Dobrý den, prosím o kontrolu logu. Poslední dobou trvá strašně dlouho než je možno po startu počítač ovládat.Vkládám log rsit i FRST. Předem děkuji.
Logfile of random's system information tool 1.10 (written by random/random)
Run by ASRock at 2020-11-08 16:20:48
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 169 GB (55%) free of 305 GB
Total RAM: 3327 MB (29% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:20:54, on 8.11.2020
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19597)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Common Files\TotalTV Player\Remote\TTTvRc.exe
C:\Program Files\DriverToolkit\DriverToolkit.exe
C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\McAfee\WebAdvisor\UIHost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Program Files\McAfee\WebAdvisor\browserhost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\ASRock\Downloads\RSIT.exe
C:\Program Files\trend micro\ASRock.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll
O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\GENIAT~1\TOTALT~1\THCDES~1.DLL
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [MTPW] "C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [Remote Control Editor] "C:\Program Files\Common Files\TotalTV Player\Remote\TTTvRc.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Tools (avast! Tools) - AVAST Software - C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
O23 - Service: Služba CCleaner Browser Update (ccleaner) (ccleaner) - Piriform Software - C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
O23 - Service: CCleaner Browser Elevation Service (CCleanerBrowserElevationService) - Piriform Software - C:\Program Files\CCleaner Browser\Application\86.1.6738.114\elevation_service.exe
O23 - Service: Služba CCleaner Browser Update (ccleanerm) (ccleanerm) - Piriform Software - C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
O23 - Service: EyeTV Netstream - Elgato Systems GmbH - C:\Program Files\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Foxit Reader Update Service (FoxitReaderUpdateService) - Foxit Software Inc. - C:\Program Files\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\86.0.4240.183\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee WebAdvisor - McAfee, LLC - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MTAgentService - Unknown owner - C:\Program Files\MiniTool ShadowMaker\AgentService.exe
O23 - Service: MTSchedulerService - Unknown owner - C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Reimage® - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
O23 - Service: RosettaStoneDaemon - Rosetta Stone Ltd. - C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: O&O Syspectr (SyspectrAgent) - O&O Software GmbH - C:\Program Files\OO Software\Syspectr\OOSysAgent.exe
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\Windows\system32\viakaraokesrv.exe
O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
O23 - Service: WDFMEService - Western Digital - C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
O23 - Service: WDRulesService - Western Digital - C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
--
End of file - 10437 bytes
======Scheduled tasks folder======
C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files\DriverToolkit\DriverToolkit.exe --autorun
C:\Windows\tasks\Google Software Updater.job - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe scheduled_start
=========Mozilla firefox=========
ProfilePath - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.251.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.251.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=14]
"Description"=Google Updater
"Path"=C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=3]
"Description"=CCleaner Browser
"Path"=C:\Program Files\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=9]
"Description"=CCleaner Browser
"Path"=C:\Program Files\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.11]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=
C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\searchplugins\
seznam-avast.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-05-16 480424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-10-30 1099008]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-05-16 194728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]
{AD6E6555-FB2C-47D4-8339-3E2965509877} - TerraTec Home Cinema - C:\PROGRA~1\GENIAT~1\TOTALT~1\THCDES~1.DLL [2017-06-19 526336]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2020-10-18 98408]
"MTPW"=C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [2020-02-19 175584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner.exe [2020-10-23 26069176]
"Remote Control Editor"=C:\Program Files\Common Files\TotalTV Player\Remote\TTTvRc.exe [2017-06-19 1836544]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2020-09-06 1341008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud]
C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13 472984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMD AVT]
Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-10-13 60688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AshSnap]
C:\Program Files\Ashampoo\Ashampoo Snap 4\ashsnap.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-07-26 2569616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-09-04 767312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\ASRock\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\ASRock\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files\DAEMON Tools Pro\DTAgent.exe [2012-04-26 3111744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Quick Search Box]
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe /autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google+ Auto Backup]
C:\Users\ASRock\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [2014-08-12 3746120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Opera Browser Assistant]
C:\Program Files\Opera\assistant\browser_assistant.exe [2020-07-15 3105304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe /Background []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-11-16 641704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2020-03-12 646776]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TuneupUI.exe]
C:\Program Files\Avast Software\Cleanup\TuneupUI.exe /nogui []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe]
C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2016-10-08 2137744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Avast Cleanup Premium.lnk]
C:\Program Files\AVAST Software\Avast Cleanup\TuneupUI.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVer HID Receiver.lnk]
C:\PROGRA~1\COMMON~1\AVERME~1\AVERQU~1\AVERHI~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk]
C:\PROGRA~1\COMMON~1\AVERME~1\AVERQU~1\AVERQU~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ASRock^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.lnk]
C:\Program Files\OpenOffice.org 3\program\quickstart.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ASRock^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Sound Control.lnk]
C:\PROGRA~1\SOUNDC~1\SC.EXE [2002-04-13 695808]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files\Secunia\PSI\psi_tray.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\epmntdrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EuGdiDrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\epmntdrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EuGdiDrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=149
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2020-10-27 22:55:36 ----A---- C:\Windows\ntbtlog.txt
2020-10-20 23:41:35 ----D---- C:\ProgramData\SystemAcCrux
2020-10-20 23:41:27 ----A---- C:\Windows\system32\drivers\EUDCPEPM.sys
2020-10-20 23:41:25 ----A---- C:\Windows\system32\drivers\EUEDKEPM.sys
2020-10-20 23:41:05 ----A---- C:\Windows\system32\setupepmdrv.ini
2020-10-20 23:41:05 ----A---- C:\Windows\system32\setupempdrv03.exe
2020-10-20 23:41:05 ----A---- C:\Windows\system32\EuGdiDrv.sys
2020-10-20 23:41:05 ----A---- C:\Windows\system32\EPMVolFl.sys
2020-10-20 23:41:05 ----A---- C:\Windows\system32\drivers\EPMVolFl.sys
2020-10-20 23:41:04 ----A---- C:\Windows\system32\EuEpmGdi.dll
2020-10-20 23:41:04 ----A---- C:\Windows\system32\epmntdrv.sys
2020-10-20 23:41:04 ----A---- C:\Windows\system32\BootMan.exe
2020-10-20 23:40:42 ----D---- C:\Program Files\EaseUS
2020-10-18 09:04:00 ----A---- C:\Windows\system32\aswBoot.exe
2020-10-18 09:03:55 ----A---- C:\Windows\system32\drivers\aswStm.sys
2020-10-18 09:03:54 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
======List of files/folders modified in the last 1 month======
2020-11-08 16:20:53 ----D---- C:\Windows\Prefetch
2020-11-08 16:20:52 ----D---- C:\Program Files\trend micro
2020-11-08 16:19:39 ----D---- C:\Windows\Temp
2020-11-08 16:11:07 ----D---- C:\FRST
2020-11-08 16:00:24 ----D---- C:\Windows
2020-11-08 15:23:14 ----SHD---- C:\Windows\Installer
2020-11-08 11:32:57 ----D---- C:\Windows\system32\config
2020-11-08 10:59:19 ----D---- C:\Users\ASRock\AppData\Roaming\QtProject
2020-11-08 10:48:09 ----D---- C:\ProgramData\AVAST Software
2020-11-08 02:02:54 ----D---- C:\Windows\tracing
2020-11-06 19:05:28 ----D---- C:\Config.Msi
2020-11-06 19:04:03 ----D---- C:\Windows\System32
2020-11-05 21:20:52 ----D---- C:\Program Files\CCleaner Browser
2020-11-05 21:20:50 ----D---- C:\Windows\system32\Tasks
2020-11-03 21:57:02 ----D---- C:\Program Files\Opera
2020-10-31 22:59:53 ----SHD---- C:\System Volume Information
2020-10-31 00:34:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2020-10-31 00:34:22 ----D---- C:\Windows\inf
2020-10-21 23:20:16 ----D---- C:\Program Files\USB Disk Storage Format Tool
2020-10-20 23:41:35 ----HD---- C:\ProgramData
2020-10-20 23:41:27 ----D---- C:\Windows\system32\drivers
2020-10-20 23:40:42 ----D---- C:\Program Files
2020-10-19 21:47:16 ----D---- C:\Users\ASRock\AppData\Roaming\Skype
2020-10-19 21:46:57 ----D---- C:\ProgramData\Foxit Software
2020-10-18 09:06:59 ----D---- C:\Windows\system32\Macromed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
R0 aswArDisk;aswArDisk; C:\Windows\system32\drivers\aswArDisk.sys [2020-10-18 35040]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2020-10-18 154696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2020-10-18 55888]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2020-10-18 72840]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2020-10-18 277960]
R0 EPMVolFl;EPMVolFl; C:\Windows\System32\drivers\EPMVolFl.sys [2020-07-07 17672]
R0 EUDCPEPM;EUDCPEPM; C:\Windows\system32\drivers\EUDCPEPM.sys [2020-07-07 66184]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 pwdrvio;pwdrvio; C:\Windows\system32\pwdrvio.sys [2019-11-08 17160]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2020-10-18 175776]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2020-10-18 189520]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2020-10-18 40736]
R1 aswNetHub;aswNetHub; C:\Windows\system32\drivers\aswNetHub.sys [2020-10-18 375192]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2020-10-18 94192]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2020-10-18 691064]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2020-10-18 396616]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-01 242240]
R1 EUEDKEPM;EUEDKEPM; \??\C:\Windows\system32\drivers\EUEDKEPM.sys [2020-07-07 21640]
R1 HWiNFO_150;HWiNFO Kernel Driver (v150); \??\C:\Windows\system32\drivers\HWiNFO32_150.SYS [2020-05-24 53152]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO32.SYS [2020-01-28 52376]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2020-10-18 147712]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2020-10-18 163312]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 10070016]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-16 290304]
R3 aswNetNd6;Avast Firewall NDIS6 Helper; C:\Windows\system32\DRIVERS\aswNetNd6.sys [2020-04-15 36104]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2016-07-24 78848]
R3 CYDTV_SRV;cydtv Driver; C:\Windows\system32\drivers\cydtv.sys [2017-06-28 1203200]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2020-09-15 73984]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2016-07-24 169472]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2010-03-22 18944]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point32k.sys [2009-11-11 30576]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-11-24 116184]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2016-12-19 575696]
S1 HWiNFO;HWiNFO Kernel Driver; \??\C:\Users\ASRock\AppData\Local\Temp\HWiNFO32.SYS []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2019-04-19 52968]
S3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x86; C:\Windows\system32\DRIVERS\Apfiltr.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 10070016]
S3 AVerA706;AVerMedia A706 BDA Service; C:\Windows\system32\DRIVERS\AVerA706.sys [2010-04-08 1223040]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2019-07-30 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2017-07-06 94208]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2019-07-30 396800]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2019-07-30 60416]
S3 epmntdrv;epmntdrv; C:\Windows\system32\epmntdrv.sys [2020-07-07 23688]
S3 EuGdiDrv;EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [2020-07-07 13832]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2011-03-19 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\k750mdfl.sys [2011-03-19 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\Windows\system32\DRIVERS\k750mdm.sys [2011-03-19 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\Windows\system32\DRIVERS\k750mgmt.sys [2011-03-19 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\Windows\system32\DRIVERS\k750obex.sys [2011-03-19 79488]
S3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-03-04 296936]
S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf_x86.sys [2013-12-06 16024]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2019-11-08 13064]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2016-09-09 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2019-04-19 51944]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2016-09-09 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2016-09-09 27136]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2013-07-04 84752]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2019-04-19 52968]
S3 ViaC7;Ovladač procesoru VIA C7; C:\Windows\system32\drivers\viac7.sys [2020-01-03 53248]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2011-02-16 11520]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-09-06 169544]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-16 217088]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-11-16 291840]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2020-10-18 332344]
R2 avast! Tools;Avast Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [2020-10-18 2511456]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 EyeTV Netstream;EyeTV Netstream; C:\Program Files\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe [2013-04-15 400864]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2010-01-21 370792]
R2 FoxitReaderUpdateService;Foxit Reader Update Service; C:\Program Files\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2020-07-08 1995184]
R2 McAfee WebAdvisor;McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [2020-10-30 729632]
R2 MTAgentService;MTAgentService; C:\Program Files\MiniTool ShadowMaker\AgentService.exe [2020-08-30 676336]
R2 MTSchedulerService;MTSchedulerService; C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe [2020-08-30 204272]
R2 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
R2 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2010-01-21 167528]
R2 RosettaStoneDaemon;RosettaStoneDaemon; C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2012-06-19 1646608]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [2013-12-06 1229528]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-07-22 754784]
R2 SyspectrAgent;O&O Syspectr; C:\Program Files\OO Software\Syspectr\OOSysAgent.exe [2020-09-18 310328]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2016-12-19 36496]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2020-10-18 7522208]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 ccleaner;Služba CCleaner Browser Update (ccleaner); C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [2020-09-03 200928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2019-03-28 132792]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-10-04 194104]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2019-03-28 47960]
S3 CCleanerBrowserElevationService;CCleaner Browser Elevation Service; C:\Program Files\CCleaner Browser\Application\86.1.6738.114\elevation_service.exe [2020-11-02 1136920]
S3 ccleanerm;Služba CCleaner Browser Update (ccleanerm); C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [2020-09-03 200928]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2019-09-26 1045256]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files\Google\Chrome\Application\86.0.4240.183\elevation_service.exe [2020-11-02 1123312]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-12-17 104960]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2020-07-09 222928]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-08 271920]
S3 ReimageRealTimeProtector;Reimage Real Time Protector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2018-02-08 7027568]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-20 1343400]
S3 WDDMService;WDDMService; C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe [2011-08-01 263056]
S3 WDFMEService;WDFMEService; C:\Program Files\Western Digital\WD SmartWare\WDFME.exe [2011-08-01 1592208]
S4 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S4 NetMsmqActivator;Adaptér naslouchání Net.Msmq; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
-----------------EOF-----------------
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-11-2017 (ATTENTION: ====> FRSTversion is 1082 days old and could be outdated)
Ran by ASRock (administrator) on ASROCK-PC (08-11-2020 16:09:44)
Running from C:\Users\ASRock\Desktop
Loaded Profiles: ASRock (Available Profiles: ASRock & DefaultAppPool)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Piriform Software) C:\Program Files\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(GENIATECH INC.,LTD) C:\Program Files\Common Files\TotalTV Player\Remote\TTTvRc.exe
(Megaify Software Co., Ltd.) C:\Program Files\DriverToolkit\DriverToolkit.exe
(Elgato Systems GmbH) C:\Program Files\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe
(Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
() C:\Program Files\MiniTool ShadowMaker\AgentService.exe
(Google LLC) C:\Program Files\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
() C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe
(Rosetta Stone Ltd.) C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(O&O Software GmbH) C:\Program Files\OO Software\Syspectr\OOSysAgent.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [98408 2020-10-18] (AVAST Software)
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [175584 2020-02-19] ()
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [26069176 2020-10-23] (Piriform Software Ltd)
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Run: [Remote Control Editor] => C:\Program Files\Common Files\TotalTV Player\Remote\TTTvRc.exe [1836544 2017-06-19] (GENIATECH INC.,LTD)
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\MountPoints2: {b367d44f-541b-11e2-b3af-002522739666} - I:\wubi.exe --cdmenu
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2020-10-07]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Winsock: Catalog9 01 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA)
Winsock: Catalog9 02 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA)
Winsock: Catalog9 03 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA)
Winsock: Catalog9 04 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA)
Winsock: Catalog9 05 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA)
Winsock: Catalog9 06 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA)
Winsock: Catalog9 18 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA)
Winsock: Catalog9 19 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 46.16.122.2
Tcpip\..\Interfaces\{E33BE343-EF5F-45B5-8D94-A4D01331B8FF}: [DhcpNameServer] 46.16.122.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-05-16] (Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-10-30] (McAfee, LLC)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-05-16] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKLM - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files\Geniatech\TotalTV Player\THCDeskBand.dll [2017-06-19] (GENIATECH INC.,LTD)
Toolbar: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000 -> No Name - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: j9cebcfi.default
FF ProfilePath: Profiles/j9cebcfi.default [not found] <==== ATTENTION
FF ProfilePath: C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default [2020-11-08]
FF user.js: detected! => C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\user.js [2016-07-24]
FF Homepage: Mozilla\Firefox\Profiles\j9cebcfi.default -> hxxps://www.seznam.cz/?clid=22668
FF Extension: (Dashlane) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\jetpack-extension@dashlane.com.xpi [2020-06-16]
FF Extension: (Avast Passwords) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2020-05-23]
FF Extension: (Emoji Cheatsheet for GitHub, Basecamp etc.) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\jid1-Xo5SuA6qc1DFpw@jetpack.xpi [2017-11-15]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2020-06-16]
FF Extension: (Video DownloadHelper) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-05-23]
FF SearchPlugin: C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\searchplugins\seznam-avast.xml [2015-03-16]
FF Extension: (DoH Roll-Out) - C:\Program Files\Mozilla Firefox\browser\features\doh-rollout@mozilla.org.xpi [2020-07-09] [not signed]
FF Extension: (WebCompat Reporter) - C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi [2020-07-09] [not signed]
FF HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-03-27] (CANON INC.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (Foxit Corporation)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-05-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-16] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-10-04] (Google)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-09-03] (Piriform Software)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-09-03] (Piriform Software)
FF Plugin: @videolan.org/vlc,version=1.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-10-22] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2661226761-2934294044-4021329715-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ASRock\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2661226761-2934294044-4021329715-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\ASRock\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-03-25] (Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-2661226761-2934294044-4021329715-1000: sony.com/MediaGoDetector -> C:\Program Files\Sony\Media Go\npMediaGoDetector.dll [2016-10-24] (Sony Network Entertainment International LLC)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\all-gemius.js [2016-07-16]
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.centrum.cz/
CHR StartupUrls: Default -> "hxxp://centrum.cz/","hxxps://www.duolingo.com/","hxxps://app.mondly. ... x.php/live"
CHR Profile: C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default [2020-11-08]
CHR Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2019-08-12]
CHR Extension: (Avast Passwords) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2020-02-10]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-07-05]
CHR Extension: (Dashlane - Password Manager) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2020-11-07]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-10-31]
CHR Extension: (Duolingo Tweaks) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcankdajnfcbepbhjhfechmandhfplen [2015-12-06]
CHR Extension: (Duolingo Vocabulary Manager) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\mglmcjokbicehcaojghjmhfjnaooffcd [2015-12-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Chrome Media Router) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-10]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files\Sony\Media Go\MediaGoDetector.crx" <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-11-16] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7522208 2020-10-18] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [332344 2020-10-18] (AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [2511456 2020-10-18] (AVAST Software)
S2 ccleaner; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-09-03] (Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files\CCleaner Browser\Application\86.1.6738.114\elevation_service.exe [1136920 2020-11-02] (Piriform Software)
S3 ccleanerm; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-09-03] (Piriform Software)
R2 EyeTV Netstream; C:\Program Files\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe [400864 2013-04-15] (Elgato Systems GmbH)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [370792 2010-01-21] ()
R2 FoxitReaderUpdateService; C:\Program Files\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [1995184 2020-07-08] (Foxit Software Inc.)
