [TCUPShellExt] -> {544F5441-4C43-4D44-5550-5348454C4C00} => C:\Program Files\TC UP\PLUGINS\Library\TCUPShellExt.dll [2008-01-30] () [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UmmyVideoDownloader\Help\ђусский.lnk -> C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\help\Ummy_rus.pdf () <==== Cyrillic
==================== Loaded Modules (Whitelisted) =============
2012-12-21 15:29 - 2012-12-21 15:29 - 000110080 _____ () [File not signed] C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll
2008-01-30 18:08 - 2008-01-30 18:08 - 000160256 _____ () [File not signed] C:\Program Files\TC UP\PLUGINS\Library\TCUPShellExt.dll
2012-04-18 19:46 - 2011-03-02 11:40 - 000140288 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2016-12-29 22:14 - 2016-12-29 22:15 - 000798771 _____ () [File not signed] C:\ProgramData\LangSoft\WebIE.dll
2019-09-19 15:38 - 2019-09-19 15:38 - 000287744 _____ () [File not signed] C:\ProgramData\Synaptics\libeay32.dll
2019-09-19 15:38 - 2019-09-19 15:38 - 000063488 _____ () [File not signed] C:\ProgramData\Synaptics\ssleay32.dll
2019-09-23 07:23 - 2020-01-15 11:44 - 000015360 ___SH () [File not signed] C:\ProgramData\Synaptics\XSynaptics.dll
2015-08-13 16:13 - 2016-10-14 19:34 - 001317960 _____ (Artem Izmaylov -> AIMP DevTeam) [File not signed] C:\Program Files\AIMP3\System\aimp_menu32.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000064672 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\AthCopyHook.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000033440 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BPP.DLL
2011-03-01 15:42 - 2011-03-01 15:42 - 000037024 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BTBIP.DLL
2011-03-01 15:42 - 2011-03-01 15:42 - 000040096 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtFileStore.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000036000 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtFileStoreOpp.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000158880 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtObexFt.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000158880 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BTOBEXOP.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000154784 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtvAppExt.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000072864 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\goep.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000076960 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\GOEP_bpp.DLL
2011-03-01 15:43 - 2011-03-01 15:43 - 000072864 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\GOEP_SINGLE.DLL
2011-03-01 15:43 - 2011-03-01 15:43 - 000076960 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\Handsfree.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000101536 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\L2capLib.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000879776 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\OutLookLib.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000072864 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\RfcommLib.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000244384 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\ShellContextExt.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000068768 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\Sync.dll
2013-03-24 03:04 - 2007-10-15 15:18 - 000395264 _____ (Hagel Technologies Ltd) [File not signed] C:\Program Files\DU Meter\sqlite3.dll
2009-11-18 03:42 - 2009-11-18 03:42 - 000253568 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpqcxs08.dll
2009-11-18 03:16 - 2009-11-18 03:16 - 000217728 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpqddcmn.dll
2009-11-18 03:16 - 2009-11-18 03:16 - 000137344 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpqddsvc.dll
2010-06-16 12:45 - 2010-06-16 12:45 - 000033792 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSLog.dll
2010-06-16 12:45 - 2010-06-16 12:45 - 000110592 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
2008-12-03 19:05 - 2008-12-03 19:05 - 000044544 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2008-12-03 19:05 - 2008-12-03 19:05 - 000053760 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2012-12-21 15:30 - 2012-12-21 15:30 - 000599552 _____ (Igor Pavlov) [File not signed] C:\Program Files\Nokia\Nokia Suite\7z.DLL
2013-08-17 08:15 - 2013-08-17 08:15 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2013-08-17 08:16 - 2013-08-17 08:16 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2012-12-21 15:28 - 2012-12-21 15:28 - 001106944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Nokia\Nokia Suite\libeay32.DLL