S3 GoogleChromeElevationService; C:\Program Files\Google\Chrome\Application\86.0.4240.183\elevation_service.exe [1123312 2020-11-02] (Google LLC)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [729632 2020-10-30] (McAfee, LLC)
R2 MTAgentService; C:\Program Files\MiniTool ShadowMaker\AgentService.exe [676336 2020-08-30] ()
R2 MTSchedulerService; C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe [204272 2020-08-30] ()
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [167528 2010-01-21] ()
S3 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7027568 2018-02-08] (Reimage®)
R2 RosettaStoneDaemon; C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe [1646608 2012-06-19] (Rosetta Stone Ltd.)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software) [File not signed]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 SyspectrAgent; C:\Program Files\OO Software\Syspectr\OOSysAgent.exe [310328 2020-09-18] (O&O Software GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36496 2016-12-19] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35040 2020-10-18] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [175776 2020-10-18] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [189520 2020-10-18] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [154696 2020-10-18] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [55888 2020-10-18] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40736 2020-10-18] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [147712 2020-10-18] (AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [375192 2020-10-18] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [36104 2020-04-15] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [94192 2020-10-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72840 2020-10-18] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [691064 2020-10-18] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [396616 2020-10-18] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [163312 2020-10-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [277960 2020-10-18] (AVAST Software)
S3 AVerA706; C:\Windows\System32\DRIVERS\AVerA706.sys [1223040 2010-04-08] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R3 CYDTV_SRV; C:\Windows\System32\drivers\cydtv.sys [1203200 2017-06-28] ( )
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-01-01] (DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [23688 2020-07-07] ()
R0 EPMVolFl; C:\Windows\System32\drivers\EPMVolFl.sys [17672 2020-07-07] (Windows (R) Codename Longhorn DDK provider)
R0 EUDCPEPM; C:\Windows\System32\drivers\EUDCPEPM.sys [66184 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C:\Windows\system32\drivers\EUEDKEPM.sys [21640 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [13832 2020-07-07] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [52376 2020-01-28] (REALiX(tm))
R1 HWiNFO_150; C:\Windows\system32\drivers\HWiNFO32_150.SYS [53152 2020-05-24] (REALiX(tm))
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2011-03-19] (MCCI)
S3 k750mdfl; C:\Windows\System32\DRIVERS\k750mdfl.sys [6576 2011-03-19] (MCCI)
S3 k750mdm; C:\Windows\System32\DRIVERS\k750mdm.sys [89872 2011-03-19] (MCCI)
S3 k750mgmt; C:\Windows\System32\DRIVERS\k750mgmt.sys [81728 2011-03-19] (MCCI)
S3 k750obex; C:\Windows\System32\DRIVERS\k750obex.sys [79488 2011-03-19] (MCCI)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [73984 2020-09-15] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [169472 2016-07-24] (Renesas Electronics Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-12-06] (Secunia)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [17160 2019-11-08] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13064 2019-11-08] ()
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [575696 2016-12-19] (VIA Technologies, Inc.)
S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [X]
U3 DfSdkS; no ImagePath
S1 HWiNFO; \??\C:\Users\ASRock\AppData\Local\Temp\HWiNFO32.SYS [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-08 16:07 - 2020-11-08 16:08 - 000060069 _____ C:\Users\ASRock\Desktop\Addition.txt
2020-11-08 16:01 - 2020-11-08 16:10 - 000027277 _____ C:\Users\ASRock\Desktop\FRST.txt
2020-11-07 22:33 - 2020-11-07 22:33 - 000711408 _____ C:\Users\ASRock\Downloads\cz_manual_evolveo_sigma_t2 (6).pdf
2020-11-07 22:33 - 2020-11-07 22:33 - 000711408 _____ C:\Users\ASRock\Downloads\cz_manual_evolveo_sigma_t2 (5).pdf
2020-11-07 22:13 - 2020-11-07 22:13 - 000000000 ____D C:\Users\ASRock\AppData\LocalLow\Foxit
2020-11-02 21:06 - 2020-11-02 21:06 - 000000000 ____D C:\Users\ASRock\Downloads\Simca
2020-11-02 20:56 - 2020-11-02 20:59 - 406931777 _____ C:\Users\ASRock\Downloads\Simca.zip
2020-10-27 22:55 - 2020-11-08 10:46 - 000223096 _____ C:\Windows\ntbtlog.txt
2020-10-26 20:33 - 2020-10-26 20:34 - 000007664 _____ C:\Users\ASRock\Documents\cc_20201026_203352.reg
2020-10-26 20:23 - 2020-10-26 20:24 - 029853224 _____ (Piriform Software Ltd) C:\Users\ASRock\Downloads\ccsetup573.exe
2020-10-21 23:09 - 2020-10-21 23:09 - 000570586 _____ (Authorsoft Corporation ) C:\Users\ASRock\Downloads\USBFormatToolSetup (1).exe
2020-10-20 23:41 - 2020-10-20 23:41 - 000001220 _____ C:\Users\Public\Desktop\EaseUS Partition Master 14.5.lnk
2020-10-20 23:41 - 2020-10-20 23:41 - 000000000 ____D C:\ProgramData\SystemAcCrux
2020-10-20 23:41 - 2020-10-20 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 14.5
2020-10-20 23:41 - 2020-07-07 14:14 - 000149128 _____ C:\Windows\system32\setupempdrv03.exe
2020-10-20 23:41 - 2020-07-07 14:14 - 000023688 _____ C:\Windows\system32\epmntdrv.sys
2020-10-20 23:41 - 2020-07-07 14:14 - 000017672 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\EPMVolFl.sys
2020-10-20 23:41 - 2020-07-07 14:14 - 000017672 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\EPMVolFl.sys
2020-10-20 23:41 - 2020-07-07 14:14 - 000013832 _____ C:\Windows\system32\EuGdiDrv.sys
2020-10-20 23:41 - 2020-07-07 14:12 - 003734664 _____ C:\Windows\system32\BootMan.exe
2020-10-20 23:41 - 2020-07-07 14:12 - 000024712 _____ C:\Windows\system32\EuEpmGdi.dll
2020-10-20 23:41 - 2020-07-07 14:11 - 000066184 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\EUDCPEPM.sys
2020-10-20 23:41 - 2020-07-07 14:11 - 000021640 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\EUEDKEPM.sys
2020-10-20 23:41 - 2020-02-23 13:49 - 000000057 _____ C:\Windows\system32\setupepmdrv.ini
2020-10-20 23:40 - 2020-10-20 23:40 - 047169616 _____ (EaseUS ) C:\Users\ASRock\Downloads\epm_free_easeus.exe
2020-10-20 23:40 - 2020-10-20 23:40 - 000000000 ____D C:\Program Files\EaseUS
2020-10-20 23:39 - 2020-10-20 23:39 - 001710608 _____ C:\Users\ASRock\Downloads\epm_free_installer.exe
2020-10-20 23:06 - 2020-10-20 23:06 - 000226437 _____ C:\Users\ASRock\Downloads\Stepankovi_2.pdf.zip
2020-10-20 00:30 - 2020-10-20 00:30 - 000080038 _____ C:\Users\ASRock\Downloads\kupon.pdf
2020-10-19 21:46 - 2020-10-19 21:46 - 000002060 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2020-10-19 21:46 - 2020-10-19 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2020-10-18 09:04 - 2020-10-18 09:03 - 000285280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-10-18 09:03 - 2020-10-18 09:03 - 000163312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-10-18 09:03 - 2020-10-18 09:03 - 000147712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-10-17 22:19 - 2020-10-17 22:19 - 000000000 ____D C:\Users\ASRock\Downloads\Honza_Kozel.pdf
2020-10-17 22:16 - 2020-10-17 22:17 - 000206693 _____ C:\Users\ASRock\Downloads\Honza_Kozel.pdf.zip
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-08 16:09 - 2017-11-23 10:39 - 000000000 ____D C:\FRST
2020-11-08 15:59 - 2016-09-09 22:25 - 000000000 ____D C:\Users\ASRock\AppData\Local\AVAST Software
2020-11-08 12:19 - 2009-07-14 05:34 - 000026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-11-08 12:19 - 2009-07-14 05:34 - 000026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-11-08 12:13 - 2020-09-04 19:04 - 000000348 _____ C:\Windows\Tasks\DriverToolkit Autorun.job
2020-11-08 12:13 - 2015-05-16 22:51 - 000000924 _____ C:\Windows\Tasks\Google Software Updater.job
2020-11-08 10:59 - 2020-10-01 23:34 - 000000000 ____D C:\Users\ASRock\AppData\Roaming\QtProject
2020-11-08 10:48 - 2011-03-07 17:49 - 000000000 ____D C:\ProgramData\AVAST Software
2020-11-08 10:32 - 2016-05-31 15:13 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2020-11-08 10:32 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-11-08 02:02 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\tracing
2020-11-06 19:04 - 2020-05-29 14:30 - 000001994 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-05 21:20 - 2019-07-18 11:40 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2020-11-05 21:20 - 2019-07-18 11:40 - 000002190 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2020-11-05 21:20 - 2019-07-18 11:37 - 000000000 ____D C:\Program Files\CCleaner Browser
2020-11-04 23:42 - 2014-02-22 21:06 - 000002135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-04 23:42 - 2014-02-22 21:06 - 000002094 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-03 21:57 - 2017-06-05 17:06 - 000000000 ____D C:\Program Files\Opera
2020-11-03 00:09 - 2013-08-16 20:00 - 000000000 ____D C:\Users\ASRock\Desktop\Pro Honzíka
2020-10-31 00:34 - 2011-03-07 17:09 - 001704428 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-31 00:34 - 2009-07-14 09:44 - 000713412 _____ C:\Windows\system32\perfh005.dat
2020-10-31 00:34 - 2009-07-14 09:44 - 000158440 _____ C:\Windows\system32\perfc005.dat
2020-10-31 00:34 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2020-10-26 20:34 - 2014-10-19 21:29 - 000796160 ___SH C:\Users\ASRock\Desktop\Thumbs.db
2020-10-26 20:26 - 2011-03-21 00:23 - 000000934 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-10-21 23:20 - 2018-06-23 18:38 - 000001099 _____ C:\Users\ASRock\Desktop\USB Disk Storage Format Tool.lnk
2020-10-21 23:20 - 2018-06-23 18:38 - 000000063 _____ C:\Users\ASRock\Desktop\Create Bootable USB.url
2020-10-21 23:20 - 2018-06-23 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Storage Format Tool 5.3
2020-10-21 23:20 - 2018-06-23 18:38 - 000000000 ____D C:\Program Files\USB Disk Storage Format Tool
2020-10-19 21:49 - 2013-08-04 13:27 - 000000993 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-10-19 21:47 - 2018-12-06 21:52 - 000001233 _____ C:\Users\Public\Desktop\Skype.lnk
2020-10-19 21:47 - 2018-12-06 21:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-10-19 21:47 - 2012-05-06 17:59 - 000000000 ____D C:\Users\ASRock\AppData\Roaming\Skype
2020-10-19 21:46 - 2016-08-25 21:41 - 000000000 ____D C:\ProgramData\Foxit Software
2020-10-19 21:44 - 2019-11-13 20:00 - 000000068 _____ C:\Users\Public\Documents\pre_fileassoc.tmp
2020-10-18 09:19 - 2020-04-15 18:34 - 000375192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-10-18 09:06 - 2011-03-26 10:56 - 000000000 ____D C:\Windows\system32\Macromed
2020-10-18 09:03 - 2019-01-08 23:14 - 000154696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-10-18 09:03 - 2019-01-08 23:14 - 000055888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-10-18 09:03 - 2018-11-15 20:43 - 000040736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-10-18 09:03 - 2013-03-18 13:32 - 000277960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-10-18 09:03 - 2013-03-18 13:32 - 000072840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-10-18 09:03 - 2012-03-14 14:35 - 000094192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-10-18 09:03 - 2011-03-07 17:50 - 000396616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-10-18 09:02 - 2019-01-14 20:32 - 000189520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-10-18 09:02 - 2019-01-08 23:14 - 000035040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-10-18 09:02 - 2018-01-10 20:27 - 000175776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-10-18 09:02 - 2011-03-07 17:50 - 000691064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-10-15 23:41 - 2014-05-29 10:05 - 000000000 ____D C:\Users\ASRock\Desktop\SonEric_28_5_2014
2020-10-14 22:38 - 2013-02-14 17:37 - 000000000 ____D C:\Users\ASRock\Desktop\RECEPTY
==================== Files in the root of some directories =======
2013-09-19 16:58 - 2013-09-19 16:58 - 000000000 _____ () C:\Users\ASRock\AppData\Roaming\pdfperformer
2015-01-05 14:23 - 2015-01-05 14:25 - 000011264 ___SH () C:\Users\ASRock\AppData\Roaming\Thumbs.db
2011-06-23 17:32 - 2016-06-06 22:30 - 000006144 _____ () C:\Users\ASRock\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-06-23 19:04 - 2018-06-23 19:04 - 000000001 _____ () C:\Users\ASRock\AppData\Local\llftool.4.40.agreement
2016-01-16 15:19 - 2016-01-16 15:19 - 000003977 _____ () C:\Users\ASRock\AppData\Local\recently-used.xbel
2011-09-05 13:04 - 2012-04-11 23:24 - 000007605 _____ () C:\Users\ASRock\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2020-11-05 21:39
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu- zpomalený PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
honzaodlabe
- Návštěvník
- Příspěvky: 99
- Registrován: 08 lis 2008 19:32
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu- zpomalený PC
Zdravím!
Dejte nové logy FRST+Addition z nově stažené utility. Tato je již po expiraci:
Dejte nové logy FRST+Addition z nově stažené utility. Tato je již po expiraci:
ATTENTION: ====> FRSTversion is 1082 days old and could be outdated
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
honzaodlabe
- Návštěvník
- Příspěvky: 99
- Registrován: 08 lis 2008 19:32
Re: Kontrola logu- zpomalený PC
Tady jsou ty logy:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-11-2020
Ran by ASRock (administrator) on ASROCK-PC (08-11-2020 21:43:16)
Running from C:\Users\ASRock\Downloads
Loaded Profiles: ASRock
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(DT Soft Ltd -> DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(Elgato Systems -> Elgato Systems GmbH) C:\Program Files\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <30>
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Megaify Software Co.,Ltd. -> Megaify Software Co., Ltd.) C:\Program Files\DriverToolkit\DriverToolkit.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\AgentService.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Syspectr\OOSysAgent.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Rosetta Stone Ltd -> Rosetta Stone Ltd.) C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Secunia -> Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Secunia -> Secunia) C:\Program Files\Secunia\PSI\psia.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Western Digital Technologies, Inc. -> Western Digital) C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [98408 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [175584 2020-02-19] (MiniTool Software Limited -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [26069176 2020-10-23] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Run: [Remote Control Editor] => C:\Program Files\Common Files\TotalTV Player\Remote\TTTvRc.exe [1836544 2017-06-19] (GENIATECH INC.,LTD) [File not signed]
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\MountPoints2: {b367d44f-541b-11e2-b3af-002522739666} - I:\wubi.exe --cdmenu
HKLM\...\Windows NT x86\Print Processors\Canon MP550 series Print Processor: C:\Windows\System32\spool\prtprocs\W32X86\CNMPD9Z.DLL [27648 2010-04-24] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP550 series: C:\Windows\system32\CNMLM9Z.DLL [272384 2010-04-24] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\Windows\system32\WSPDFelementMonitor.dll [96968 2017-04-11] (Wondershare Technology Co.,Ltd -> Wondershare Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files\CCleaner Browser\Application\86.1.6738.114\Installer\chrmstp.exe [2020-11-05] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\86.0.4240.183\Installer\chrmstp.exe [2020-11-04] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2020-10-07]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia -> Secunia)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02ACA505-55B8-4FB5-8006-FA9D0AF5124A} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [194104 2011-10-04] (Google Inc -> Google) <==== ATTENTION
Task: {04DD91AE-BEDE-4E47-BDAD-FAE5932F63EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {072430D6-05BC-4A7F-8B9A-FECBE95662F7} - System32\Tasks\AdobeAAMUpdater-1.0-ASRock-PC-ASRock => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {07405305-1F0A-44BD-B770-F2D88BCE4363} - System32\Tasks\{06168F8C-F3B0-40D2-87EE-A2FD7B8EDDF8} => C:\Windows\system32\pcalua.exe -a H:\start.exe -d H:\
Task: {111A27C6-D4C5-412E-9650-4C3ED8B55F7F} - System32\Tasks\{D87924E7-3AD2-427B-8392-0148ED919BE6} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\startuplite-setup-1.07.exe -d C:\Users\ASRock\Downloads
Task: {126782EF-1B04-4401-88AA-8965B2C05A77} - System32\Tasks\{43DA2AE2-0829-4943-8A8C-127D53E17DDB} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Desktop\OpenOffice.org 3.3 (cs) Installation Files\java\jre-windows-i586.exe" -d "C:\Users\ASRock\Desktop\OpenOffice.org 3.3 (cs) Installation Files\java"
Task: {127DAF13-2633-4B1A-ACA5-AF340DFEE60D} - System32\Tasks\{EF89E52D-7B16-4823-AF4A-6D75959E418A} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\Install-winMd5Sum.exe -d C:\Users\ASRock\Downloads
Task: {189EED5E-1CEF-48A1-B3F5-6E8B736A07F8} - System32\Tasks\{7773C2EA-9FF7-4610-A859-0FC9A6D5B179} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\smwin143en.exe -d "C:\Program Files\Mozilla Firefox"
Task: {1BED3F63-6C01-4CE8-8861-5F94F4CFE1E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {221593B6-64BA-4769-87ED-83A07ECF3071} - System32\Tasks\{7893F07A-0E28-457F-B0F7-52A3F3B42A84} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Downloads\RosettaStoneAudioOptimizerInstaller (1).exe" -d C:\Users\ASRock\Downloads
Task: {22E5F691-7D91-4248-91FD-BD2A3E07F9BA} - System32\Tasks\{C47DEF80-4E64-4D1F-A42F-494C4FCFF9FF} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller Pro"
Task: {326A97A1-51E1-4F74-876C-F15C628233F2} - System32\Tasks\Opera scheduled assistant Autoupdate 1582743760 => C:\Program Files\Opera\launcher.exe [1529368 2020-10-29] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {371AE9B0-6E59-4547-928F-46D9A6B19BCC} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1946312 2020-11-02] (Piriform Software Ltd -> Piriform Software)
Task: {3E78145F-6DD9-423E-B7BD-865B8159E683} - System32\Tasks\{91AF20EF-5AF8-4584-8A07-C7C852D86E4F} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\HijackThis.exe -d C:\Users\ASRock\Downloads
Task: {4E2BB29B-171D-4DC7-AE0A-80AD2AD5C537} - System32\Tasks\ASC10_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare\Monitor.exe
Task: {4EBE5834-C010-4144-9882-E371F8043EC1} - System32\Tasks\Driver Booster SkipUAC (ASRock) => C:\Program Files\IObit\Driver Booster\5.0.3\DriverBooster.exe
Task: {59C4810C-CB4D-4F79-8928-F4BAD0C94F40} - System32\Tasks\{C1F2F6AE-673D-46A8-920D-463C4E5B1EDD} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\VMHybrid_1.39.100_WLH.exe -d "C:\Program Files\Mozilla Firefox"
Task: {5EDC88C4-5E63-4220-92E7-54561F4AC3E3} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3918440 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
Task: {5F21BFAB-CF74-435E-B7F4-E91BE44E6F1E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1499240 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {606638E0-228E-4194-AD0A-E65FD8EE66BD} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1946312 2020-11-02] (Piriform Software Ltd -> Piriform Software)
Task: {6570D0A1-C3E1-4261-8F08-C3C61492279D} - System32\Tasks\{5416AA1A-98FB-4F2D-A462-8372F2B3CA74} => C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe [10320896 2017-06-19] (GENIATECH INC.,LTD) [File not signed]
Task: {7679513E-97E8-45E2-97BE-A203121D32C3} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [175584 2020-02-19] (MiniTool Software Limited -> )
Task: {799A0D78-2F92-4FCA-86DE-3C0BCF313D80} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-09-03] (Piriform Software Ltd -> Piriform Software)
Task: {7CA2B169-6A25-4CE3-83D3-2922AE05566B} - System32\Tasks\Google Updater and Installer => C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc -> Google Inc.)
Task: {9818DF56-8865-43F9-91B3-A23976B9A90F} - System32\Tasks\pcupdater_UPDATES => C:\Program Files\RadarSync\pcupdater.exe [9736256 2013-01-24] (RadarSync -> RadarSync)
Task: {999253F8-7BA1-49B9-96B7-5C75E0B49034} - System32\Tasks\Uninstaller_SkipUac_ASRock => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {9CDE696B-5C26-4575-890A-373D7B77D5D5} - System32\Tasks\{A8102A9C-D4BF-4C85-9A3E-0744B1B79E3C} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\sp43155.exe -d "C:\Program Files\Mozilla Firefox"
Task: {9EFE0CCA-43C6-4905-95C8-20391AB46793} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {A3DFC65D-04D5-48EB-9DD8-34A325E8571E} - System32\Tasks\DriverToolkit Autorun => C:\Program Files\DriverToolkit\DriverToolkit.exe [1304040 2015-07-01] (Megaify Software Co.,Ltd. -> Megaify Software Co., Ltd.)
Task: {A5391D08-DB7B-4F92-B137-F6410C1FE499} - System32\Tasks\{E0BFEEE6-5026-4542-9F88-F5098DF7B3B5} => C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe [10320896 2017-06-19] (GENIATECH INC.,LTD) [File not signed]
Task: {A6E342A7-34E3-420E-9F83-C72B068F907F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000UA => C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc -> Google Inc.)
Task: {AD466674-F486-4C06-8B9A-705C3E6DE535} - System32\Tasks\{524466C9-6B0A-43D7-8F9A-4B10679A0FF0} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\OnLineRecovery_JF620_v9.0.0.28.exe -d C:\Users\ASRock\Downloads
Task: {B02C6B18-6B19-47F5-BB6F-88AF561302D2} - System32\Tasks\MiniTool Shadow Maker => C:\Program Files\MiniTool ShadowMaker\SMMonitor.exe [1027056 2020-08-30] (MiniTool Software Limited -> )
Task: {CCCDC791-06DA-4B93-B256-AB7993955449} - System32\Tasks\Opera scheduled Autoupdate 1496678798 => C:\Program Files\Opera\launcher.exe [1529368 2020-10-29] (Opera Software AS -> Opera Software)
Task: {CD4DF41D-2236-46F9-99FB-952499E44145} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7027568 2018-02-08] (Reimage Limited -> Reimage®) <==== ATTENTION
Task: {D31A2138-4536-478A-8F82-BAA22083170B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000Core => C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc -> Google Inc.)
Task: {D51623D4-8DAD-4E68-B832-9C0C5878B77C} - System32\Tasks\ASC10_SkipUac_ASRock => C:\Program Files\IObit\Advanced SystemCare\ASC.exe
Task: {DB3B9057-5496-4400-923D-0BB66E01678D} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-09-03] (Piriform Software Ltd -> Piriform Software)
Task: {DC48B033-C744-41DB-BD49-D619877824AB} - System32\Tasks\{57D6CE74-987F-429E-8C6A-8F883A6C5648} => C:\Windows\system32\pcalua.exe -a H:\setup.exe -d H:\
Task: {DCBE69B8-0D0B-4169-9490-D328F1AD0313} - System32\Tasks\{32355ADF-D330-48C7-985C-D24D6DAE8351} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Downloads\Instaluj.cz - 9354.exe" -d C:\Users\ASRock\Downloads
Task: {E4604FC4-C7E4-405D-AFE0-F0EB1E4B4B42} - System32\Tasks\pcupdaterRunAtStartup => C:\Program Files\RadarSync\pcupdater.exe [9736256 2013-01-24] (RadarSync -> RadarSync)
Task: {E9F302E3-E775-4F4F-8F17-D4AB0F032B5D} - System32\Tasks\{C6A505E6-58EE-4196-9BB8-7841E32C122B} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\VirtualBox-4.2.20-90983-Win.exe -d C:\Users\ASRock\Downloads
Task: {EABEF607-18D2-4BD1-930A-F7893C0B58F6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-10-23] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F2B5AF81-2F58-41CE-9560-A71A32D5B48D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {FF8FC8BA-12CD-4E89-8D3B-8EFAB2B00272} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26069176 2020-10-23] (Piriform Software Ltd -> Piriform Software Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files\DriverToolkit\DriverToolkit.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Winsock: Catalog9 01 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA Corporation -> NVIDIA)
Winsock: Catalog9 02 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA Corporation -> NVIDIA)
Winsock: Catalog9 03 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA Corporation -> NVIDIA)
Winsock: Catalog9 04 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA Corporation -> NVIDIA)
Winsock: Catalog9 05 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA Corporation -> NVIDIA)
Winsock: Catalog9 06 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA Corporation -> NVIDIA)
Winsock: Catalog9 18 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA Corporation -> NVIDIA)
Winsock: Catalog9 19 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA Corporation -> NVIDIA)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 46.16.122.2
Tcpip\..\Interfaces\{E33BE343-EF5F-45B5-8D94-A4D01331B8FF}: [DhcpNameServer] 46.16.122.2
FireFox:
========
FF DefaultProfile: j9cebcfi.default
FF ProfilePath: C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default [2020-11-08]
FF user.js: detected! => C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\user.js [2016-07-24]
FF Homepage: Mozilla\Firefox\Profiles\j9cebcfi.default -> hxxps://www.seznam.cz/?clid=22668
FF Extension: (Dashlane) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\jetpack-extension@dashlane.com.xpi [2020-11-08] [UpdateUrl:hxxps://ws1.dashlane.com/5/binaries/query?logins=&platform=firefox&target=ff_web_extension&format=json&version=]
FF Extension: (Avast Passwords) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2020-05-23] [UpdateUrl:hxxps://pamcdn.avast.com/pamcdn/extensions/firefox/update.json]
FF Extension: (Emoji Cheatsheet for GitHub, Basecamp etc.) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\jid1-Xo5SuA6qc1DFpw@jetpack.xpi [2017-11-15]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2020-11-08]
FF Extension: (Video DownloadHelper) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-05-23]
FF SearchPlugin: C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\searchplugins\seznam-avast.xml [2015-03-16]
FF HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-03-27] (CANON INC.) [File not signed]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-05-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-10-04] (Google Inc -> Google)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-09-03] (Piriform Software Ltd -> Piriform Software)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-09-03] (Piriform Software Ltd -> Piriform Software)
FF Plugin: @videolan.org/vlc,version=1.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2661226761-2934294044-4021329715-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ASRock\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2661226761-2934294044-4021329715-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\ASRock\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-03-25] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-2661226761-2934294044-4021329715-1000: sony.com/MediaGoDetector -> C:\Program Files\Sony\Media Go\npMediaGoDetector.dll [2016-10-24] (Sony Network Entertainment International LLC) [File not signed]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\all-gemius.js [2016-07-16]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default [2020-11-08]
CHR Notifications: Default -> hxxps://app.mondly.com; hxxps://cs.duolingo.com; hxxps://jak-vydelat-penize.pushresponse.net; hxxps://james.darpinian.com; hxxps://novaplus.nova.cz; hxxps://www.chip.cz; hxxps://www.easeus.com; hxxps://www.esky.cz; hxxps://zpravy.aktualne.cz
CHR HomePage: Default -> hxxp://www.centrum.cz/
CHR StartupUrls: Default -> "hxxp://centrum.cz/","hxxps://www.duolingo.com/","hxxps://app.mondly. ... x.php/live"
CHR Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2019-08-12]
CHR Extension: (Avast Passwords) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2020-02-10]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-07-05]
CHR Extension: (Dashlane - Password Manager) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2020-11-07]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-10-31]
CHR Extension: (Duolingo Tweaks) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcankdajnfcbepbhjhfechmandhfplen [2015-12-06]
CHR Extension: (Duolingo Vocabulary Manager) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\mglmcjokbicehcaojghjmhfjnaooffcd [2015-12-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Chrome Media Router) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-10]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files\Sony\Media Go\MediaGoDetector.crx" <not found>
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [217088 2012-11-16] (Advanced Micro Devices, Inc. -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-11-16] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7522208 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [332344 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [2511456 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-09-03] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files\CCleaner Browser\Application\86.1.6738.114\elevation_service.exe [1136920 2020-11-02] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-09-03] (Piriform Software Ltd -> Piriform Software)
R2 EyeTV Netstream; C:\Program Files\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe [400864 2013-04-15] (Elgato Systems -> Elgato Systems GmbH)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [370792 2010-01-21] (NVIDIA Corporation -> )
R2 FoxitReaderUpdateService; C:\Program Files\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [1995184 2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [729632 2020-10-30] (McAfee, LLC -> McAfee, LLC)
R2 MTAgentService; C:\Program Files\MiniTool ShadowMaker\AgentService.exe [676336 2020-08-30] (MiniTool Software Limited -> )
R2 MTSchedulerService; C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe [204272 2020-08-30] (MiniTool Software Limited -> )
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [167528 2010-01-21] (NVIDIA Corporation -> )
S3 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7027568 2018-02-08] (Reimage Limited -> Reimage®)
R2 RosettaStoneDaemon; C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe [1646608 2012-06-19] (Rosetta Stone Ltd -> Rosetta Stone Ltd.)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia -> Secunia)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Sony Mobile Communications AB -> Avanquest Software) [File not signed]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 SyspectrAgent; C:\Program Files\OO Software\Syspectr\OOSysAgent.exe [310328 2020-09-18] (O&O Software GmbH -> O&O Software GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36496 2016-12-19] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe [263056 2011-08-01] (Western Digital Technologies, Inc. -> WDC)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdiox86; C:\Windows\System32\DRIVERS\amdiox86.sys [37944 2010-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10070016 2012-11-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [290304 2012-11-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35040 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [175776 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [189520 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [154696 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [55888 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40736 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [147712 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [375192 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [36104 2020-04-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [94192 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72840 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [691064 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [396616 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [163312 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [277960 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [78848 2016-07-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10070016 2012-11-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AVerA706; C:\Windows\System32\DRIVERS\AVerA706.sys [1223040 2010-04-08] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R3 CYDTV_SRV; C:\Windows\System32\drivers\cydtv.sys [1203200 2017-06-28] (Shenzhen Geniatech Technology LTD. -> )
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-01-01] (DT Soft Ltd -> DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [23688 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFl; C:\Windows\System32\drivers\EPMVolFl.sys [17672 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R0 EUDCPEPM; C:\Windows\System32\drivers\EUDCPEPM.sys [66184 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C:\Windows\system32\drivers\EUEDKEPM.sys [21640 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [13832 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [52376 2020-01-28] (Martin Malik - REALiX -> REALiX(tm))
R1 HWiNFO_150; C:\Windows\system32\drivers\HWiNFO32_150.SYS [53152 2020-05-24] (Martin Malik - REALiX -> REALiX(tm))
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2011-03-19] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
S3 k750mdfl; C:\Windows\System32\DRIVERS\k750mdfl.sys [6576 2011-03-19] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
S3 k750mdm; C:\Windows\System32\DRIVERS\k750mdm.sys [89872 2011-03-19] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
S3 k750mgmt; C:\Windows\System32\DRIVERS\k750mgmt.sys [81728 2011-03-19] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
S3 k750obex; C:\Windows\System32\DRIVERS\k750obex.sys [79488 2011-03-19] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [73984 2020-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [169472 2016-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nvsmu; C:\Windows\System32\DRIVERS\nvsmu.sys [18944 2010-03-22] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-12-06] (Secunia -> Secunia)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [17160 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13064 2019-11-08] (MiniTool Solution Ltd -> )
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [575696 2016-12-19] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam.sys [11520 2011-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [X]
U3 DfSdkS; no ImagePath
S1 HWiNFO; \??\C:\Users\ASRock\AppData\Local\Temp\HWiNFO32.SYS [X] <==== ATTENTION
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
Error(1) reading file: "C:\Users\ASRock\Downloads\VideoDownloadConvertCrxSetup.12C08EE7-9AD5-4867-88BB-F1C671A8C0D5.exe"
2020-11-08 21:43 - 2020-11-08 21:48 - 000037803 _____ C:\Users\ASRock\Downloads\FRST.txt
2020-11-08 21:30 - 2020-11-08 21:32 - 002012672 _____ (Farbar) C:\Users\ASRock\Downloads\FRST.exe
2020-11-08 21:13 - 2020-11-08 21:13 - 000053473 _____ C:\Users\ASRock\Downloads\Vypis_z_uctu-2401825416_20201001-20201031_cislo-5.pdf
2020-11-08 16:20 - 2020-11-08 16:20 - 001107968 _____ C:\Users\ASRock\Downloads\RSIT.exe
2020-11-08 16:07 - 2020-11-08 16:11 - 000060069 _____ C:\Users\ASRock\Desktop\Addition.txt
2020-11-08 16:01 - 2020-11-08 16:11 - 000038024 _____ C:\Users\ASRock\Desktop\FRST.txt
2020-11-07 22:33 - 2020-11-07 22:33 - 000711408 _____ C:\Users\ASRock\Downloads\cz_manual_evolveo_sigma_t2 (6).pdf
2020-11-07 22:33 - 2020-11-07 22:33 - 000711408 _____ C:\Users\ASRock\Downloads\cz_manual_evolveo_sigma_t2 (5).pdf
2020-11-07 22:13 - 2020-11-07 22:13 - 000000000 ____D C:\Users\ASRock\AppData\LocalLow\Foxit
2020-11-02 21:06 - 2020-11-02 21:06 - 000000000 ____D C:\Users\ASRock\Downloads\Simca
2020-11-02 20:56 - 2020-11-02 20:59 - 406931777 _____ C:\Users\ASRock\Downloads\Simca.zip
2020-10-27 22:55 - 2020-11-08 21:14 - 000223766 _____ C:\Windows\ntbtlog.txt
2020-10-26 20:33 - 2020-10-26 20:34 - 000007664 _____ C:\Users\ASRock\Documents\cc_20201026_203352.reg
2020-10-26 20:23 - 2020-10-26 20:24 - 029853224 _____ (Piriform Software Ltd) C:\Users\ASRock\Downloads\ccsetup573.exe
2020-10-21 23:09 - 2020-10-21 23:09 - 000570586 _____ (Authorsoft Corporation ) C:\Users\ASRock\Downloads\USBFormatToolSetup (1).exe
2020-10-20 23:41 - 2020-10-20 23:41 - 000001220 _____ C:\Users\Public\Desktop\EaseUS Partition Master 14.5.lnk
2020-10-20 23:41 - 2020-10-20 23:41 - 000001220 _____ C:\ProgramData\Desktop\EaseUS Partition Master 14.5.lnk
2020-10-20 23:41 - 2020-10-20 23:41 - 000000000 ____D C:\ProgramData\SystemAcCrux
2020-10-20 23:41 - 2020-10-20 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 14.5
2020-10-20 23:41 - 2020-07-07 14:14 - 000149128 _____ C:\Windows\system32\setupempdrv03.exe
2020-10-20 23:41 - 2020-07-07 14:14 - 000023688 _____ C:\Windows\system32\epmntdrv.sys
2020-10-20 23:41 - 2020-07-07 14:14 - 000017672 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\EPMVolFl.sys
2020-10-20 23:41 - 2020-07-07 14:14 - 000017672 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\EPMVolFl.sys
2020-10-20 23:41 - 2020-07-07 14:14 - 000013832 _____ C:\Windows\system32\EuGdiDrv.sys
2020-10-20 23:41 - 2020-07-07 14:12 - 003734664 _____ C:\Windows\system32\BootMan.exe
2020-10-20 23:41 - 2020-07-07 14:12 - 000024712 _____ C:\Windows\system32\EuEpmGdi.dll
2020-10-20 23:41 - 2020-07-07 14:11 - 000066184 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\EUDCPEPM.sys
2020-10-20 23:41 - 2020-07-07 14:11 - 000021640 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\EUEDKEPM.sys
2020-10-20 23:41 - 2020-02-23 13:49 - 000000057 _____ C:\Windows\system32\setupepmdrv.ini
2020-10-20 23:40 - 2020-10-20 23:40 - 047169616 _____ (EaseUS ) C:\Users\ASRock\Downloads\epm_free_easeus.exe
2020-10-20 23:40 - 2020-10-20 23:40 - 000000000 ____D C:\Program Files\EaseUS
2020-10-20 23:39 - 2020-10-20 23:39 - 001710608 _____ C:\Users\ASRock\Downloads\epm_free_installer.exe
2020-10-20 23:06 - 2020-10-20 23:06 - 000226437 _____ C:\Users\ASRock\Downloads\Stepankovi_2.pdf.zip
2020-10-20 00:30 - 2020-10-20 00:30 - 000080038 _____ C:\Users\ASRock\Downloads\kupon.pdf
2020-10-19 21:46 - 2020-10-19 21:46 - 000002060 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2020-10-19 21:46 - 2020-10-19 21:46 - 000002060 _____ C:\ProgramData\Desktop\Foxit Reader.lnk
2020-10-19 21:46 - 2020-10-19 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2020-10-18 09:04 - 2020-10-18 09:03 - 000285280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-10-18 09:03 - 2020-10-18 09:03 - 000163312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-10-18 09:03 - 2020-10-18 09:03 - 000147712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-10-17 22:19 - 2020-10-17 22:19 - 000000000 ____D C:\Users\ASRock\Downloads\Honza_Kozel.pdf
2020-10-17 22:16 - 2020-10-17 22:17 - 000206693 _____ C:\Users\ASRock\Downloads\Honza_Kozel.pdf.zip
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-08 21:46 - 2017-11-23 10:39 - 000000000 ____D C:\FRST
2020-11-08 21:27 - 2016-09-09 22:25 - 000000000 ____D C:\Users\ASRock\AppData\Local\AVAST Software
2020-11-08 20:12 - 2013-08-16 20:00 - 000000000 ____D C:\Users\ASRock\Desktop\Pro Honzíka
2020-11-08 19:34 - 2020-07-09 21:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-08 19:33 - 2017-04-03 08:47 - 000000000 ____D C:\Users\ASRock\AppData\LocalLow\Mozilla
2020-11-08 16:20 - 2013-04-24 19:25 - 000000000 ____D C:\Program Files\trend micro
2020-11-08 12:19 - 2009-07-14 05:34 - 000026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-11-08 12:19 - 2009-07-14 05:34 - 000026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-11-08 12:13 - 2020-10-07 18:59 - 000002982 _____ C:\Windows\system32\Tasks\{E0BFEEE6-5026-4542-9F88-F5098DF7B3B5}
2020-11-08 12:13 - 2020-10-07 18:59 - 000002982 _____ C:\Windows\system32\Tasks\{5416AA1A-98FB-4F2D-A462-8372F2B3CA74}
2020-11-08 12:13 - 2020-10-01 23:33 - 000002998 _____ C:\Windows\system32\Tasks\MiniTool Shadow Maker
2020-11-08 12:13 - 2020-10-01 23:32 - 000003184 _____ C:\Windows\system32\Tasks\MiniToolPartitionWizard
2020-11-08 12:13 - 2020-09-18 19:34 - 000003176 _____ C:\Windows\system32\Tasks\{524466C9-6B0A-43D7-8F9A-4B10679A0FF0}
2020-11-08 12:13 - 2020-09-04 19:04 - 000002708 _____ C:\Windows\system32\Tasks\DriverToolkit Autorun
2020-11-08 12:13 - 2020-09-04 19:04 - 000000348 _____ C:\Windows\Tasks\DriverToolkit Autorun.job
2020-11-08 12:13 - 2020-07-06 21:32 - 000004464 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-11-08 12:13 - 2019-07-18 11:39 - 000003132 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2020-11-08 12:13 - 2019-07-18 11:38 - 000003714 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2020-11-08 12:13 - 2019-07-18 11:37 - 000003426 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2020-11-08 12:13 - 2019-07-18 11:37 - 000003298 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2020-11-08 12:13 - 2018-08-20 11:40 - 000002794 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-11-08 12:13 - 2017-11-22 18:06 - 000003836 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1496678798
2020-11-08 12:13 - 2017-11-09 00:06 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-11-08 12:13 - 2015-12-03 17:47 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-11-08 12:13 - 2015-05-16 22:51 - 000000924 _____ C:\Windows\Tasks\Google Software Updater.job
2020-11-08 12:13 - 2011-08-18 02:09 - 000003586 _____ C:\Windows\system32\Tasks\Google Software Updater
2020-11-08 12:13 - 2011-08-18 02:09 - 000003374 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-11-08 12:13 - 2011-08-18 02:09 - 000003246 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-08 10:59 - 2020-10-01 23:34 - 000000000 ____D C:\Users\ASRock\AppData\Roaming\QtProject
2020-11-08 10:48 - 2011-03-07 17:49 - 000000000 ____D C:\ProgramData\AVAST Software