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84 [127]
AlternateDataStreams: C:\ProgramData\TEMP:A8ADE5D8 [230]
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2 [148]
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8 [324]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2009-06-10 22:39 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\PC Connectivity Solution\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TC UP\PLUGINS\Library;C:\Program Files\VDownloader;C:\Program Files\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
MSCONFIG\startupreg: AthBtTray => "C:\Program Files\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: D: =>
MSCONFIG\startupreg: DU Meter => C:\Program Files\DU Meter\DUMeter.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: NokiaPCInternetAccess => "C:\Program Files\Nokia\PC Internet Access\NPCIA.exe" /b
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{FE7AC9CF-3561-47A5-B99A-69042B495B0B}] => (Allow) C:\Program Files\Opera\opera.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{D7A9353B-05AF-41BB-AEC5-24E5A30E4BC9}] => (Allow) C:\Program Files\Opera\opera.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{F388A335-B65D-4EB0-9F4E-867A81A8DEB5}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe (Nokia -> Nokia)
FirewallRules: [{F60AC1A0-B039-4980-A08A-FC770460757C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CB4E05BA-042A-4CCE-985A-2842E3FD6740}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A1B9D84F-D9C4-4F69-B7A7-8123CB72A58F}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BC115943-2074-4D67-86FD-304E973A8A07}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{077124A8-39E9-4C48-8F68-258E5426535D}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{01E3A908-8988-414D-8EFA-76B4264EEF93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{41A4F2EE-D814-434F-8059-6EEFE13045E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DBF38C8D-71CE-41FE-8CC7-D3F53D63EEB2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E5C6334B-DDA4-4EBB-B509-0C3D816A18A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8E0A802B-A8DE-4DAB-BC8C-BDF2CF4E4A93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{E9B6AD04-798C-4BA7-88B4-C0D397E9A1DF}C:\users\kamil\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\kamil\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{AA1B92BD-0FF8-4665-88C0-3C0AA70918D8}C:\users\kamil\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\kamil\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{73ACB86A-9ACB-49D1-B939-813CC1D16D71}] => (Allow) C:\Users\Kamil\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{598C2D51-05EE-4313-AB37-D8A4FE4BD351}] => (Allow) C:\Users\Kamil\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{CE6E99D3-D187-4BEE-9211-1ECBA00A910C}] => (Allow) C:\Users\Kamil\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{89DD17C6-9B3B-4FD2-922E-092D68856D3E}] => (Allow) C:\Users\Kamil\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{649C8FDF-A5D3-4B69-872E-79D05B54C656}] => (Allow) C:\Program Files\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{39CC2FED-E291-4825-9D17-04FD47F52A69}] => (Allow) C:\Program Files\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{B565FEC6-4AA6-43CC-BDAD-4765CE2475B9}] => (Allow) C:\Users\Kamil\AppData\Roaming\skype.exe No File
FirewallRules: [{7746F667-6FC9-48F5-9DF3-96B8BE3FB5D6}] => (Allow) C:\Users\Kamil\AppData\Roaming\skype.exe No File
FirewallRules: [{D4BFA56F-42DD-4729-BC10-7F5D568A0415}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{9834E6EE-D943-4C3F-9CD6-C5E22428B2BF}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{2913477A-8313-4412-AD83-EB90BE61B927}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{FC95DE93-382E-401E-B9FA-CA5E3763026C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{7BB1B054-2824-446D-BB61-56609EB37AC1}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{9CA61943-BBAE-4F24-BD93-D07CD82E5626}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{D416DD57-4189-4309-A68B-043B1EBC022C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{713C67D3-8693-4AA7-BB8A-46A238724BF3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{44BA0745-1436-49E9-8F46-E07661FD8C6F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard) [File not signed]
FirewallRules: [{A5A5FD06-C66B-479C-99FB-3C34745CB483}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{B4549B05-C21C-45C1-88DA-2CC7C746D3FA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{68C9AE4C-A7AF-4990-A530-B0F3E2C70A02}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{50C54499-3900-4437-B5EF-F0DC696F7BEA}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe (Hewlett-Packard Company -> Hewlett-Packard Co.)