2020-11-08 10:36 - 2017-03-13 21:54 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-11-08 10:32 - 2016-05-31 15:13 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2020-11-08 10:32 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-11-08 02:02 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\tracing
2020-11-06 19:04 - 2020-05-29 14:30 - 000001994 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-05 21:20 - 2019-07-18 11:40 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2020-11-05 21:20 - 2019-07-18 11:40 - 000002190 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2020-11-05 21:20 - 2019-07-18 11:40 - 000002190 _____ C:\ProgramData\Desktop\CCleaner Browser.lnk
2020-11-05 21:20 - 2019-07-18 11:37 - 000000000 ____D C:\Program Files\CCleaner Browser
2020-11-04 23:42 - 2014-02-22 21:06 - 000002135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-04 23:42 - 2014-02-22 21:06 - 000002094 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-04 23:42 - 2014-02-22 21:06 - 000002094 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-11-03 21:57 - 2017-06-05 17:06 - 000000000 ____D C:\Program Files\Opera
2020-10-31 00:34 - 2011-03-07 17:09 - 001704428 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-31 00:34 - 2009-07-14 09:44 - 000713412 _____ C:\Windows\system32\perfh005.dat
2020-10-31 00:34 - 2009-07-14 09:44 - 000158440 _____ C:\Windows\system32\perfc005.dat
2020-10-31 00:34 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2020-10-26 20:34 - 2014-10-19 21:29 - 000796160 ___SH C:\Users\ASRock\Desktop\Thumbs.db
2020-10-26 20:26 - 2011-03-21 00:23 - 000000934 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-10-26 20:26 - 2011-03-21 00:23 - 000000934 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-10-21 23:20 - 2018-06-23 18:38 - 000001099 _____ C:\Users\ASRock\Desktop\USB Disk Storage Format Tool.lnk
2020-10-21 23:20 - 2018-06-23 18:38 - 000000063 _____ C:\Users\ASRock\Desktop\Create Bootable USB.url
2020-10-21 23:20 - 2018-06-23 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Storage Format Tool 5.3
2020-10-21 23:20 - 2018-06-23 18:38 - 000000000 ____D C:\Program Files\USB Disk Storage Format Tool
2020-10-19 21:49 - 2013-08-04 13:27 - 000000993 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-10-19 21:49 - 2013-08-04 13:27 - 000000993 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-10-19 21:47 - 2018-12-06 21:52 - 000001233 _____ C:\Users\Public\Desktop\Skype.lnk
2020-10-19 21:47 - 2018-12-06 21:52 - 000001233 _____ C:\ProgramData\Desktop\Skype.lnk
2020-10-19 21:47 - 2018-12-06 21:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-10-19 21:47 - 2012-05-06 17:59 - 000000000 ____D C:\Users\ASRock\AppData\Roaming\Skype
2020-10-19 21:46 - 2016-08-25 21:41 - 000000000 ____D C:\ProgramData\Foxit Software
2020-10-19 21:44 - 2019-11-13 20:00 - 000000068 _____ C:\Users\Public\Documents\pre_fileassoc.tmp
2020-10-19 21:44 - 2019-11-13 20:00 - 000000068 _____ C:\ProgramData\Documents\pre_fileassoc.tmp
2020-10-18 09:19 - 2020-04-15 18:34 - 000375192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-10-18 09:06 - 2011-03-26 10:56 - 000000000 ____D C:\Windows\system32\Macromed
2020-10-18 09:03 - 2019-01-08 23:14 - 000154696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-10-18 09:03 - 2019-01-08 23:14 - 000055888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-10-18 09:03 - 2018-11-15 20:43 - 000040736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-10-18 09:03 - 2013-03-18 13:32 - 000277960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-10-18 09:03 - 2013-03-18 13:32 - 000072840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-10-18 09:03 - 2012-03-14 14:35 - 000094192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-10-18 09:03 - 2011-03-07 17:50 - 000396616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-10-18 09:02 - 2019-01-14 20:32 - 000189520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-10-18 09:02 - 2019-01-08 23:14 - 000035040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-10-18 09:02 - 2018-01-10 20:27 - 000175776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-10-18 09:02 - 2011-03-07 17:50 - 000691064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-10-15 23:41 - 2014-05-29 10:05 - 000000000 ____D C:\Users\ASRock\Desktop\SonEric_28_5_2014
2020-10-14 22:38 - 2013-02-14 17:37 - 000000000 ____D C:\Users\ASRock\Desktop\RECEPTY
==================== Files in the root of some directories ========
2013-09-19 16:58 - 2013-09-19 16:58 - 000000000 _____ () C:\Users\ASRock\AppData\Roaming\pdfperformer
2015-01-05 14:23 - 2015-01-05 14:25 - 000011264 ___SH () C:\Users\ASRock\AppData\Roaming\Thumbs.db
2011-06-23 17:32 - 2016-06-06 22:30 - 000006144 _____ () C:\Users\ASRock\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-06-23 19:04 - 2018-06-23 19:04 - 000000001 _____ () C:\Users\ASRock\AppData\Local\llftool.4.40.agreement
2016-01-16 15:19 - 2016-01-16 15:19 - 000003977 _____ () C:\Users\ASRock\AppData\Local\recently-used.xbel
2011-09-05 13:04 - 2012-04-11 23:24 - 000007605 _____ () C:\Users\ASRock\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-11-05 21:39
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-11-2020
Ran by ASRock (08-11-2020 21:56:42)
Running from C:\Users\ASRock\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2011-03-07 15:57:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2661226761-2934294044-4021329715-500 - Administrator - Disabled)
ASRock (S-1-5-21-2661226761-2934294044-4021329715-1000 - Administrator - Enabled) => C:\Users\ASRock
Guest (S-1-5-21-2661226761-2934294044-4021329715-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2661226761-2934294044-4021329715-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (HKLM\...\{23170F69-40C1-2701-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
AbiWord 2.8.6 (HKLM\...\AbiWord2) (Version: 2.8.6 - AbiSource Developers)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20064 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{E43B4909-141E-DFF3-8C58-62B5E4D66BBA}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM\...\{0CAE2FF0-AFC9-733D-EC3C-04BCB6B3C06F}) (Version: 2.0.4251.33734 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 20.8.2432 - Avast Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CalcRC 2.5 verze 2.5 (HKLM\...\{A50CCD4D-7B79-47D9-B6B8-415E4D9A1E9C}}_is1) (Version: 2.5 - Tomecek)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: - )
Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version: - )
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.73 - Piriform)
CCleaner Browser (HKLM\...\CCleaner Browser) (Version: 86.1.6738.114 - Autoři prohlížeče CCleaner Browser)
CSE HTML Validator Standard v12.03 (HKLM\...\CSEHTMLVALIDATOR120_is1) (Version: 12.3.0.0 - AI Internet Solutions LLC)
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 5.1.0.0333 - DT Soft Ltd)
Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Driver Install 32bit (HKLM\...\{98ECAF17-9201-4E2D-B689-4F277C12FB17}) (Version: 1.32.1748.0 - Shenzhen Geniatech Inc.,Ltd)
DriverIdentifier 5.1 (HKLM\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version: - DriverIdentifier)
DriverToolkit version 8.5.0.0 (HKLM\...\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1) (Version: 8.5.0.0 - Megaify Software)
EaseUS Partition Master 14.5 (HKLM\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EyeTV Netstream for Windows Media Center (HKLM\...\EyeTV Netstream Service) (Version: 1.01.00.16 - Elgato Systems GmbH)
FastStone Image Viewer 4.2 (HKLM\...\FastStone Image Viewer) (Version: 4.2 - FastStone Soft)
File Identifier (HKLM\...\{C257E434-E8F1-4E06-A616-598E4933553E}_is1) (Version: 1.0.10 - Sharpened Productions)
File Viewer Plus (HKLM\...\{C8B24B83-920A-446E-B027-38F72C9D8898}_is1) (Version: 2.0.0 - Sharpened Productions)
Firehand Ember (HKLM\...\Firehand Ember) (Version: - )
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 10.0.1.35811 - Foxit Software Inc.)
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
FreeCommander 2009.02b (HKLM\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
FreeOCR v5.4 (HKLM\...\freeocr_is1) (Version: - )
GeoShow3D Lite (HKLM\...\GeoShow3D Lite) (Version: - )
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Goniometrické funkce (HKLM\...\Goniometrické funkce) (Version: - )
Google Drive (HKLM\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Earth Pro (HKLM\...\{59F21DFB-6977-434B-9CB9-67783D6E7B6B}) (Version: 7.3.3.7786 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 86.0.4240.183 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Google+ Auto Backup (HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.09) (Version: 9.09 - Artifex Software Inc.)
Hard Disk Low Level Format Tool 4.40 (HKLM\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU)
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
HD Tune Pro 4.50 (HKLM\...\HD Tune Pro_is1) (Version: - EFD Software)
Hetman Partition Recovery 2.2 (HKLM\...\Hetman Partition Recovery) (Version: - )
HWiNFO32 Version 6.26 (HKLM\...\HWiNFO32_is1) (Version: 6.26 - Martin Malik - REALiX)
Icecream Screen Recorder version 1.37 (HKLM\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 1.37 - Icecream Apps)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Java 8 Update 251 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\jdownloader09) (Version: 0.9 - AppWork GmbH)
KiCad 2013.03.04 (HKLM\...\KiCad) (Version: 2013.03.04 - )
Ladicka (HKLM\...\Ladicka) (Version: - )
Media Go (HKLM\...\{60CDD65B-61AD-4BE4-BEA8-BB2D15534D4B}) (Version: 3.2.191 - Sony)
Media Go Video Playback Engine 2.20.109.05220 (HKLM\...\{B48AA269-C017-875E-AE23-CE1DCEE07626}) (Version: 2.20.109.05220 - Sony)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft IntelliPoint 7.1 (HKLM\...\{7057ABC2-EFF3-4E43-9806-8BCB6EEA9FE6}) (Version: 7.10.344.0 - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MiniTool Partition Wizard Free 12 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Software Limited)
MiniTool Partition Wizard verze 1.5 (HKLM\...\MiniTool Partition Wizard_is1) (Version: 1.5 - )
MiniTool ShadowMaker PW Edition (HKLM\...\MT-75D7C412-925B-4AD0-90DC-5E4FEE22EAE1_is1) (Version: 3.5 - MiniTool Software Limited)
Minus Desktop Tool 1.7 (HKLM\...\Minus_is1) (Version: 1.7 - Minus Inc.)
Mozilla Firefox 78.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 78.0.2 (x86 en-US)) (Version: 78.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.0.2.7494 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NEC Electronics USB 3.0 Host Controller Driver (HKLM\...\{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
NEC Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
Nero 7 Essentials (HKLM\...\{9B4E6CB9-E54D-47F7-A414-E2D5740E1029}) (Version: 7.02.8507 - Nero AG)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM\...\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7325.0 - NVIDIA Corporation)
O&O Syspectr (HKLM\...\{CE8921E4-D3AC-43A6-BD3D-356546A076D7}) (Version: 0.200.46 - O&O Software GmbH)
OpenOffice 4.1.7 (HKLM\...\{E3E3C1D4-6886-4EDB-9F12-335641465055}) (Version: 4.17.9800 - Apache Software Foundation)
OpenWith.org 1.0.3 (HKLM\...\{B52F8C4B-FE88-4B59-9B80-1C93669D7DEB}_is1) (Version: - OpenWith.org)
Opera Stable 37.0.2178.32 (HKU\.DEFAULT\...\Opera 37.0.2178.32) (Version: 37.0.2178.32 - Opera Software)
Opera Stable 72.0.3815.186 (HKLM\...\Opera 72.0.3815.186) (Version: 72.0.3815.186 - Opera Software)
Paragon Partition Manager™ 2013 Free (HKLM\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PCLab (HKLM\...\PCLab) (Version: - )
PDF Editor 5 (HKLM\...\PDF Editor 5) (Version: - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Platform (HKLM\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Hidden
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Podpora aplikací Apple (32bitová) (HKLM\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
ProfiCAD (HKLM\...\ProfiCAD_is1) (Version: - )
Psaní všemi deseti 1.5 (HKLM\...\Psaní všemi deseti_is1) (Version: - Richard Šusta, David Vejchoda)
RadarSync PC Updater 2012 (HKLM\...\RadarSync PC Updater 2012_is1) (Version: 4.1.0.14931 - RadarSync Ltd)
rajče průvodce verze 1.59.45.260 (HKLM\...\rajče.net_is1) (Version: - rajče.net)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Registrace uživatele zařízení Canon MP550 series (HKLM\...\Registrace uživatele zařízení Canon MP550 series) (Version: - )
Revo Uninstaller 1.92 (HKLM\...\Revo Uninstaller) (Version: 1.92 - VS Revo Group)
Rosetta Stone Ltd Services (HKLM\...\{3165E4A6-D5DE-46B0-8597-D55E2B826B84}) (Version: 3.2.21 - Rosetta Stone Ltd.)
Rosetta Stone TOTALe (HKLM\...\{6B6BC189-D606-4BC7-9758-E6C364F76A55}) (Version: 4.5.5.0 - Rosetta Stone, Ltd)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Scope (HKLM\...\{59E13EA0-9604-47DF-BEB7-3651E6E09221}) (Version: 1.22.0 - Zeitnitz)
Secunia PSI (3.0.0.9016) (HKLM\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
SequoiaView (HKLM\...\SequoiaView) (Version: - )
SES Driver (HKLM\...\{0673654C-5296-453B-9798-B61CD7E03FEB}) (Version: 1.0.0 - Western Digital)
Seznam Software (HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\SeznamInstall) (Version: - Seznam.cz)
Skype Click to Call (HKLM\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype verze 8.65 (HKLM\...\Skype_is1) (Version: 8.65 - Skype Technologies S.A.)
Smart Switch (HKLM\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.19091.5 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.19091.5 - Samsung Electronics Co., Ltd.)
Software Informer 1.1 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
Sony PC Companion 2.10.303 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Sound Control v2.15 (HKLM\...\Sound Control_is1) (Version: - Really Effective)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
TotalDocConverter (HKLM\...\Total Doc Converter_is1) (Version: - Softplicity, Inc.)
TotalTV Player (HKLM\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.32.4 - )
Unity Web Player (HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Universal Viewer (HKLM\...\Universal Viewer) (Version: - UVViewSoft)
USB Disk Storage Format Tool 6.0 (HKLM\...\USB Disk Storage Format Tool_is1) (Version: - Authorsoft Corporation)
USB Flash Drive Format Tool 1.0 (HKLM\...\USB Flash Drive Format Tool_is1) (Version: - Rogosoft Corporation)
VIA Platforma Ovladače zařízení (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VideoMate T, M, P, S Series Driver (HKLM\...\{41E340F0-0BD6-4A87-AF29-E9E584471756}) (Version: 1.39.100 - )
Visual Analyser 2011 (HKLM\...\{BE2F9F39-9512-4DFD-A412-0355A2FE66D3}) (Version: 14.0.0.19 - Alfredo Accattatis)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WD SmartWare (HKLM\...\{51B055DD-A5F8-4D0C-A09C-66E58AD56F20}) (Version: 1.5.1 - Western Digital)
WebAdvisor od společnosti McAfee (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.163 - McAfee, LLC)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Wondershare Helper Compact 2.5.2 (HKLM\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Wondershare PDFelement 6 Pro(Build 6.2.2) (HKLM\...\{B026557A-EF19-4812-8A79-B30F94AA0A78}_is1) (Version: 6.2.2.2615 - Wondershare Software Co.,Ltd.)
Wondershare PDFelement(Build 7.5.3) (HKLM\...\{77078E40-A92E-47FD-A0F6-168A4BF6CF3A}_is1) (Version: 7.5.3.4801 - Wondershare Software Co.,Ltd.)
World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version: - Wargaming.net)
Xml Viewer (HKLM\...\{F58E04CD-6E76-43C8-AAF1-482225C2910E}) (Version: 3 - MindFusion Limited)
Zoner Context 4 Lite (HKLM\...\{B55C39AA-34DB-11D5-A3A9-004F4E01877A}) (Version: 4.0.0.0 - Zoner software, s.r.o.)
Zoom (HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\ASRock\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS -> Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}\InprocServer32 -> C:\Program Files\AVAST Software\Avast\ashShell.dll (Avast Software s.r.o. -> AVAST Software)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{7B0EFEE5-076F-A2E3-8F15-9DDAC7CC61C3}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-18] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-05-04] (Nero AG -> Nero AG)
ContextMenuHandlers1: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files\DAEMON Tools Pro\DTShl32.dll [2012-04-26] (DT Soft Ltd -> DT Soft Ltd)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers1: [OpenWith.org] -> {1569D0D3-1127-48A2-A4BC-958553F472C5} => C:\Program Files\OpenWith.org Desktop Tool\OpenWith.org Shell Extension.dll [2009-03-13] (OpenWith.org) [File not signed]
ContextMenuHandlers1: [PeContextMenuExtension] -> {098A124A-AA1C-38C8-A65E-D1199A14516A} => C:\Program Files\Common Files\Wondershare\PDFelement\AddIns\PEShellExt_x86.dll [2020-04-16] (Wondershare Technology Co.,Ltd -> Wondershare)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers1: [TotalConverter] -> {280CFDE1-1354-4431-92F3-03073BA593FB} => C:\Program Files\TotalDocConverter\axTotalConverter.dll [2006-11-30] () [File not signed]
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\WDContextMenuHandler.dll [2011-08-01] (Western Digital) [File not signed]
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\WDContextMenuHandler.dll [2011-08-01] (Western Digital) [File not signed]
ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files\DAEMON Tools Pro\DTShl32.dll [2012-04-26] (DT Soft Ltd -> DT Soft Ltd)
ContextMenuHandlers2: [Hetman Partition Recovery] -> {66953641-5DA9-4A81-82E8-2727300BBD29} => C:\Program Files\Hetman Software\Hetman Partition Recovery 2.2\Resources\DiskMenu.dll [2014-11-27] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2012-11-16] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\WDContextMenuHandler.dll [2011-08-01] (Western Digital) [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2013-04-15 09:06 - 2013-04-15 09:06 - 000032768 _____ () [File not signed] C:\Program Files\Elgato\EyeTV Netstream\Interop.NetFwTypeLib.dll
2013-04-15 09:06 - 2013-04-15 09:06 - 000014848 _____ () [File not signed] C:\Program Files\Elgato\EyeTV Netstream\Interop.UPNPLib.dll
2020-10-01 23:32 - 2020-08-29 04:47 - 000085504 _____ () [File not signed] C:\Program Files\MiniTool ShadowMaker\coresync.dll
2020-10-01 23:32 - 2019-08-15 04:52 - 000064000 _____ () [File not signed] C:\Program Files\MiniTool ShadowMaker\SMTPEmail.dll
2011-10-14 10:21 - 2006-11-30 15:03 - 000434688 _____ () [File not signed] C:\Program Files\TotalDocConverter\axTotalConverter.dll
2010-11-02 07:33 - 2010-11-02 07:33 - 000886272 _____ () [File not signed] C:\Program Files\Western Digital\WD SmartWare\System.Data.SQLite.dll
2011-08-01 06:34 - 2011-08-01 06:34 - 000064000 _____ () [File not signed] C:\Program Files\Western Digital\WD SmartWare\WDCollections.dll
2011-06-02 11:23 - 2010-04-24 04:00 - 000272384 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMLM9Z.DLL
2011-03-19 15:27 - 2010-04-24 05:00 - 000560640 _____ (CANON INC.) [File not signed] C:\Windows\system32\spool\DRIVERS\W32X86\3\CNMDR9Z.DLL
2011-03-19 15:27 - 2010-04-24 05:00 - 002721280 _____ (CANON INC.) [File not signed] C:\Windows\system32\spool\DRIVERS\W32X86\3\CNMUI9Z.DLL
2011-03-19 15:28 - 2010-04-24 05:00 - 000027648 _____ (CANON INC.) [File not signed] C:\Windows\system32\spool\PRTPROCS\W32X86\CNMPD9Z.DLL
2020-10-01 23:32 - 2020-08-29 04:47 - 000150016 _____ (Chengdu Speed Digital Technology Co..Ltd.) [File not signed] C:\Program Files\MiniTool ShadowMaker\FileInfoCommon.dll
2020-10-01 23:32 - 2020-08-29 04:47 - 000055808 _____ (Chengdu Speed Digital Technology Co..Ltd.) [File not signed] C:\Program Files\MiniTool ShadowMaker\ChannelNetFileInfo.dll
2003-03-18 21:12 - 2003-03-18 21:12 - 001047552 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
2003-03-19 07:14 - 2003-03-19 07:14 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll
2003-02-21 15:42 - 2003-02-21 15:42 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll
2003-03-19 07:20 - 2003-03-19 07:20 - 001060864 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL
2019-03-27 22:48 - 2019-03-27 22:48 - 000115200 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2011-12-14 21:38 - 2011-12-14 21:38 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\MSVCP140.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\ucrtbase.DLL
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\VCRUNTIME140.dll
2020-10-01 23:32 - 2013-09-20 10:21 - 000067072 _____ (NT KERNEL RESOURCES LAB.) [File not signed] C:\Program Files\MiniTool ShadowMaker\vdskapi.dll
2012-01-03 14:07 - 2009-03-13 16:36 - 000026112 _____ (OpenWith.org) [File not signed] C:\Program Files\OpenWith.org Desktop Tool\OpenWith.org Shell Extension.dll
2020-09-23 21:48 - 2020-09-23 21:48 - 001261568 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\OO Software\Syspectr\SQLite.Interop.dll
2020-10-01 23:32 - 2017-09-14 13:45 - 000689664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\sqldrivers\qsqlite.dll
2020-10-01 23:32 - 2020-08-29 04:47 - 001228288 _____ (TODO: <Company name>) [File not signed] C:\Program Files\MiniTool ShadowMaker\core7z.dll
2020-09-23 21:49 - 2020-07-22 14:11 - 002122240 _____ (TODO: <Company name>) [File not signed] C:\Program Files\OO Software\Syspectr\Modules\8648d6ec-91ba-46f4-a6f4-2c2c58d88daf\CDI-Lib-Win32.dat
2011-08-01 09:07 - 2011-08-01 09:07 - 000329728 _____ (Western Digital) [File not signed] C:\Program Files\Western Digital\WD SmartWare\WDContextMenuHandler.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-05-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-10-30] (McAfee, LLC -> McAfee, LLC)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-05-16] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files\Geniatech\TotalTV Player\THCDeskBand.dll [2017-06-19] (GENIATECH INC.,LTD) [File not signed]
Toolbar: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (Canon Inc. -> CANON INC.)
Toolbar: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000 -> No Name - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21] (Skype Technologies SA -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2019-01-04 20:22 - 000000068 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ASRock\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 46.16.122.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Avast Cleanup Premium.lnk => C:\Windows\pss\Avast Cleanup Premium.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVer HID Receiver.lnk => C:\Windows\pss\AVer HID Receiver.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk => C:\Windows\pss\AVerQuick.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ASRock^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.lnk => C:\Windows\pss\OpenOffice.org 3.4.lnk.Startup
MSCONFIG\startupfolder: C:^Users^ASRock^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Sound Control.lnk => C:\Windows\pss\Sound Control.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AshSnap => C:\Program Files\Ashampoo\Ashampoo Snap 4\ashsnap.exe
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: cz.seznam.software.autoupdate => "C:\Users\ASRock\AppData\Roaming\Seznam.cz\szninstall.exe" -c
MSCONFIG\startupreg: cz.seznam.software.szndesktop => "C:\Users\ASRock\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: Google Quick Search Box => "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
MSCONFIG\startupreg: Google Update => "C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\ASRock\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
MSCONFIG\startupreg: NeroFilterCheck =>
MSCONFIG\startupreg: Opera Browser Assistant => C:\Program Files\Opera\assistant\browser_assistant.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Sony Ericsson PC Companion => "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TuneupUI.exe => "C:\Program Files\Avast Software\Cleanup\TuneupUI.exe" /nogui
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{60DF021B-9A80-4628-95ED-BEC6B27D1B21}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{BCE470F4-3112-40D4-83FA-0E36EB48420A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{93B6E010-6A25-4F30-B398-F3EC5D0DD673}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{9234EA94-C968-4574-894C-72BC12C5ABE8}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming.net LLP -> Wargaming.net) [File not signed]
FirewallRules: [UDP Query User{99646DB9-6489-4ABA-B94A-1C657FE74FB7}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming.net LLP -> Wargaming.net) [File not signed]
FirewallRules: [TCP Query User{5BAD410E-8E16-4807-9CDF-71A605324C75}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net LLP -> Wargaming.net) [File not signed]
FirewallRules: [UDP Query User{F32BC3ED-2C74-48C7-B434-D1B7F6509D33}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net LLP -> Wargaming.net) [File not signed]
FirewallRules: [{A3FF6EF4-0EAB-4432-BF6D-0282FA359740}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9B74D3DA-9B84-4737-B366-CC3D635F9D3F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{879CE865-2FB7-4C34-8D7F-C9EC724B0593}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{3755EEF4-511C-45D1-8E5A-4245911B7ADE}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{506112E1-7F75-4452-83C6-86278564C835}] => (Block) LPort=445
FirewallRules: [{0587DDA9-5A9D-463C-84F3-29C86CC1D3F0}] => (Block) LPort=445
FirewallRules: [{06AFF714-1CFC-4BBF-BD8B-C5C4CFFF65D2}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\InstTool.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{B903561F-DB08-4476-93F1-54C519459239}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\InstTool.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{768A0F84-6DD9-4352-A896-60C93847167C}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{BA23D28E-3CE9-474A-800F-A2A9678A8DCF}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{D9C1F29F-267D-4834-85A2-6DAED1D7F7A1}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{A4577353-D512-4883-B2A8-D0174A77912E}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [TCP Query User{43506699-BFA8-46C7-969F-36967A2F916A}C:\program files\sony\media go\mediago.exe] => (Block) C:\program files\sony\media go\mediago.exe (Sony Network Entertainment International LLC -> Sony Network Entertainment International LLC)
FirewallRules: [UDP Query User{8F6C3A22-040D-4240-A790-EA72FBB48700}C:\program files\sony\media go\mediago.exe] => (Block) C:\program files\sony\media go\mediago.exe (Sony Network Entertainment International LLC -> Sony Network Entertainment International LLC)
FirewallRules: [{4A78B1A6-BA93-4862-9956-E5F4A61798DC}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E1069FC0-E1C0-4EC8-9655-982223D106DE}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F1687F9A-B6F3-4991-83BF-9D2332945C9D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{53E3A275-E5E2-4309-9739-729C7E408F7A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A5B4CB04-8996-4A0C-9B1A-92AAC1593820}] => (Allow) C:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe (Rosetta Stone Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{9994FB61-FF84-4D3B-B89A-7E2EC83D5742}] => (Allow) C:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe (Rosetta Stone Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{B6F77E66-C7F8-4308-9E92-DDFDFD778963}] => (Allow) C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe (Rosetta Stone Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{B208465D-56D4-4E2B-BB71-D03F66B4F63A}] => (Allow) C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe (Rosetta Stone Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{ADBF8810-7BB8-46ED-AE42-4D4EC50F3DFE}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{AD36DD4E-5A34-4B7D-B659-EB24EE8D6334}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{43B12C5E-F5B1-4DDF-B4CC-DF45126E5CF3}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{73867CCB-A603-4360-8D68-1B4B9DB5DCDE}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{F3341A93-B7EE-4CC0-BE50-90DCA7C5D6F1}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F05F7456-12A5-4B2C-BA74-7BDEA71D26BA}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AFBDBE72-1568-477C-AE67-D5485B12B9B3}] => (Allow) C:\Program Files\Opera\71.0.3770.284\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{BF58789D-876E-4408-8828-BA55037582A6}] => (Allow) C:\Program Files\Opera\72.0.3815.186\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{E591E108-FE5D-466D-93FA-405D136B5645}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C2201953-1DB5-4E39-BC32-3E565CC4A69E}] => (Allow) C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{A45C2DF5-BC06-4315-AF21-1CA46EA76BA7}] => (Allow) C:\Windows\ehome\ehrecvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4ABB75EC-78C7-4026-AD56-610A37A56746}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> )
FirewallRules: [{607D3005-3420-4C7A-BF81-3468378072A8}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> )
==================== Restore Points =========================
07-10-2020 22:28:13 Revo Uninstaller's restore point - Avast Cleanup Premium
07-10-2020 22:32:24 Revo Uninstaller's restore point - Microsoft Edge
31-10-2020 22:59:31 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
Name: HWiNFO Kernel Driver
Description: HWiNFO Kernel Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HWiNFO
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (11/08/2020 09:41:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 78.0.2.7494 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 20e4
Čas spuštění: 01d6b5fd99075a4a
Čas ukončení: 10490
Cesta k aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe
ID hlášení: 1f341f80-2202-11eb-a521-e97e627cf197
Error: (11/08/2020 09:23:12 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (11/08/2020 08:23:18 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (11/08/2020 07:23:19 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (11/08/2020 06:23:19 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (11/08/2020 05:26:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 86.0.4240.183, časové razítko: 0x5f9f4e8b
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.24545, časové razítko: 0x5e0eb7a5
Kód výjimky: 0xc0000374
Posun chyby: 0x000c3c77
ID chybujícího procesu: 0x1524
Čas spuštění chybující aplikace: 0x01d6b5b2db6d7932
Cesta k chybující aplikaci: C:\Program Files\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 254e165a-21df-11eb-a521-e97e627cf197
Error: (11/08/2020 05:23:19 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (11/08/2020 04:23:12 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
System errors:
=============
Error: (11/08/2020 10:35:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba CCleaner Browser Update (ccleaner) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (11/08/2020 10:35:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba CCleaner Browser Update (ccleaner) bylo dosaženo časového limitu (30000 ms).
Error: (11/08/2020 10:34:03 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
HWiNFO
Error: (11/07/2020 10:10:24 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.
Error: (11/07/2020 10:06:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
HWiNFO
Error: (11/06/2020 06:51:29 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
HWiNFO
Error: (11/05/2020 08:58:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
HWiNFO
Error: (11/04/2020 11:20:34 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2015-01-16 15:32:01.178
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files\Settings Manager\smdmf\Helper.dll;folder:C:\Program Files\Settings Manager\
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2015-01-16 15:21:07.502
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files\Settings Manager\smdmf\Helper.dll
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2015-01-13 20:57:23.600
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files\Settings Manager\smdmf\Helper.dll
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2015-01-09 18:05:50.229
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:containerfile:C:\Users\ASRock\AppData\Local\Temp\nsx4EB4.tmp\nsg57FF.tmp\SettingsManagerMediaBar.exe;file:C:\Program Files\Settings Manager\smdmf\smdmfu.exe;file:C:\Users\ASRock\AppData\Local\Temp\nsx4EB4.tmp\nsg57FF.tmp\SettingsManagerMediaBar.exe->(VFS:Helper.dll#4);process:pid:4204;process:pid:4204,ProcessStart:130652960117988281;process:pid:860
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2015-01-09 17:55:24.089
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:containerfile:C:\Users\ASRock\AppData\Local\Temp\nsx4EB4.tmp\nsg57FF.tmp\SettingsManagerMediaBar.exe;file:C:\Program Files\Settings Manager\smdmf\smdmfu.exe;file:C:\Users\ASRock\AppData\Local\Temp\nsx4EB4.tmp\nsg57FF.tmp\SettingsManagerMediaBar.exe->(VFS:Helper.dll#4);process:pid:4204;process:pid:860
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2016-08-06 21:37:52.669
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:1.225.2931.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:1.1.12902.0
Kód chyby:0x800704c8
Popis chyby:Požadovanou operaci nelze provést se souborem, jehož uživateli mapovaný oddíl je otevřen.
Date: 2014-05-16 01:01:57.593
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
Date: 2014-05-16 01:01:57.588
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
CodeIntegrity:
===================================
Date: 2016-12-19 14:25:43.530
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 14:25:42.733
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 01:08:53.214
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 01:08:52.683
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 00:44:26.237
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 00:43:21.522
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 00:43:15.582
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 00:42:52.987
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P1.80 05/21/2010
Motherboard: ASRock K10N78D
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+
Percentage of memory in use: 85%
Total physical RAM: 3327.18 MB
Available physical RAM: 472.21 MB
Total Virtual: 8285.6 MB
Available Virtual: 1732.54 MB
==================== Drives ================================
Drive c: (Win 7) (Fixed) (Total:298.09 GB) (Free:162.55 GB) NTFS
Drive d: () (Fixed) (Total:17.58 GB) (Free:1.58 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (DATA) (Fixed) (Total:46.94 GB) (Free:5.98 GB) NTFS
Drive f: () (Fixed) (Total:3.65 GB) (Free:3.26 GB) NTFS
Drive g: (LINUX) (Fixed) (Total:6.34 GB) (Free:1.94 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: D215FAD2)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 74.5 GB) (Disk ID: 004F4E7D)
Partition 1: (Active) - (Size=17.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=56.9 GB) - (Type=0F Extended)
==================== End of Addition.txt =======================
Díky.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-11-2020
Ran by ASRock (administrator) on ASROCK-PC (08-11-2020 21:43:16)
Running from C:\Users\ASRock\Downloads
Loaded Profiles: ASRock
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(DT Soft Ltd -> DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(Elgato Systems -> Elgato Systems GmbH) C:\Program Files\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <30>
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Megaify Software Co.,Ltd. -> Megaify Software Co., Ltd.) C:\Program Files\DriverToolkit\DriverToolkit.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\AgentService.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Syspectr\OOSysAgent.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Rosetta Stone Ltd -> Rosetta Stone Ltd.) C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Secunia -> Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Secunia -> Secunia) C:\Program Files\Secunia\PSI\psia.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Western Digital Technologies, Inc. -> Western Digital) C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [98408 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [175584 2020-02-19] (MiniTool Software Limited -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [26069176 2020-10-23] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Run: [Remote Control Editor] => C:\Program Files\Common Files\TotalTV Player\Remote\TTTvRc.exe [1836544 2017-06-19] (GENIATECH INC.,LTD) [File not signed]
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\MountPoints2: {b367d44f-541b-11e2-b3af-002522739666} - I:\wubi.exe --cdmenu
HKLM\...\Windows NT x86\Print Processors\Canon MP550 series Print Processor: C:\Windows\System32\spool\prtprocs\W32X86\CNMPD9Z.DLL [27648 2010-04-24] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP550 series: C:\Windows\system32\CNMLM9Z.DLL [272384 2010-04-24] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\Windows\system32\WSPDFelementMonitor.dll [96968 2017-04-11] (Wondershare Technology Co.,Ltd -> Wondershare Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files\CCleaner Browser\Application\86.1.6738.114\Installer\chrmstp.exe [2020-11-05] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\86.0.4240.183\Installer\chrmstp.exe [2020-11-04] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2020-10-07]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia -> Secunia)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02ACA505-55B8-4FB5-8006-FA9D0AF5124A} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [194104 2011-10-04] (Google Inc -> Google) <==== ATTENTION
Task: {04DD91AE-BEDE-4E47-BDAD-FAE5932F63EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {072430D6-05BC-4A7F-8B9A-FECBE95662F7} - System32\Tasks\AdobeAAMUpdater-1.0-ASRock-PC-ASRock => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {07405305-1F0A-44BD-B770-F2D88BCE4363} - System32\Tasks\{06168F8C-F3B0-40D2-87EE-A2FD7B8EDDF8} => C:\Windows\system32\pcalua.exe -a H:\start.exe -d H:\
Task: {111A27C6-D4C5-412E-9650-4C3ED8B55F7F} - System32\Tasks\{D87924E7-3AD2-427B-8392-0148ED919BE6} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\startuplite-setup-1.07.exe -d C:\Users\ASRock\Downloads
Task: {126782EF-1B04-4401-88AA-8965B2C05A77} - System32\Tasks\{43DA2AE2-0829-4943-8A8C-127D53E17DDB} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Desktop\OpenOffice.org 3.3 (cs) Installation Files\java\jre-windows-i586.exe" -d "C:\Users\ASRock\Desktop\OpenOffice.org 3.3 (cs) Installation Files\java"
Task: {127DAF13-2633-4B1A-ACA5-AF340DFEE60D} - System32\Tasks\{EF89E52D-7B16-4823-AF4A-6D75959E418A} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\Install-winMd5Sum.exe -d C:\Users\ASRock\Downloads
Task: {189EED5E-1CEF-48A1-B3F5-6E8B736A07F8} - System32\Tasks\{7773C2EA-9FF7-4610-A859-0FC9A6D5B179} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\smwin143en.exe -d "C:\Program Files\Mozilla Firefox"
Task: {1BED3F63-6C01-4CE8-8861-5F94F4CFE1E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {221593B6-64BA-4769-87ED-83A07ECF3071} - System32\Tasks\{7893F07A-0E28-457F-B0F7-52A3F3B42A84} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Downloads\RosettaStoneAudioOptimizerInstaller (1).exe" -d C:\Users\ASRock\Downloads
Task: {22E5F691-7D91-4248-91FD-BD2A3E07F9BA} - System32\Tasks\{C47DEF80-4E64-4D1F-A42F-494C4FCFF9FF} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller Pro"
Task: {326A97A1-51E1-4F74-876C-F15C628233F2} - System32\Tasks\Opera scheduled assistant Autoupdate 1582743760 => C:\Program Files\Opera\launcher.exe [1529368 2020-10-29] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {371AE9B0-6E59-4547-928F-46D9A6B19BCC} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1946312 2020-11-02] (Piriform Software Ltd -> Piriform Software)
Task: {3E78145F-6DD9-423E-B7BD-865B8159E683} - System32\Tasks\{91AF20EF-5AF8-4584-8A07-C7C852D86E4F} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\HijackThis.exe -d C:\Users\ASRock\Downloads
Task: {4E2BB29B-171D-4DC7-AE0A-80AD2AD5C537} - System32\Tasks\ASC10_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare\Monitor.exe
Task: {4EBE5834-C010-4144-9882-E371F8043EC1} - System32\Tasks\Driver Booster SkipUAC (ASRock) => C:\Program Files\IObit\Driver Booster\5.0.3\DriverBooster.exe
Task: {59C4810C-CB4D-4F79-8928-F4BAD0C94F40} - System32\Tasks\{C1F2F6AE-673D-46A8-920D-463C4E5B1EDD} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\VMHybrid_1.39.100_WLH.exe -d "C:\Program Files\Mozilla Firefox"
Task: {5EDC88C4-5E63-4220-92E7-54561F4AC3E3} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3918440 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
Task: {5F21BFAB-CF74-435E-B7F4-E91BE44E6F1E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1499240 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {606638E0-228E-4194-AD0A-E65FD8EE66BD} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1946312 2020-11-02] (Piriform Software Ltd -> Piriform Software)
Task: {6570D0A1-C3E1-4261-8F08-C3C61492279D} - System32\Tasks\{5416AA1A-98FB-4F2D-A462-8372F2B3CA74} => C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe [10320896 2017-06-19] (GENIATECH INC.,LTD) [File not signed]
Task: {7679513E-97E8-45E2-97BE-A203121D32C3} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [175584 2020-02-19] (MiniTool Software Limited -> )
Task: {799A0D78-2F92-4FCA-86DE-3C0BCF313D80} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-09-03] (Piriform Software Ltd -> Piriform Software)
Task: {7CA2B169-6A25-4CE3-83D3-2922AE05566B} - System32\Tasks\Google Updater and Installer => C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc -> Google Inc.)