FirewallRules: [{F5E00402-58D3-4984-BA38-A7262B7E42BE}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{07E7C946-C6CD-4426-84E6-E45A85CFD3D4}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{05BB745C-4079-4C1E-BAA2-EF970F6B72C0}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [{B183860A-0B39-4E91-A072-E790550A4384}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [TCP Query User{99526F96-7CEF-41F3-A3BB-3A070F596371}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [UDP Query User{551B6C6C-542A-4C44-BE40-E9F34A859164}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [{770CBAE4-EE3F-4386-A4FC-E50CA29E48FD}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D1614519-6472-4369-82DD-332040705988}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DC265BB4-0A03-4C18-AF94-584A889A38FB}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
08-01-2020 20:11:02 Installed DirectX
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/15/2020 11:56:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is WMI Objects. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
Error: (01/15/2020 11:56:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (01/15/2020 11:45:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/15/2020 11:36:05 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is WMI Objects. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
Error: (01/15/2020 11:36:05 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (01/15/2020 11:07:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/15/2020 11:06:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is WMI Objects. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
Error: (01/15/2020 11:06:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
System errors:
=============
Error: (01/15/2020 11:56:31 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WMI Performance Adapter bola ukončená s nasledujúcou chybou:
Neznáma chyba
Error: (01/15/2020 11:43:43 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
sptd
Error: (01/15/2020 11:43:25 AM) (Source: sptd) (EventID: 4) (User: )
Description: Driver detected an internal error in its data structures for .
Error: (01/15/2020 11:36:08 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WMI Performance Adapter bola ukončená s nasledujúcou chybou:
Neznáma chyba
Error: (01/15/2020 11:06:33 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WMI Performance Adapter bola ukončená s nasledujúcou chybou:
Neznáma chyba
Error: (01/15/2020 11:05:22 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
sptd
Error: (01/15/2020 11:05:03 AM) (Source: sptd) (EventID: 4) (User: )
Description: Driver detected an internal error in its data structures for .
Error: (01/15/2020 09:58:30 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WMI Performance Adapter bola ukončená s nasledujúcou chybou:
Neznáma chyba
==================== Memory info ===========================
BIOS: Award Software International, Inc. F9 10/13/2011
Motherboard: Gigabyte Technology Co., Ltd. GA-990XA-UD3
Processor: AMD Phenom(tm) II X6 1045T Processor
Percentage of memory in use: 85%
Total physical RAM: 3069.24 MB
Available physical RAM: 445.08 MB
Total Virtual: 6136.77 MB
Available Virtual: 1913.65 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:107.42 GB) (Free:37.53 GB) NTFS
Drive d: () (Fixed) (Total:1289.74 GB) (Free:22.11 GB) NTFS
\\?\Volume{bacf6a23-897a-11e1-a07a-806e6f6e6963}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1397.3 GB) (Disk ID: 809EDEEA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=107.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1289.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-01-2020
Ran by Kamil (15-01-2020 12:27:07)
Running from C:\Users\Kamil\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2012-04-18 17:26:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3867848799-1210266518-3605795662-500 - Administrator - Disabled)
Guest (S-1-5-21-3867848799-1210266518-3605795662-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3867848799-1210266518-3605795662-1002 - Limited - Enabled)
Kamil (S-1-5-21-3867848799-1210266518-3605795662-1000 - Administrator - Enabled) => C:\Users\Kamil
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (HKLM\...\{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}) (Version: 6.1.1 - Hewlett-Packard) Hidden
Adblock Plus pre IE (32-bitová verzia) (HKLM\...\{1C4B00CA-AA30-4A84-9BC0-1F4B52CB8A0A}) (Version: 1.6 - Eyeo GmbH)
Adobe Acrobat Reader DC - Slovak (HKLM\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.314 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.314 - Adobe)
AIDA64 Extreme Edition v2.30 (HKLM\...\AIDA64 Extreme Edition_is1) (Version: 2.30 - FinalWire Ltd.)
Aimersoft Helper Compact 2.5.1 (HKLM\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.1 - Aimersoft)
AIMP (HKLM\...\AIMP) (Version: v4.11.1841, 09.10.2016 - AIMP DevTeam)
Aktualizácie NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Any DVD Converter Professional 4.0.3 (HKLM\...\Any DVD Converter Professional_is1) (Version: - Any-DVD-Converter.com)
Apowersoft Online Launcher version 1.4.6 (HKLM\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.4.6 - APOWERSOFT LIMITED)
Apowersoft Video Konvertor V4.5.9 (HKLM\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.5.9 - APOWERSOFT LIMITED)
Apowersoft Video Stahovač V6.4.6 (HKLM\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.4.6 - APOWERSOFT LIMITED)
Ashampoo Burning Studio 10 v.10.0.15 (HKLM\...\Ashampoo Burning Studio 10_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
ASUS Bluetooth Suite (HKLM\...\{101A497C-7EF6-4001-834D-E5FA1C70FEFA}) (Version: 7.02.000.60 - ASUS Communications)
ASUS nVidia Driver (HKLM\...\{1A1FA4C1-2701-401C-8CE1-FDDE45304FF5}) (Version: 1.00.0000 - ASUSTek) Hidden
BS.Player PRO (HKLM\...\BSPlayerp) (Version: 2.61.1065 - AB Team, d.o.o.)
BufferChm (HKLM\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
C4600 (HKLM\...\{9E0E1E3B-229C-4CF9-8A39-4455477327E4}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
C4600_NCL_Help (HKLM\...\{F39AB038-876C-4FAE-8D40-6A21632BF92D}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.19 - Piriform)
Destinations (HKLM\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Dolby Home Theater v4 (HKLM\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
DU Meter (HKLM\...\DUMeter3_is1) (Version: 4.0 Build R3009 - Hagel Technologies Ltd)
Etron USB3.0 Host Controller (HKLM\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.104 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.104 - Etron Technology)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
GPBaseService2 (HKLM\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden
HD Tune Pro 5.00 (HKLM\...\HD Tune Pro_is1) (Version: - EFD Software)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart C4600 All-In-One Driver Software 14.0 Rel. 5 (HKLM\...\{1E1746EF-F5BF-4677-8F30-04FE399130DA}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (HKLM\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden
Java 8 Update 231 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Jewel Quest III (HKLM\...\{34AF0799-8123-41BA-885A-BDEB157607F9}) (Version: 1.0.0 - LeeGTs Games)
LightScribe System Software (HKLM\...\{07E49BC1-24FF-4D7A-AC74-727BE95801AF}) (Version: 1.18.16.1 - LightScribe)
LightScribe Template Labeler (HKLM\...\{43523FEF-9D8E-4572-BB11-0E914D366E0A}) (Version: 1.18.15.1 - LightScribe)
MarketResearch (HKLM\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
MediaCoder 2011 (HKLM\...\MediaCoder) (Version: 2011 - Broad Intelligence)
MediaInfo 0.7.48 (HKLM\...\MediaInfo) (Version: 0.7.48 - MediaArea.net)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Encarta World Atlas 1998 Edition (HKLM\...\Encarta Virtual Globe 3.0) (Version: - )
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mobile Connect (HKLM\...\{3EAAC5FD-E209-4856-8C49-D4EA40F85032}) (Version: 1.00.0000 - Huawei technologies)
Mozilla Firefox 72.0.1 (x86 sk) (HKLM\...\Mozilla Firefox 72.0.1 (x86 sk)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.1.7311 - Mozilla)
Mozilla Thunderbird 68.3.1 (x86 cs) (HKLM\...\Mozilla Thunderbird 68.3.1 (x86 cs)) (Version: 68.3.1 - Mozilla)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Need for Speed™ Undercover (HKLM\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts)
Nokia Connectivity Cable Driver (HKLM\...\{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}) (Version: 7.1.101.0 - Nokia)
Nokia Suite (HKLM\...\{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}) (Version: 3.7.22.0 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.7.22.0 - Nokia)
NVIDIA 3D Vision radič ovládača 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Opera 11.51 (HKLM\...\Opera 11.51.1087) (Version: 11.51.1087 - Opera Software ASA)
Ovládací panel NVIDIA 353.62 (HKLM\...\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 353.62 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM\...\{6B722793-E77B-41F5-BAB3-6C9832274E75}) (Version: 12.0.76.0 - Nokia)
Počítačový prístup k internetu Nokia (HKLM\...\{653A52D8-127C-476D-BAD9-27117A3A4959}) (Version: 2.0.1.3 - Nokia) Hidden
Počítačový prístup k internetu Nokia (HKLM\...\Nokia PC Internet Access) (Version: 2.0.1.3 - Nokia)
PS_AIO_05_C4600_Software_Min (HKLM\...\{1CA3A991-B03D-4C92-9922-315E5434E87B}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
QuickTransfer (HKLM\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6433 - Realtek Semiconductor Corp.)