Task: {9818DF56-8865-43F9-91B3-A23976B9A90F} - System32\Tasks\pcupdater_UPDATES => C:\Program Files\RadarSync\pcupdater.exe [9736256 2013-01-24] (RadarSync -> RadarSync)
Task: {999253F8-7BA1-49B9-96B7-5C75E0B49034} - System32\Tasks\Uninstaller_SkipUac_ASRock => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {9CDE696B-5C26-4575-890A-373D7B77D5D5} - System32\Tasks\{A8102A9C-D4BF-4C85-9A3E-0744B1B79E3C} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\sp43155.exe -d "C:\Program Files\Mozilla Firefox"
Task: {9EFE0CCA-43C6-4905-95C8-20391AB46793} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {A3DFC65D-04D5-48EB-9DD8-34A325E8571E} - System32\Tasks\DriverToolkit Autorun => C:\Program Files\DriverToolkit\DriverToolkit.exe [1304040 2015-07-01] (Megaify Software Co.,Ltd. -> Megaify Software Co., Ltd.)
Task: {A5391D08-DB7B-4F92-B137-F6410C1FE499} - System32\Tasks\{E0BFEEE6-5026-4542-9F88-F5098DF7B3B5} => C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe [10320896 2017-06-19] (GENIATECH INC.,LTD) [File not signed]
Task: {A6E342A7-34E3-420E-9F83-C72B068F907F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000UA => C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc -> Google Inc.)
Task: {AD466674-F486-4C06-8B9A-705C3E6DE535} - System32\Tasks\{524466C9-6B0A-43D7-8F9A-4B10679A0FF0} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\OnLineRecovery_JF620_v9.0.0.28.exe -d C:\Users\ASRock\Downloads
Task: {B02C6B18-6B19-47F5-BB6F-88AF561302D2} - System32\Tasks\MiniTool Shadow Maker => C:\Program Files\MiniTool ShadowMaker\SMMonitor.exe [1027056 2020-08-30] (MiniTool Software Limited -> )
Task: {CCCDC791-06DA-4B93-B256-AB7993955449} - System32\Tasks\Opera scheduled Autoupdate 1496678798 => C:\Program Files\Opera\launcher.exe [1529368 2020-10-29] (Opera Software AS -> Opera Software)
Task: {CD4DF41D-2236-46F9-99FB-952499E44145} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7027568 2018-02-08] (Reimage Limited -> Reimage®) <==== ATTENTION
Task: {D31A2138-4536-478A-8F82-BAA22083170B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000Core => C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc -> Google Inc.)
Task: {D51623D4-8DAD-4E68-B832-9C0C5878B77C} - System32\Tasks\ASC10_SkipUac_ASRock => C:\Program Files\IObit\Advanced SystemCare\ASC.exe
Task: {DB3B9057-5496-4400-923D-0BB66E01678D} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-09-03] (Piriform Software Ltd -> Piriform Software)
Task: {DC48B033-C744-41DB-BD49-D619877824AB} - System32\Tasks\{57D6CE74-987F-429E-8C6A-8F883A6C5648} => C:\Windows\system32\pcalua.exe -a H:\setup.exe -d H:\
Task: {DCBE69B8-0D0B-4169-9490-D328F1AD0313} - System32\Tasks\{32355ADF-D330-48C7-985C-D24D6DAE8351} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Downloads\Instaluj.cz - 9354.exe" -d C:\Users\ASRock\Downloads
Task: {E4604FC4-C7E4-405D-AFE0-F0EB1E4B4B42} - System32\Tasks\pcupdaterRunAtStartup => C:\Program Files\RadarSync\pcupdater.exe [9736256 2013-01-24] (RadarSync -> RadarSync)
Task: {E9F302E3-E775-4F4F-8F17-D4AB0F032B5D} - System32\Tasks\{C6A505E6-58EE-4196-9BB8-7841E32C122B} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\VirtualBox-4.2.20-90983-Win.exe -d C:\Users\ASRock\Downloads
Task: {EABEF607-18D2-4BD1-930A-F7893C0B58F6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-10-23] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F2B5AF81-2F58-41CE-9560-A71A32D5B48D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {FF8FC8BA-12CD-4E89-8D3B-8EFAB2B00272} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26069176 2020-10-23] (Piriform Software Ltd -> Piriform Software Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files\DriverToolkit\DriverToolkit.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Winsock: Catalog9 01 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA Corporation -> NVIDIA)
Winsock: Catalog9 02 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA Corporation -> NVIDIA)
Winsock: Catalog9 03 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA Corporation -> NVIDIA)
Winsock: Catalog9 04 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA Corporation -> NVIDIA)
Winsock: Catalog9 05 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA Corporation -> NVIDIA)
Winsock: Catalog9 06 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA Corporation -> NVIDIA)
Winsock: Catalog9 18 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA Corporation -> NVIDIA)
Winsock: Catalog9 19 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664 2010-01-21] (NVIDIA Corporation -> NVIDIA)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 46.16.122.2
Tcpip\..\Interfaces\{E33BE343-EF5F-45B5-8D94-A4D01331B8FF}: [DhcpNameServer] 46.16.122.2
FireFox:
========
FF DefaultProfile: j9cebcfi.default
FF ProfilePath: C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default [2020-11-08]
FF user.js: detected! => C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\user.js [2016-07-24]
FF Homepage: Mozilla\Firefox\Profiles\j9cebcfi.default -> hxxps://www.seznam.cz/?clid=22668
FF Extension: (Dashlane) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\jetpack-extension@dashlane.com.xpi [2020-11-08] [UpdateUrl:hxxps://ws1.dashlane.com/5/binaries/query?logins=&platform=firefox&target=ff_web_extension&format=json&version=]
FF Extension: (Avast Passwords) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2020-05-23] [UpdateUrl:hxxps://pamcdn.avast.com/pamcdn/extensions/firefox/update.json]
FF Extension: (Emoji Cheatsheet for GitHub, Basecamp etc.) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\jid1-Xo5SuA6qc1DFpw@jetpack.xpi [2017-11-15]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2020-11-08]
FF Extension: (Video DownloadHelper) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-05-23]
FF SearchPlugin: C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\searchplugins\seznam-avast.xml [2015-03-16]
FF HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-03-27] (CANON INC.) [File not signed]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-05-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-10-04] (Google Inc -> Google)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-09-03] (Piriform Software Ltd -> Piriform Software)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-09-03] (Piriform Software Ltd -> Piriform Software)
FF Plugin: @videolan.org/vlc,version=1.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2661226761-2934294044-4021329715-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ASRock\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2661226761-2934294044-4021329715-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\ASRock\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-03-25] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-2661226761-2934294044-4021329715-1000: sony.com/MediaGoDetector -> C:\Program Files\Sony\Media Go\npMediaGoDetector.dll [2016-10-24] (Sony Network Entertainment International LLC) [File not signed]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\all-gemius.js [2016-07-16]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default [2020-11-08]
CHR Notifications: Default -> hxxps://app.mondly.com; hxxps://cs.duolingo.com; hxxps://jak-vydelat-penize.pushresponse.net; hxxps://james.darpinian.com; hxxps://novaplus.nova.cz; hxxps://www.chip.cz; hxxps://www.easeus.com; hxxps://www.esky.cz; hxxps://zpravy.aktualne.cz
CHR HomePage: Default -> hxxp://www.centrum.cz/
CHR StartupUrls: Default -> "hxxp://centrum.cz/","hxxps://www.duolingo.com/","hxxps://app.mondly. ... x.php/live"
CHR Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2019-08-12]
CHR Extension: (Avast Passwords) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2020-02-10]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-07-05]
CHR Extension: (Dashlane - Password Manager) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2020-11-07]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-10-31]
CHR Extension: (Duolingo Tweaks) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcankdajnfcbepbhjhfechmandhfplen [2015-12-06]
CHR Extension: (Duolingo Vocabulary Manager) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\mglmcjokbicehcaojghjmhfjnaooffcd [2015-12-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Chrome Media Router) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-10]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files\Sony\Media Go\MediaGoDetector.crx" <not found>
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [217088 2012-11-16] (Advanced Micro Devices, Inc. -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-11-16] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7522208 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [332344 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [2511456 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-09-03] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files\CCleaner Browser\Application\86.1.6738.114\elevation_service.exe [1136920 2020-11-02] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-09-03] (Piriform Software Ltd -> Piriform Software)
R2 EyeTV Netstream; C:\Program Files\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe [400864 2013-04-15] (Elgato Systems -> Elgato Systems GmbH)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [370792 2010-01-21] (NVIDIA Corporation -> )
R2 FoxitReaderUpdateService; C:\Program Files\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [1995184 2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [729632 2020-10-30] (McAfee, LLC -> McAfee, LLC)
R2 MTAgentService; C:\Program Files\MiniTool ShadowMaker\AgentService.exe [676336 2020-08-30] (MiniTool Software Limited -> )
R2 MTSchedulerService; C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe [204272 2020-08-30] (MiniTool Software Limited -> )
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [167528 2010-01-21] (NVIDIA Corporation -> )
S3 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7027568 2018-02-08] (Reimage Limited -> Reimage®)
R2 RosettaStoneDaemon; C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe [1646608 2012-06-19] (Rosetta Stone Ltd -> Rosetta Stone Ltd.)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia -> Secunia)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Sony Mobile Communications AB -> Avanquest Software) [File not signed]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 SyspectrAgent; C:\Program Files\OO Software\Syspectr\OOSysAgent.exe [310328 2020-09-18] (O&O Software GmbH -> O&O Software GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36496 2016-12-19] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe [263056 2011-08-01] (Western Digital Technologies, Inc. -> WDC)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdiox86; C:\Windows\System32\DRIVERS\amdiox86.sys [37944 2010-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10070016 2012-11-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [290304 2012-11-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35040 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [175776 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [189520 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [154696 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [55888 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40736 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [147712 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [375192 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [36104 2020-04-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [94192 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72840 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [691064 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [396616 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [163312 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [277960 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [78848 2016-07-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10070016 2012-11-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AVerA706; C:\Windows\System32\DRIVERS\AVerA706.sys [1223040 2010-04-08] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R3 CYDTV_SRV; C:\Windows\System32\drivers\cydtv.sys [1203200 2017-06-28] (Shenzhen Geniatech Technology LTD. -> )
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-01-01] (DT Soft Ltd -> DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [23688 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFl; C:\Windows\System32\drivers\EPMVolFl.sys [17672 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R0 EUDCPEPM; C:\Windows\System32\drivers\EUDCPEPM.sys [66184 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C:\Windows\system32\drivers\EUEDKEPM.sys [21640 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [13832 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [52376 2020-01-28] (Martin Malik - REALiX -> REALiX(tm))
R1 HWiNFO_150; C:\Windows\system32\drivers\HWiNFO32_150.SYS [53152 2020-05-24] (Martin Malik - REALiX -> REALiX(tm))
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2011-03-19] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
S3 k750mdfl; C:\Windows\System32\DRIVERS\k750mdfl.sys [6576 2011-03-19] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
S3 k750mdm; C:\Windows\System32\DRIVERS\k750mdm.sys [89872 2011-03-19] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
S3 k750mgmt; C:\Windows\System32\DRIVERS\k750mgmt.sys [81728 2011-03-19] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
S3 k750obex; C:\Windows\System32\DRIVERS\k750obex.sys [79488 2011-03-19] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [73984 2020-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [169472 2016-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nvsmu; C:\Windows\System32\DRIVERS\nvsmu.sys [18944 2010-03-22] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-12-06] (Secunia -> Secunia)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [17160 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13064 2019-11-08] (MiniTool Solution Ltd -> )
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [575696 2016-12-19] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam.sys [11520 2011-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [X]
U3 DfSdkS; no ImagePath
S1 HWiNFO; \??\C:\Users\ASRock\AppData\Local\Temp\HWiNFO32.SYS [X] <==== ATTENTION
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
Error(1) reading file: "C:\Users\ASRock\Downloads\VideoDownloadConvertCrxSetup.12C08EE7-9AD5-4867-88BB-F1C671A8C0D5.exe"
2020-11-08 21:43 - 2020-11-08 21:48 - 000037803 _____ C:\Users\ASRock\Downloads\FRST.txt
2020-11-08 21:30 - 2020-11-08 21:32 - 002012672 _____ (Farbar) C:\Users\ASRock\Downloads\FRST.exe
2020-11-08 21:13 - 2020-11-08 21:13 - 000053473 _____ C:\Users\ASRock\Downloads\Vypis_z_uctu-2401825416_20201001-20201031_cislo-5.pdf
2020-11-08 16:20 - 2020-11-08 16:20 - 001107968 _____ C:\Users\ASRock\Downloads\RSIT.exe
2020-11-08 16:07 - 2020-11-08 16:11 - 000060069 _____ C:\Users\ASRock\Desktop\Addition.txt
2020-11-08 16:01 - 2020-11-08 16:11 - 000038024 _____ C:\Users\ASRock\Desktop\FRST.txt
2020-11-07 22:33 - 2020-11-07 22:33 - 000711408 _____ C:\Users\ASRock\Downloads\cz_manual_evolveo_sigma_t2 (6).pdf
2020-11-07 22:33 - 2020-11-07 22:33 - 000711408 _____ C:\Users\ASRock\Downloads\cz_manual_evolveo_sigma_t2 (5).pdf
2020-11-07 22:13 - 2020-11-07 22:13 - 000000000 ____D C:\Users\ASRock\AppData\LocalLow\Foxit
2020-11-02 21:06 - 2020-11-02 21:06 - 000000000 ____D C:\Users\ASRock\Downloads\Simca
2020-11-02 20:56 - 2020-11-02 20:59 - 406931777 _____ C:\Users\ASRock\Downloads\Simca.zip
2020-10-27 22:55 - 2020-11-08 21:14 - 000223766 _____ C:\Windows\ntbtlog.txt
2020-10-26 20:33 - 2020-10-26 20:34 - 000007664 _____ C:\Users\ASRock\Documents\cc_20201026_203352.reg
2020-10-26 20:23 - 2020-10-26 20:24 - 029853224 _____ (Piriform Software Ltd) C:\Users\ASRock\Downloads\ccsetup573.exe
2020-10-21 23:09 - 2020-10-21 23:09 - 000570586 _____ (Authorsoft Corporation ) C:\Users\ASRock\Downloads\USBFormatToolSetup (1).exe
2020-10-20 23:41 - 2020-10-20 23:41 - 000001220 _____ C:\Users\Public\Desktop\EaseUS Partition Master 14.5.lnk
2020-10-20 23:41 - 2020-10-20 23:41 - 000001220 _____ C:\ProgramData\Desktop\EaseUS Partition Master 14.5.lnk
2020-10-20 23:41 - 2020-10-20 23:41 - 000000000 ____D C:\ProgramData\SystemAcCrux
2020-10-20 23:41 - 2020-10-20 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 14.5
2020-10-20 23:41 - 2020-07-07 14:14 - 000149128 _____ C:\Windows\system32\setupempdrv03.exe
2020-10-20 23:41 - 2020-07-07 14:14 - 000023688 _____ C:\Windows\system32\epmntdrv.sys
2020-10-20 23:41 - 2020-07-07 14:14 - 000017672 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\EPMVolFl.sys
2020-10-20 23:41 - 2020-07-07 14:14 - 000017672 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\EPMVolFl.sys
2020-10-20 23:41 - 2020-07-07 14:14 - 000013832 _____ C:\Windows\system32\EuGdiDrv.sys
2020-10-20 23:41 - 2020-07-07 14:12 - 003734664 _____ C:\Windows\system32\BootMan.exe
2020-10-20 23:41 - 2020-07-07 14:12 - 000024712 _____ C:\Windows\system32\EuEpmGdi.dll
2020-10-20 23:41 - 2020-07-07 14:11 - 000066184 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\EUDCPEPM.sys
2020-10-20 23:41 - 2020-07-07 14:11 - 000021640 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\EUEDKEPM.sys
2020-10-20 23:41 - 2020-02-23 13:49 - 000000057 _____ C:\Windows\system32\setupepmdrv.ini
2020-10-20 23:40 - 2020-10-20 23:40 - 047169616 _____ (EaseUS ) C:\Users\ASRock\Downloads\epm_free_easeus.exe
2020-10-20 23:40 - 2020-10-20 23:40 - 000000000 ____D C:\Program Files\EaseUS
2020-10-20 23:39 - 2020-10-20 23:39 - 001710608 _____ C:\Users\ASRock\Downloads\epm_free_installer.exe
2020-10-20 23:06 - 2020-10-20 23:06 - 000226437 _____ C:\Users\ASRock\Downloads\Stepankovi_2.pdf.zip
2020-10-20 00:30 - 2020-10-20 00:30 - 000080038 _____ C:\Users\ASRock\Downloads\kupon.pdf
2020-10-19 21:46 - 2020-10-19 21:46 - 000002060 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2020-10-19 21:46 - 2020-10-19 21:46 - 000002060 _____ C:\ProgramData\Desktop\Foxit Reader.lnk
2020-10-19 21:46 - 2020-10-19 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2020-10-18 09:04 - 2020-10-18 09:03 - 000285280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-10-18 09:03 - 2020-10-18 09:03 - 000163312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-10-18 09:03 - 2020-10-18 09:03 - 000147712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-10-17 22:19 - 2020-10-17 22:19 - 000000000 ____D C:\Users\ASRock\Downloads\Honza_Kozel.pdf
2020-10-17 22:16 - 2020-10-17 22:17 - 000206693 _____ C:\Users\ASRock\Downloads\Honza_Kozel.pdf.zip
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-08 21:46 - 2017-11-23 10:39 - 000000000 ____D C:\FRST
2020-11-08 21:27 - 2016-09-09 22:25 - 000000000 ____D C:\Users\ASRock\AppData\Local\AVAST Software
2020-11-08 20:12 - 2013-08-16 20:00 - 000000000 ____D C:\Users\ASRock\Desktop\Pro Honzíka
2020-11-08 19:34 - 2020-07-09 21:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-08 19:33 - 2017-04-03 08:47 - 000000000 ____D C:\Users\ASRock\AppData\LocalLow\Mozilla
2020-11-08 16:20 - 2013-04-24 19:25 - 000000000 ____D C:\Program Files\trend micro
2020-11-08 12:19 - 2009-07-14 05:34 - 000026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-11-08 12:19 - 2009-07-14 05:34 - 000026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-11-08 12:13 - 2020-10-07 18:59 - 000002982 _____ C:\Windows\system32\Tasks\{E0BFEEE6-5026-4542-9F88-F5098DF7B3B5}
2020-11-08 12:13 - 2020-10-07 18:59 - 000002982 _____ C:\Windows\system32\Tasks\{5416AA1A-98FB-4F2D-A462-8372F2B3CA74}
2020-11-08 12:13 - 2020-10-01 23:33 - 000002998 _____ C:\Windows\system32\Tasks\MiniTool Shadow Maker
2020-11-08 12:13 - 2020-10-01 23:32 - 000003184 _____ C:\Windows\system32\Tasks\MiniToolPartitionWizard
2020-11-08 12:13 - 2020-09-18 19:34 - 000003176 _____ C:\Windows\system32\Tasks\{524466C9-6B0A-43D7-8F9A-4B10679A0FF0}
2020-11-08 12:13 - 2020-09-04 19:04 - 000002708 _____ C:\Windows\system32\Tasks\DriverToolkit Autorun
2020-11-08 12:13 - 2020-09-04 19:04 - 000000348 _____ C:\Windows\Tasks\DriverToolkit Autorun.job
2020-11-08 12:13 - 2020-07-06 21:32 - 000004464 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-11-08 12:13 - 2019-07-18 11:39 - 000003132 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2020-11-08 12:13 - 2019-07-18 11:38 - 000003714 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2020-11-08 12:13 - 2019-07-18 11:37 - 000003426 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2020-11-08 12:13 - 2019-07-18 11:37 - 000003298 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2020-11-08 12:13 - 2018-08-20 11:40 - 000002794 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-11-08 12:13 - 2017-11-22 18:06 - 000003836 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1496678798
2020-11-08 12:13 - 2017-11-09 00:06 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-11-08 12:13 - 2015-12-03 17:47 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-11-08 12:13 - 2015-05-16 22:51 - 000000924 _____ C:\Windows\Tasks\Google Software Updater.job
2020-11-08 12:13 - 2011-08-18 02:09 - 000003586 _____ C:\Windows\system32\Tasks\Google Software Updater
2020-11-08 12:13 - 2011-08-18 02:09 - 000003374 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-11-08 12:13 - 2011-08-18 02:09 - 000003246 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-08 10:59 - 2020-10-01 23:34 - 000000000 ____D C:\Users\ASRock\AppData\Roaming\QtProject
2020-11-08 10:48 - 2011-03-07 17:49 - 000000000 ____D C:\ProgramData\AVAST Software
2020-11-08 10:36 - 2017-03-13 21:54 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-11-08 10:32 - 2016-05-31 15:13 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2020-11-08 10:32 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-11-08 02:02 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\tracing
2020-11-06 19:04 - 2020-05-29 14:30 - 000001994 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-05 21:20 - 2019-07-18 11:40 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2020-11-05 21:20 - 2019-07-18 11:40 - 000002190 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2020-11-05 21:20 - 2019-07-18 11:40 - 000002190 _____ C:\ProgramData\Desktop\CCleaner Browser.lnk
2020-11-05 21:20 - 2019-07-18 11:37 - 000000000 ____D C:\Program Files\CCleaner Browser
2020-11-04 23:42 - 2014-02-22 21:06 - 000002135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-04 23:42 - 2014-02-22 21:06 - 000002094 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-04 23:42 - 2014-02-22 21:06 - 000002094 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-11-03 21:57 - 2017-06-05 17:06 - 000000000 ____D C:\Program Files\Opera
2020-10-31 00:34 - 2011-03-07 17:09 - 001704428 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-31 00:34 - 2009-07-14 09:44 - 000713412 _____ C:\Windows\system32\perfh005.dat
2020-10-31 00:34 - 2009-07-14 09:44 - 000158440 _____ C:\Windows\system32\perfc005.dat
2020-10-31 00:34 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2020-10-26 20:34 - 2014-10-19 21:29 - 000796160 ___SH C:\Users\ASRock\Desktop\Thumbs.db
2020-10-26 20:26 - 2011-03-21 00:23 - 000000934 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-10-26 20:26 - 2011-03-21 00:23 - 000000934 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-10-21 23:20 - 2018-06-23 18:38 - 000001099 _____ C:\Users\ASRock\Desktop\USB Disk Storage Format Tool.lnk
2020-10-21 23:20 - 2018-06-23 18:38 - 000000063 _____ C:\Users\ASRock\Desktop\Create Bootable USB.url
2020-10-21 23:20 - 2018-06-23 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Storage Format Tool 5.3
2020-10-21 23:20 - 2018-06-23 18:38 - 000000000 ____D C:\Program Files\USB Disk Storage Format Tool
2020-10-19 21:49 - 2013-08-04 13:27 - 000000993 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-10-19 21:49 - 2013-08-04 13:27 - 000000993 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-10-19 21:47 - 2018-12-06 21:52 - 000001233 _____ C:\Users\Public\Desktop\Skype.lnk
2020-10-19 21:47 - 2018-12-06 21:52 - 000001233 _____ C:\ProgramData\Desktop\Skype.lnk
2020-10-19 21:47 - 2018-12-06 21:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-10-19 21:47 - 2012-05-06 17:59 - 000000000 ____D C:\Users\ASRock\AppData\Roaming\Skype
2020-10-19 21:46 - 2016-08-25 21:41 - 000000000 ____D C:\ProgramData\Foxit Software
2020-10-19 21:44 - 2019-11-13 20:00 - 000000068 _____ C:\Users\Public\Documents\pre_fileassoc.tmp
2020-10-19 21:44 - 2019-11-13 20:00 - 000000068 _____ C:\ProgramData\Documents\pre_fileassoc.tmp
2020-10-18 09:19 - 2020-04-15 18:34 - 000375192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-10-18 09:06 - 2011-03-26 10:56 - 000000000 ____D C:\Windows\system32\Macromed
2020-10-18 09:03 - 2019-01-08 23:14 - 000154696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-10-18 09:03 - 2019-01-08 23:14 - 000055888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-10-18 09:03 - 2018-11-15 20:43 - 000040736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-10-18 09:03 - 2013-03-18 13:32 - 000277960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-10-18 09:03 - 2013-03-18 13:32 - 000072840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-10-18 09:03 - 2012-03-14 14:35 - 000094192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-10-18 09:03 - 2011-03-07 17:50 - 000396616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-10-18 09:02 - 2019-01-14 20:32 - 000189520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-10-18 09:02 - 2019-01-08 23:14 - 000035040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-10-18 09:02 - 2018-01-10 20:27 - 000175776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-10-18 09:02 - 2011-03-07 17:50 - 000691064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-10-15 23:41 - 2014-05-29 10:05 - 000000000 ____D C:\Users\ASRock\Desktop\SonEric_28_5_2014
2020-10-14 22:38 - 2013-02-14 17:37 - 000000000 ____D C:\Users\ASRock\Desktop\RECEPTY
==================== Files in the root of some directories ========
2013-09-19 16:58 - 2013-09-19 16:58 - 000000000 _____ () C:\Users\ASRock\AppData\Roaming\pdfperformer
2015-01-05 14:23 - 2015-01-05 14:25 - 000011264 ___SH () C:\Users\ASRock\AppData\Roaming\Thumbs.db
2011-06-23 17:32 - 2016-06-06 22:30 - 000006144 _____ () C:\Users\ASRock\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-06-23 19:04 - 2018-06-23 19:04 - 000000001 _____ () C:\Users\ASRock\AppData\Local\llftool.4.40.agreement
2016-01-16 15:19 - 2016-01-16 15:19 - 000003977 _____ () C:\Users\ASRock\AppData\Local\recently-used.xbel
2011-09-05 13:04 - 2012-04-11 23:24 - 000007605 _____ () C:\Users\ASRock\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-11-05 21:39
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-11-2020
Ran by ASRock (08-11-2020 21:56:42)
Running from C:\Users\ASRock\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2011-03-07 15:57:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2661226761-2934294044-4021329715-500 - Administrator - Disabled)
ASRock (S-1-5-21-2661226761-2934294044-4021329715-1000 - Administrator - Enabled) => C:\Users\ASRock
Guest (S-1-5-21-2661226761-2934294044-4021329715-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2661226761-2934294044-4021329715-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (HKLM\...\{23170F69-40C1-2701-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
AbiWord 2.8.6 (HKLM\...\AbiWord2) (Version: 2.8.6 - AbiSource Developers)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20064 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{E43B4909-141E-DFF3-8C58-62B5E4D66BBA}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM\...\{0CAE2FF0-AFC9-733D-EC3C-04BCB6B3C06F}) (Version: 2.0.4251.33734 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 20.8.2432 - Avast Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CalcRC 2.5 verze 2.5 (HKLM\...\{A50CCD4D-7B79-47D9-B6B8-415E4D9A1E9C}}_is1) (Version: 2.5 - Tomecek)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: - )
Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version: - )
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.73 - Piriform)
CCleaner Browser (HKLM\...\CCleaner Browser) (Version: 86.1.6738.114 - Autoři prohlížeče CCleaner Browser)
CSE HTML Validator Standard v12.03 (HKLM\...\CSEHTMLVALIDATOR120_is1) (Version: 12.3.0.0 - AI Internet Solutions LLC)
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 5.1.0.0333 - DT Soft Ltd)
Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Driver Install 32bit (HKLM\...\{98ECAF17-9201-4E2D-B689-4F277C12FB17}) (Version: 1.32.1748.0 - Shenzhen Geniatech Inc.,Ltd)
DriverIdentifier 5.1 (HKLM\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version: - DriverIdentifier)
DriverToolkit version 8.5.0.0 (HKLM\...\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1) (Version: 8.5.0.0 - Megaify Software)
EaseUS Partition Master 14.5 (HKLM\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EyeTV Netstream for Windows Media Center (HKLM\...\EyeTV Netstream Service) (Version: 1.01.00.16 - Elgato Systems GmbH)
FastStone Image Viewer 4.2 (HKLM\...\FastStone Image Viewer) (Version: 4.2 - FastStone Soft)
File Identifier (HKLM\...\{C257E434-E8F1-4E06-A616-598E4933553E}_is1) (Version: 1.0.10 - Sharpened Productions)
File Viewer Plus (HKLM\...\{C8B24B83-920A-446E-B027-38F72C9D8898}_is1) (Version: 2.0.0 - Sharpened Productions)
Firehand Ember (HKLM\...\Firehand Ember) (Version: - )
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 10.0.1.35811 - Foxit Software Inc.)
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
FreeCommander 2009.02b (HKLM\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
FreeOCR v5.4 (HKLM\...\freeocr_is1) (Version: - )
GeoShow3D Lite (HKLM\...\GeoShow3D Lite) (Version: - )
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Goniometrické funkce (HKLM\...\Goniometrické funkce) (Version: - )
Google Drive (HKLM\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Earth Pro (HKLM\...\{59F21DFB-6977-434B-9CB9-67783D6E7B6B}) (Version: 7.3.3.7786 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 86.0.4240.183 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Google+ Auto Backup (HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.09) (Version: 9.09 - Artifex Software Inc.)
Hard Disk Low Level Format Tool 4.40 (HKLM\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU)
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
HD Tune Pro 4.50 (HKLM\...\HD Tune Pro_is1) (Version: - EFD Software)
Hetman Partition Recovery 2.2 (HKLM\...\Hetman Partition Recovery) (Version: - )
HWiNFO32 Version 6.26 (HKLM\...\HWiNFO32_is1) (Version: 6.26 - Martin Malik - REALiX)
Icecream Screen Recorder version 1.37 (HKLM\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 1.37 - Icecream Apps)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Java 8 Update 251 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\jdownloader09) (Version: 0.9 - AppWork GmbH)
KiCad 2013.03.04 (HKLM\...\KiCad) (Version: 2013.03.04 - )
Ladicka (HKLM\...\Ladicka) (Version: - )
Media Go (HKLM\...\{60CDD65B-61AD-4BE4-BEA8-BB2D15534D4B}) (Version: 3.2.191 - Sony)
Media Go Video Playback Engine 2.20.109.05220 (HKLM\...\{B48AA269-C017-875E-AE23-CE1DCEE07626}) (Version: 2.20.109.05220 - Sony)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft IntelliPoint 7.1 (HKLM\...\{7057ABC2-EFF3-4E43-9806-8BCB6EEA9FE6}) (Version: 7.10.344.0 - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MiniTool Partition Wizard Free 12 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Software Limited)
MiniTool Partition Wizard verze 1.5 (HKLM\...\MiniTool Partition Wizard_is1) (Version: 1.5 - )
MiniTool ShadowMaker PW Edition (HKLM\...\MT-75D7C412-925B-4AD0-90DC-5E4FEE22EAE1_is1) (Version: 3.5 - MiniTool Software Limited)
Minus Desktop Tool 1.7 (HKLM\...\Minus_is1) (Version: 1.7 - Minus Inc.)
Mozilla Firefox 78.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 78.0.2 (x86 en-US)) (Version: 78.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.0.2.7494 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NEC Electronics USB 3.0 Host Controller Driver (HKLM\...\{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
NEC Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
Nero 7 Essentials (HKLM\...\{9B4E6CB9-E54D-47F7-A414-E2D5740E1029}) (Version: 7.02.8507 - Nero AG)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM\...\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7325.0 - NVIDIA Corporation)
O&O Syspectr (HKLM\...\{CE8921E4-D3AC-43A6-BD3D-356546A076D7}) (Version: 0.200.46 - O&O Software GmbH)
OpenOffice 4.1.7 (HKLM\...\{E3E3C1D4-6886-4EDB-9F12-335641465055}) (Version: 4.17.9800 - Apache Software Foundation)
OpenWith.org 1.0.3 (HKLM\...\{B52F8C4B-FE88-4B59-9B80-1C93669D7DEB}_is1) (Version: - OpenWith.org)
Opera Stable 37.0.2178.32 (HKU\.DEFAULT\...\Opera 37.0.2178.32) (Version: 37.0.2178.32 - Opera Software)
Opera Stable 72.0.3815.186 (HKLM\...\Opera 72.0.3815.186) (Version: 72.0.3815.186 - Opera Software)
Paragon Partition Manager™ 2013 Free (HKLM\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PCLab (HKLM\...\PCLab) (Version: - )
PDF Editor 5 (HKLM\...\PDF Editor 5) (Version: - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Platform (HKLM\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Hidden
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Podpora aplikací Apple (32bitová) (HKLM\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
ProfiCAD (HKLM\...\ProfiCAD_is1) (Version: - )
Psaní všemi deseti 1.5 (HKLM\...\Psaní všemi deseti_is1) (Version: - Richard Šusta, David Vejchoda)
RadarSync PC Updater 2012 (HKLM\...\RadarSync PC Updater 2012_is1) (Version: 4.1.0.14931 - RadarSync Ltd)
rajče průvodce verze 1.59.45.260 (HKLM\...\rajče.net_is1) (Version: - rajče.net)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Registrace uživatele zařízení Canon MP550 series (HKLM\...\Registrace uživatele zařízení Canon MP550 series) (Version: - )
Revo Uninstaller 1.92 (HKLM\...\Revo Uninstaller) (Version: 1.92 - VS Revo Group)
Rosetta Stone Ltd Services (HKLM\...\{3165E4A6-D5DE-46B0-8597-D55E2B826B84}) (Version: 3.2.21 - Rosetta Stone Ltd.)
Rosetta Stone TOTALe (HKLM\...\{6B6BC189-D606-4BC7-9758-E6C364F76A55}) (Version: 4.5.5.0 - Rosetta Stone, Ltd)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Scope (HKLM\...\{59E13EA0-9604-47DF-BEB7-3651E6E09221}) (Version: 1.22.0 - Zeitnitz)
Secunia PSI (3.0.0.9016) (HKLM\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
SequoiaView (HKLM\...\SequoiaView) (Version: - )
SES Driver (HKLM\...\{0673654C-5296-453B-9798-B61CD7E03FEB}) (Version: 1.0.0 - Western Digital)
Seznam Software (HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\SeznamInstall) (Version: - Seznam.cz)
Skype Click to Call (HKLM\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype verze 8.65 (HKLM\...\Skype_is1) (Version: 8.65 - Skype Technologies S.A.)
Smart Switch (HKLM\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.19091.5 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.19091.5 - Samsung Electronics Co., Ltd.)
Software Informer 1.1 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
Sony PC Companion 2.10.303 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Sound Control v2.15 (HKLM\...\Sound Control_is1) (Version: - Really Effective)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
TotalDocConverter (HKLM\...\Total Doc Converter_is1) (Version: - Softplicity, Inc.)
TotalTV Player (HKLM\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.32.4 - )
Unity Web Player (HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Universal Viewer (HKLM\...\Universal Viewer) (Version: - UVViewSoft)
USB Disk Storage Format Tool 6.0 (HKLM\...\USB Disk Storage Format Tool_is1) (Version: - Authorsoft Corporation)
USB Flash Drive Format Tool 1.0 (HKLM\...\USB Flash Drive Format Tool_is1) (Version: - Rogosoft Corporation)
VIA Platforma Ovladače zařízení (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VideoMate T, M, P, S Series Driver (HKLM\...\{41E340F0-0BD6-4A87-AF29-E9E584471756}) (Version: 1.39.100 - )
Visual Analyser 2011 (HKLM\...\{BE2F9F39-9512-4DFD-A412-0355A2FE66D3}) (Version: 14.0.0.19 - Alfredo Accattatis)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WD SmartWare (HKLM\...\{51B055DD-A5F8-4D0C-A09C-66E58AD56F20}) (Version: 1.5.1 - Western Digital)
WebAdvisor od společnosti McAfee (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.163 - McAfee, LLC)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Wondershare Helper Compact 2.5.2 (HKLM\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Wondershare PDFelement 6 Pro(Build 6.2.2) (HKLM\...\{B026557A-EF19-4812-8A79-B30F94AA0A78}_is1) (Version: 6.2.2.2615 - Wondershare Software Co.,Ltd.)
Wondershare PDFelement(Build 7.5.3) (HKLM\...\{77078E40-A92E-47FD-A0F6-168A4BF6CF3A}_is1) (Version: 7.5.3.4801 - Wondershare Software Co.,Ltd.)
World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version: - Wargaming.net)
Xml Viewer (HKLM\...\{F58E04CD-6E76-43C8-AAF1-482225C2910E}) (Version: 3 - MindFusion Limited)
Zoner Context 4 Lite (HKLM\...\{B55C39AA-34DB-11D5-A3A9-004F4E01877A}) (Version: 4.0.0.0 - Zoner software, s.r.o.)