RogueKiller version 14.0.4.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.0.4.0 - Adlice Software)
Scan (HKLM\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.80.000 - Hewlett-Packard) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verzia 8.55 (HKLM\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.)
SmartWebPrinting (HKLM\...\{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}) (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM\...\{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}) (Version: 140.0.213.000 - Hewlett-Packard) Hidden
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Status (HKLM\...\{2FB9EA69-51D4-4913-9AD5-762C034DE811}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: - )
Toolbox (HKLM\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total Commander Ultima Prime 4.5.0.0 (HKLM\...\TC UP) (Version: 4.5.0.0 - ULTIMA PRIME)
TrayApp (HKLM\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
UmmyVideoDownloader (HKLM\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.7.2.4 - ) <==== ATTENTION
Uninstall DS Clock (HKLM\...\DS Clock_is1) (Version: 1.5 - Duality Software)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UsbFix (HKLM\...\Usbfix) (Version: 9.001 - www.SOSVirus.Net)
VdhCoApp 1.3.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Video Fixer 3.23 (HKLM\...\Video Fixer 3.23_is1) (Version: - video-fixer Inc.)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WebReg (HKLM\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-10-14] (Artem Izmaylov -> AIMP DevTeam) [File not signed]
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files\Bluetooth Suite\BtvAppExt.dll [2011-03-01] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers1: [TCUPShellExt] -> {544F5441-4C43-4D44-5550-5348454C4C00} => C:\Program Files\TC UP\PLUGINS\Library\TCUPShellExt.dll [2008-01-30] () [File not signed]
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () [File not signed]
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files\Bluetooth Suite\ShellContextExt.dll [2011-03-01] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-10-14] (Artem Izmaylov -> AIMP DevTeam) [File not signed]
ContextMenuHandlers4: [TCUPShellExt] -> {544F5441-4C43-4D44-5550-5348454C4C00} => C:\Program Files\TC UP\PLUGINS\Library\TCUPShellExt.dll [2008-01-30] () [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UmmyVideoDownloader\Help\ђусский.lnk -> C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\help\Ummy_rus.pdf () <==== Cyrillic
==================== Loaded Modules (Whitelisted) =============
2012-12-21 15:29 - 2012-12-21 15:29 - 000110080 _____ () [File not signed] C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll
2008-01-30 18:08 - 2008-01-30 18:08 - 000160256 _____ () [File not signed] C:\Program Files\TC UP\PLUGINS\Library\TCUPShellExt.dll
2012-04-18 19:46 - 2011-03-02 11:40 - 000140288 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2016-12-29 22:14 - 2016-12-29 22:15 - 000798771 _____ () [File not signed] C:\ProgramData\LangSoft\WebIE.dll
2019-09-19 15:38 - 2019-09-19 15:38 - 000287744 _____ () [File not signed] C:\ProgramData\Synaptics\libeay32.dll
2019-09-19 15:38 - 2019-09-19 15:38 - 000063488 _____ () [File not signed] C:\ProgramData\Synaptics\ssleay32.dll
2019-09-23 07:23 - 2020-01-15 11:44 - 000015360 ___SH () [File not signed] C:\ProgramData\Synaptics\XSynaptics.dll
2015-08-13 16:13 - 2016-10-14 19:34 - 001317960 _____ (Artem Izmaylov -> AIMP DevTeam) [File not signed] C:\Program Files\AIMP3\System\aimp_menu32.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000064672 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\AthCopyHook.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000033440 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BPP.DLL
2011-03-01 15:42 - 2011-03-01 15:42 - 000037024 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BTBIP.DLL
2011-03-01 15:42 - 2011-03-01 15:42 - 000040096 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtFileStore.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000036000 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtFileStoreOpp.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000158880 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtObexFt.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000158880 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BTOBEXOP.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000154784 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtvAppExt.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000072864 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\goep.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000076960 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\GOEP_bpp.DLL
2011-03-01 15:43 - 2011-03-01 15:43 - 000072864 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\GOEP_SINGLE.DLL
2011-03-01 15:43 - 2011-03-01 15:43 - 000076960 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\Handsfree.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000101536 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\L2capLib.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000879776 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\OutLookLib.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000072864 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\RfcommLib.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000244384 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\ShellContextExt.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000068768 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\Sync.dll
2013-03-24 03:04 - 2007-10-15 15:18 - 000395264 _____ (Hagel Technologies Ltd) [File not signed] C:\Program Files\DU Meter\sqlite3.dll
2009-11-18 03:42 - 2009-11-18 03:42 - 000253568 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpqcxs08.dll
2009-11-18 03:16 - 2009-11-18 03:16 - 000217728 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpqddcmn.dll
2009-11-18 03:16 - 2009-11-18 03:16 - 000137344 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpqddsvc.dll
2010-06-16 12:45 - 2010-06-16 12:45 - 000033792 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSLog.dll
2010-06-16 12:45 - 2010-06-16 12:45 - 000110592 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
2008-12-03 19:05 - 2008-12-03 19:05 - 000044544 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2008-12-03 19:05 - 2008-12-03 19:05 - 000053760 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2012-12-21 15:30 - 2012-12-21 15:30 - 000599552 _____ (Igor Pavlov) [File not signed] C:\Program Files\Nokia\Nokia Suite\7z.DLL
2013-08-17 08:15 - 2013-08-17 08:15 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2013-08-17 08:16 - 2013-08-17 08:16 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2012-12-21 15:28 - 2012-12-21 15:28 - 001106944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Nokia\Nokia Suite\libeay32.DLL
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84 [127]
AlternateDataStreams: C:\ProgramData\TEMP:A8ADE5D8 [230]
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2 [148]
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8 [324]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2009-06-10 22:39 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\PC Connectivity Solution\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TC UP\PLUGINS\Library;C:\Program Files\VDownloader;C:\Program Files\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
MSCONFIG\startupreg: AthBtTray => "C:\Program Files\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: D: =>
MSCONFIG\startupreg: DU Meter => C:\Program Files\DU Meter\DUMeter.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: NokiaPCInternetAccess => "C:\Program Files\Nokia\PC Internet Access\NPCIA.exe" /b
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{FE7AC9CF-3561-47A5-B99A-69042B495B0B}] => (Allow) C:\Program Files\Opera\opera.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{D7A9353B-05AF-41BB-AEC5-24E5A30E4BC9}] => (Allow) C:\Program Files\Opera\opera.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{F388A335-B65D-4EB0-9F4E-867A81A8DEB5}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe (Nokia -> Nokia)
FirewallRules: [{F60AC1A0-B039-4980-A08A-FC770460757C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CB4E05BA-042A-4CCE-985A-2842E3FD6740}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A1B9D84F-D9C4-4F69-B7A7-8123CB72A58F}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BC115943-2074-4D67-86FD-304E973A8A07}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{077124A8-39E9-4C48-8F68-258E5426535D}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{01E3A908-8988-414D-8EFA-76B4264EEF93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{41A4F2EE-D814-434F-8059-6EEFE13045E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DBF38C8D-71CE-41FE-8CC7-D3F53D63EEB2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E5C6334B-DDA4-4EBB-B509-0C3D816A18A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8E0A802B-A8DE-4DAB-BC8C-BDF2CF4E4A93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{E9B6AD04-798C-4BA7-88B4-C0D397E9A1DF}C:\users\kamil\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\kamil\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{AA1B92BD-0FF8-4665-88C0-3C0AA70918D8}C:\users\kamil\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\kamil\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{73ACB86A-9ACB-49D1-B939-813CC1D16D71}] => (Allow) C:\Users\Kamil\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{598C2D51-05EE-4313-AB37-D8A4FE4BD351}] => (Allow) C:\Users\Kamil\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{CE6E99D3-D187-4BEE-9211-1ECBA00A910C}] => (Allow) C:\Users\Kamil\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{89DD17C6-9B3B-4FD2-922E-092D68856D3E}] => (Allow) C:\Users\Kamil\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{649C8FDF-A5D3-4B69-872E-79D05B54C656}] => (Allow) C:\Program Files\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{39CC2FED-E291-4825-9D17-04FD47F52A69}] => (Allow) C:\Program Files\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{B565FEC6-4AA6-43CC-BDAD-4765CE2475B9}] => (Allow) C:\Users\Kamil\AppData\Roaming\skype.exe No File
FirewallRules: [{7746F667-6FC9-48F5-9DF3-96B8BE3FB5D6}] => (Allow) C:\Users\Kamil\AppData\Roaming\skype.exe No File
FirewallRules: [{D4BFA56F-42DD-4729-BC10-7F5D568A0415}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{9834E6EE-D943-4C3F-9CD6-C5E22428B2BF}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{2913477A-8313-4412-AD83-EB90BE61B927}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{FC95DE93-382E-401E-B9FA-CA5E3763026C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{7BB1B054-2824-446D-BB61-56609EB37AC1}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{9CA61943-BBAE-4F24-BD93-D07CD82E5626}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{D416DD57-4189-4309-A68B-043B1EBC022C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{713C67D3-8693-4AA7-BB8A-46A238724BF3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{44BA0745-1436-49E9-8F46-E07661FD8C6F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard) [File not signed]
FirewallRules: [{A5A5FD06-C66B-479C-99FB-3C34745CB483}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{B4549B05-C21C-45C1-88DA-2CC7C746D3FA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{68C9AE4C-A7AF-4990-A530-B0F3E2C70A02}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{50C54499-3900-4437-B5EF-F0DC696F7BEA}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe (Hewlett-Packard Company -> Hewlett-Packard Co.)
FirewallRules: [{F5E00402-58D3-4984-BA38-A7262B7E42BE}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{07E7C946-C6CD-4426-84E6-E45A85CFD3D4}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{05BB745C-4079-4C1E-BAA2-EF970F6B72C0}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [{B183860A-0B39-4E91-A072-E790550A4384}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [TCP Query User{99526F96-7CEF-41F3-A3BB-3A070F596371}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [UDP Query User{551B6C6C-542A-4C44-BE40-E9F34A859164}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [{770CBAE4-EE3F-4386-A4FC-E50CA29E48FD}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D1614519-6472-4369-82DD-332040705988}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DC265BB4-0A03-4C18-AF94-584A889A38FB}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
08-01-2020 20:11:02 Installed DirectX
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/15/2020 11:56:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is WMI Objects. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
Error: (01/15/2020 11:56:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (01/15/2020 11:45:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/15/2020 11:36:05 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is WMI Objects. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
Error: (01/15/2020 11:36:05 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (01/15/2020 11:07:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/15/2020 11:06:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is WMI Objects. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
Error: (01/15/2020 11:06:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
System errors:
=============
Error: (01/15/2020 11:56:31 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WMI Performance Adapter bola ukončená s nasledujúcou chybou:
Neznáma chyba
Error: (01/15/2020 11:43:43 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
sptd
Error: (01/15/2020 11:43:25 AM) (Source: sptd) (EventID: 4) (User: )
Description: Driver detected an internal error in its data structures for .
Error: (01/15/2020 11:36:08 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WMI Performance Adapter bola ukončená s nasledujúcou chybou:
Neznáma chyba
Error: (01/15/2020 11:06:33 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WMI Performance Adapter bola ukončená s nasledujúcou chybou:
Neznáma chyba
Error: (01/15/2020 11:05:22 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
sptd
Error: (01/15/2020 11:05:03 AM) (Source: sptd) (EventID: 4) (User: )
Description: Driver detected an internal error in its data structures for .
Error: (01/15/2020 09:58:30 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WMI Performance Adapter bola ukončená s nasledujúcou chybou:
Neznáma chyba
==================== Memory info ===========================
BIOS: Award Software International, Inc. F9 10/13/2011
Motherboard: Gigabyte Technology Co., Ltd. GA-990XA-UD3
Processor: AMD Phenom(tm) II X6 1045T Processor
Percentage of memory in use: 85%
Total physical RAM: 3069.24 MB
Available physical RAM: 445.08 MB
Total Virtual: 6136.77 MB
Available Virtual: 1913.65 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:107.42 GB) (Free:37.53 GB) NTFS
Drive d: () (Fixed) (Total:1289.74 GB) (Free:22.11 GB) NTFS
\\?\Volume{bacf6a23-897a-11e1-a07a-806e6f6e6963}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1397.3 GB) (Disk ID: 809EDEEA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=107.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1289.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
PC je celkom slusne zavireny.