Zoom (HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\ASRock\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS -> Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}\InprocServer32 -> C:\Program Files\AVAST Software\Avast\ashShell.dll (Avast Software s.r.o. -> AVAST Software)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{7B0EFEE5-076F-A2E3-8F15-9DDAC7CC61C3}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-18] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-05-04] (Nero AG -> Nero AG)
ContextMenuHandlers1: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files\DAEMON Tools Pro\DTShl32.dll [2012-04-26] (DT Soft Ltd -> DT Soft Ltd)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers1: [OpenWith.org] -> {1569D0D3-1127-48A2-A4BC-958553F472C5} => C:\Program Files\OpenWith.org Desktop Tool\OpenWith.org Shell Extension.dll [2009-03-13] (OpenWith.org) [File not signed]
ContextMenuHandlers1: [PeContextMenuExtension] -> {098A124A-AA1C-38C8-A65E-D1199A14516A} => C:\Program Files\Common Files\Wondershare\PDFelement\AddIns\PEShellExt_x86.dll [2020-04-16] (Wondershare Technology Co.,Ltd -> Wondershare)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers1: [TotalConverter] -> {280CFDE1-1354-4431-92F3-03073BA593FB} => C:\Program Files\TotalDocConverter\axTotalConverter.dll [2006-11-30] () [File not signed]
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\WDContextMenuHandler.dll [2011-08-01] (Western Digital) [File not signed]
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\WDContextMenuHandler.dll [2011-08-01] (Western Digital) [File not signed]
ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files\DAEMON Tools Pro\DTShl32.dll [2012-04-26] (DT Soft Ltd -> DT Soft Ltd)
ContextMenuHandlers2: [Hetman Partition Recovery] -> {66953641-5DA9-4A81-82E8-2727300BBD29} => C:\Program Files\Hetman Software\Hetman Partition Recovery 2.2\Resources\DiskMenu.dll [2014-11-27] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2012-11-16] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\WDContextMenuHandler.dll [2011-08-01] (Western Digital) [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2013-04-15 09:06 - 2013-04-15 09:06 - 000032768 _____ () [File not signed] C:\Program Files\Elgato\EyeTV Netstream\Interop.NetFwTypeLib.dll
2013-04-15 09:06 - 2013-04-15 09:06 - 000014848 _____ () [File not signed] C:\Program Files\Elgato\EyeTV Netstream\Interop.UPNPLib.dll
2020-10-01 23:32 - 2020-08-29 04:47 - 000085504 _____ () [File not signed] C:\Program Files\MiniTool ShadowMaker\coresync.dll
2020-10-01 23:32 - 2019-08-15 04:52 - 000064000 _____ () [File not signed] C:\Program Files\MiniTool ShadowMaker\SMTPEmail.dll
2011-10-14 10:21 - 2006-11-30 15:03 - 000434688 _____ () [File not signed] C:\Program Files\TotalDocConverter\axTotalConverter.dll
2010-11-02 07:33 - 2010-11-02 07:33 - 000886272 _____ () [File not signed] C:\Program Files\Western Digital\WD SmartWare\System.Data.SQLite.dll
2011-08-01 06:34 - 2011-08-01 06:34 - 000064000 _____ () [File not signed] C:\Program Files\Western Digital\WD SmartWare\WDCollections.dll
2011-06-02 11:23 - 2010-04-24 04:00 - 000272384 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMLM9Z.DLL
2011-03-19 15:27 - 2010-04-24 05:00 - 000560640 _____ (CANON INC.) [File not signed] C:\Windows\system32\spool\DRIVERS\W32X86\3\CNMDR9Z.DLL
2011-03-19 15:27 - 2010-04-24 05:00 - 002721280 _____ (CANON INC.) [File not signed] C:\Windows\system32\spool\DRIVERS\W32X86\3\CNMUI9Z.DLL
2011-03-19 15:28 - 2010-04-24 05:00 - 000027648 _____ (CANON INC.) [File not signed] C:\Windows\system32\spool\PRTPROCS\W32X86\CNMPD9Z.DLL
2020-10-01 23:32 - 2020-08-29 04:47 - 000150016 _____ (Chengdu Speed Digital Technology Co..Ltd.) [File not signed] C:\Program Files\MiniTool ShadowMaker\FileInfoCommon.dll
2020-10-01 23:32 - 2020-08-29 04:47 - 000055808 _____ (Chengdu Speed Digital Technology Co..Ltd.) [File not signed] C:\Program Files\MiniTool ShadowMaker\ChannelNetFileInfo.dll
2003-03-18 21:12 - 2003-03-18 21:12 - 001047552 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
2003-03-19 07:14 - 2003-03-19 07:14 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll
2003-02-21 15:42 - 2003-02-21 15:42 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll
2003-03-19 07:20 - 2003-03-19 07:20 - 001060864 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL
2019-03-27 22:48 - 2019-03-27 22:48 - 000115200 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2011-12-14 21:38 - 2011-12-14 21:38 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\MSVCP140.dll
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\ucrtbase.DLL
2020-11-08 19:02 - 2020-11-08 19:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110802\avast.local_vc142.crt\VCRUNTIME140.dll
2020-10-01 23:32 - 2013-09-20 10:21 - 000067072 _____ (NT KERNEL RESOURCES LAB.) [File not signed] C:\Program Files\MiniTool ShadowMaker\vdskapi.dll
2012-01-03 14:07 - 2009-03-13 16:36 - 000026112 _____ (OpenWith.org) [File not signed] C:\Program Files\OpenWith.org Desktop Tool\OpenWith.org Shell Extension.dll
2020-09-23 21:48 - 2020-09-23 21:48 - 001261568 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\OO Software\Syspectr\SQLite.Interop.dll
2020-10-01 23:32 - 2017-09-14 13:45 - 000689664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\sqldrivers\qsqlite.dll
2020-10-01 23:32 - 2020-08-29 04:47 - 001228288 _____ (TODO: <Company name>) [File not signed] C:\Program Files\MiniTool ShadowMaker\core7z.dll
2020-09-23 21:49 - 2020-07-22 14:11 - 002122240 _____ (TODO: <Company name>) [File not signed] C:\Program Files\OO Software\Syspectr\Modules\8648d6ec-91ba-46f4-a6f4-2c2c58d88daf\CDI-Lib-Win32.dat
2011-08-01 09:07 - 2011-08-01 09:07 - 000329728 _____ (Western Digital) [File not signed] C:\Program Files\Western Digital\WD SmartWare\WDContextMenuHandler.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-05-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-10-30] (McAfee, LLC -> McAfee, LLC)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-05-16] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files\Geniatech\TotalTV Player\THCDeskBand.dll [2017-06-19] (GENIATECH INC.,LTD) [File not signed]
Toolbar: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (Canon Inc. -> CANON INC.)
Toolbar: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000 -> No Name - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21] (Skype Technologies SA -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2019-01-04 20:22 - 000000068 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ASRock\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 46.16.122.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Avast Cleanup Premium.lnk => C:\Windows\pss\Avast Cleanup Premium.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVer HID Receiver.lnk => C:\Windows\pss\AVer HID Receiver.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk => C:\Windows\pss\AVerQuick.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ASRock^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.lnk => C:\Windows\pss\OpenOffice.org 3.4.lnk.Startup
MSCONFIG\startupfolder: C:^Users^ASRock^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Sound Control.lnk => C:\Windows\pss\Sound Control.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AshSnap => C:\Program Files\Ashampoo\Ashampoo Snap 4\ashsnap.exe
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: cz.seznam.software.autoupdate => "C:\Users\ASRock\AppData\Roaming\Seznam.cz\szninstall.exe" -c
MSCONFIG\startupreg: cz.seznam.software.szndesktop => "C:\Users\ASRock\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: Google Quick Search Box => "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
MSCONFIG\startupreg: Google Update => "C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\ASRock\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
MSCONFIG\startupreg: NeroFilterCheck =>
MSCONFIG\startupreg: Opera Browser Assistant => C:\Program Files\Opera\assistant\browser_assistant.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Sony Ericsson PC Companion => "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TuneupUI.exe => "C:\Program Files\Avast Software\Cleanup\TuneupUI.exe" /nogui
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{60DF021B-9A80-4628-95ED-BEC6B27D1B21}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{BCE470F4-3112-40D4-83FA-0E36EB48420A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{93B6E010-6A25-4F30-B398-F3EC5D0DD673}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{9234EA94-C968-4574-894C-72BC12C5ABE8}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming.net LLP -> Wargaming.net) [File not signed]
FirewallRules: [UDP Query User{99646DB9-6489-4ABA-B94A-1C657FE74FB7}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming.net LLP -> Wargaming.net) [File not signed]
FirewallRules: [TCP Query User{5BAD410E-8E16-4807-9CDF-71A605324C75}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net LLP -> Wargaming.net) [File not signed]
FirewallRules: [UDP Query User{F32BC3ED-2C74-48C7-B434-D1B7F6509D33}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net LLP -> Wargaming.net) [File not signed]
FirewallRules: [{A3FF6EF4-0EAB-4432-BF6D-0282FA359740}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9B74D3DA-9B84-4737-B366-CC3D635F9D3F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{879CE865-2FB7-4C34-8D7F-C9EC724B0593}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{3755EEF4-511C-45D1-8E5A-4245911B7ADE}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{506112E1-7F75-4452-83C6-86278564C835}] => (Block) LPort=445
FirewallRules: [{0587DDA9-5A9D-463C-84F3-29C86CC1D3F0}] => (Block) LPort=445
FirewallRules: [{06AFF714-1CFC-4BBF-BD8B-C5C4CFFF65D2}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\InstTool.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{B903561F-DB08-4476-93F1-54C519459239}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\InstTool.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{768A0F84-6DD9-4352-A896-60C93847167C}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{BA23D28E-3CE9-474A-800F-A2A9678A8DCF}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{D9C1F29F-267D-4834-85A2-6DAED1D7F7A1}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{A4577353-D512-4883-B2A8-D0174A77912E}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [TCP Query User{43506699-BFA8-46C7-969F-36967A2F916A}C:\program files\sony\media go\mediago.exe] => (Block) C:\program files\sony\media go\mediago.exe (Sony Network Entertainment International LLC -> Sony Network Entertainment International LLC)
FirewallRules: [UDP Query User{8F6C3A22-040D-4240-A790-EA72FBB48700}C:\program files\sony\media go\mediago.exe] => (Block) C:\program files\sony\media go\mediago.exe (Sony Network Entertainment International LLC -> Sony Network Entertainment International LLC)
FirewallRules: [{4A78B1A6-BA93-4862-9956-E5F4A61798DC}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E1069FC0-E1C0-4EC8-9655-982223D106DE}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F1687F9A-B6F3-4991-83BF-9D2332945C9D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{53E3A275-E5E2-4309-9739-729C7E408F7A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A5B4CB04-8996-4A0C-9B1A-92AAC1593820}] => (Allow) C:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe (Rosetta Stone Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{9994FB61-FF84-4D3B-B89A-7E2EC83D5742}] => (Allow) C:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe (Rosetta Stone Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{B6F77E66-C7F8-4308-9E92-DDFDFD778963}] => (Allow) C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe (Rosetta Stone Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{B208465D-56D4-4E2B-BB71-D03F66B4F63A}] => (Allow) C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe (Rosetta Stone Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{ADBF8810-7BB8-46ED-AE42-4D4EC50F3DFE}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{AD36DD4E-5A34-4B7D-B659-EB24EE8D6334}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{43B12C5E-F5B1-4DDF-B4CC-DF45126E5CF3}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{73867CCB-A603-4360-8D68-1B4B9DB5DCDE}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{F3341A93-B7EE-4CC0-BE50-90DCA7C5D6F1}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F05F7456-12A5-4B2C-BA74-7BDEA71D26BA}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AFBDBE72-1568-477C-AE67-D5485B12B9B3}] => (Allow) C:\Program Files\Opera\71.0.3770.284\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{BF58789D-876E-4408-8828-BA55037582A6}] => (Allow) C:\Program Files\Opera\72.0.3815.186\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{E591E108-FE5D-466D-93FA-405D136B5645}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C2201953-1DB5-4E39-BC32-3E565CC4A69E}] => (Allow) C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{A45C2DF5-BC06-4315-AF21-1CA46EA76BA7}] => (Allow) C:\Windows\ehome\ehrecvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4ABB75EC-78C7-4026-AD56-610A37A56746}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> )
FirewallRules: [{607D3005-3420-4C7A-BF81-3468378072A8}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> )
==================== Restore Points =========================
07-10-2020 22:28:13 Revo Uninstaller's restore point - Avast Cleanup Premium
07-10-2020 22:32:24 Revo Uninstaller's restore point - Microsoft Edge
31-10-2020 22:59:31 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
Name: HWiNFO Kernel Driver
Description: HWiNFO Kernel Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HWiNFO
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (11/08/2020 09:41:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 78.0.2.7494 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 20e4
Čas spuštění: 01d6b5fd99075a4a
Čas ukončení: 10490
Cesta k aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe
ID hlášení: 1f341f80-2202-11eb-a521-e97e627cf197
Error: (11/08/2020 09:23:12 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (11/08/2020 08:23:18 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (11/08/2020 07:23:19 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (11/08/2020 06:23:19 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (11/08/2020 05:26:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 86.0.4240.183, časové razítko: 0x5f9f4e8b
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.24545, časové razítko: 0x5e0eb7a5
Kód výjimky: 0xc0000374
Posun chyby: 0x000c3c77
ID chybujícího procesu: 0x1524
Čas spuštění chybující aplikace: 0x01d6b5b2db6d7932
Cesta k chybující aplikaci: C:\Program Files\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 254e165a-21df-11eb-a521-e97e627cf197
Error: (11/08/2020 05:23:19 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (11/08/2020 04:23:12 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
System errors:
=============
Error: (11/08/2020 10:35:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba CCleaner Browser Update (ccleaner) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (11/08/2020 10:35:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba CCleaner Browser Update (ccleaner) bylo dosaženo časového limitu (30000 ms).
Error: (11/08/2020 10:34:03 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
HWiNFO
Error: (11/07/2020 10:10:24 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.
Error: (11/07/2020 10:06:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
HWiNFO
Error: (11/06/2020 06:51:29 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
HWiNFO
Error: (11/05/2020 08:58:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
HWiNFO
Error: (11/04/2020 11:20:34 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2015-01-16 15:32:01.178
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files\Settings Manager\smdmf\Helper.dll;folder:C:\Program Files\Settings Manager\
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2015-01-16 15:21:07.502
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files\Settings Manager\smdmf\Helper.dll
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2015-01-13 20:57:23.600
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files\Settings Manager\smdmf\Helper.dll
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2015-01-09 18:05:50.229
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:containerfile:C:\Users\ASRock\AppData\Local\Temp\nsx4EB4.tmp\nsg57FF.tmp\SettingsManagerMediaBar.exe;file:C:\Program Files\Settings Manager\smdmf\smdmfu.exe;file:C:\Users\ASRock\AppData\Local\Temp\nsx4EB4.tmp\nsg57FF.tmp\SettingsManagerMediaBar.exe->(VFS:Helper.dll#4);process:pid:4204;process:pid:4204,ProcessStart:130652960117988281;process:pid:860
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2015-01-09 17:55:24.089
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:containerfile:C:\Users\ASRock\AppData\Local\Temp\nsx4EB4.tmp\nsg57FF.tmp\SettingsManagerMediaBar.exe;file:C:\Program Files\Settings Manager\smdmf\smdmfu.exe;file:C:\Users\ASRock\AppData\Local\Temp\nsx4EB4.tmp\nsg57FF.tmp\SettingsManagerMediaBar.exe->(VFS:Helper.dll#4);process:pid:4204;process:pid:860
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2016-08-06 21:37:52.669
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:1.225.2931.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:1.1.12902.0
Kód chyby:0x800704c8
Popis chyby:Požadovanou operaci nelze provést se souborem, jehož uživateli mapovaný oddíl je otevřen.
Date: 2014-05-16 01:01:57.593
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
Date: 2014-05-16 01:01:57.588
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
CodeIntegrity:
===================================
Date: 2016-12-19 14:25:43.530
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 14:25:42.733
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 01:08:53.214
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 01:08:52.683
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 00:44:26.237
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 00:43:21.522
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 00:43:15.582
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 00:42:52.987
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P1.80 05/21/2010
Motherboard: ASRock K10N78D
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+
Percentage of memory in use: 85%
Total physical RAM: 3327.18 MB
Available physical RAM: 472.21 MB
Total Virtual: 8285.6 MB
Available Virtual: 1732.54 MB
==================== Drives ================================
Drive c: (Win 7) (Fixed) (Total:298.09 GB) (Free:162.55 GB) NTFS
Drive d: () (Fixed) (Total:17.58 GB) (Free:1.58 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (DATA) (Fixed) (Total:46.94 GB) (Free:5.98 GB) NTFS
Drive f: () (Fixed) (Total:3.65 GB) (Free:3.26 GB) NTFS
Drive g: (LINUX) (Fixed) (Total:6.34 GB) (Free:1.94 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: D215FAD2)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 74.5 GB) (Disk ID: 004F4E7D)
Partition 1: (Active) - (Size=17.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=56.9 GB) - (Type=0F Extended)
==================== End of Addition.txt =======================
Díky.
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu- zpomalený PC
Teď spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
honzaodlabe
- Návštěvník
- Příspěvky: 99
- Registrován: 08 lis 2008 19:32
Re: Kontrola logu- zpomalený PC
Tady je ten log z AdwCleaneru:
# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-09-2020
# Duration: 00:00:45
# OS: Windows 7 Home Premium
# Cleaned: 62
# Failed: 0
***** [ Services ] *****
Deleted ReimageRealTimeProtector
***** [ Folders ] *****
Deleted C:\Program Files\Common Files\IObit\Advanced SystemCare
Deleted C:\Program Files\Driver Identifier
Deleted C:\Program Files\DriverToolkit
Deleted C:\Program Files\Reimage
Deleted C:\Program Files\Seznam.cz
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\ProgramData\IObit\Advanced SystemCare V8
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Identifier
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
Deleted C:\ProgramData\Reimage Protector
Deleted C:\Users\ASRock\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\ASRock\AppData\Local\DriverToolkit
Deleted C:\Users\ASRock\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\ASRock\AppData\Roaming\Seznam.cz
Deleted C:\Users\ASRock\AppData\Roaming\driveridentifier
Deleted C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\rei
***** [ Files ] *****
Deleted C:\Users\ASRock\Documents\PCSUUpdate.exe
Deleted C:\Users\ASRock\Downloads\DriverToolkitInstaller.exe
Deleted C:\Users\ASRock\Downloads\ReimageRepair.exe
Deleted C:\Users\Public\Desktop\DriverToolkit.lnk
Deleted C:\Windows\Reimage.ini
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\ASC10_PERFORMANCEMONITOR
Deleted C:\Windows\System32\Tasks\ASC10_SKIPUAC_ASROCK
Deleted C:\Windows\System32\Tasks\DRIVERTOOLKIT AUTORUN
Deleted C:\Windows\System32\Tasks\REIMAGEUPDATER
Deleted C:\Windows\Tasks\DRIVERTOOLKIT AUTORUN.JOB
***** [ Registry ] *****
Deleted HKCU\Software\DriverToolkit
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\Reimage
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D51623D4-8DAD-4E68-B832-9C0C5878B77C}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E2BB29B-171D-4DC7-AE0A-80AD2AD5C537}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3DFC65D-04D5-48EB-9DD8-34A325E8571E}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD4DF41D-2236-46F9-99FB-952499E44145}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D51623D4-8DAD-4E68-B832-9C0C5878B77C}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC10_PerformanceMonitor
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC10_SKIPUAC_ASROCK
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DRIVERTOOLKIT AUTORUN
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReimageUpdater
Deleted HKLM\Software\IOBIT\ASC
Deleted HKLM\Software\IObit\RealTimeProtector
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Opera Browser Assistant
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cz.seznam.software.autoupdate
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cz.seznam.software.szndesktop
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1
Deleted HKLM\Software\Reimage
***** [ Chromium (and derivatives) ] *****
Deleted IObit Surfing Protection & Ads Removal - bbmegnmpleoagolcnjnejdacakedpcgd
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.SamsungSmartSwitch File C:\Users\ASRock\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk
Deleted Preinstalled.SamsungSmartSwitch File C:\Users\Public\Desktop\Smart Switch.lnk
Deleted Preinstalled.SamsungSmartSwitch Folder C:\Program Files\SAMSUNG\SMART SWITCH PC
Deleted Preinstalled.SamsungSmartSwitch Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG\SMART SWITCH PC
Deleted Preinstalled.SamsungSmartSwitch Folder C:\Users\ASRock\AppData\Roaming\SAMSUNG\SMART SWITCH PC
Deleted Preinstalled.SamsungSmartSwitch Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}
Deleted Preinstalled.SamsungSmartSwitch Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [6412 octets] - [31/01/2020 23:11:52]
AdwCleaner[S01].txt - [7176 octets] - [09/11/2020 20:42:06]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-09-2020
# Duration: 00:00:45
# OS: Windows 7 Home Premium
# Cleaned: 62
# Failed: 0
***** [ Services ] *****
Deleted ReimageRealTimeProtector
***** [ Folders ] *****
Deleted C:\Program Files\Common Files\IObit\Advanced SystemCare
Deleted C:\Program Files\Driver Identifier
Deleted C:\Program Files\DriverToolkit
Deleted C:\Program Files\Reimage
Deleted C:\Program Files\Seznam.cz
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\ProgramData\IObit\Advanced SystemCare V8
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Identifier
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
Deleted C:\ProgramData\Reimage Protector
Deleted C:\Users\ASRock\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\ASRock\AppData\Local\DriverToolkit
Deleted C:\Users\ASRock\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\ASRock\AppData\Roaming\Seznam.cz
Deleted C:\Users\ASRock\AppData\Roaming\driveridentifier
Deleted C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\rei
***** [ Files ] *****
Deleted C:\Users\ASRock\Documents\PCSUUpdate.exe
Deleted C:\Users\ASRock\Downloads\DriverToolkitInstaller.exe
Deleted C:\Users\ASRock\Downloads\ReimageRepair.exe
Deleted C:\Users\Public\Desktop\DriverToolkit.lnk
Deleted C:\Windows\Reimage.ini
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\ASC10_PERFORMANCEMONITOR
Deleted C:\Windows\System32\Tasks\ASC10_SKIPUAC_ASROCK
Deleted C:\Windows\System32\Tasks\DRIVERTOOLKIT AUTORUN
Deleted C:\Windows\System32\Tasks\REIMAGEUPDATER
Deleted C:\Windows\Tasks\DRIVERTOOLKIT AUTORUN.JOB
***** [ Registry ] *****
Deleted HKCU\Software\DriverToolkit
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\Reimage
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D51623D4-8DAD-4E68-B832-9C0C5878B77C}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E2BB29B-171D-4DC7-AE0A-80AD2AD5C537}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3DFC65D-04D5-48EB-9DD8-34A325E8571E}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD4DF41D-2236-46F9-99FB-952499E44145}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D51623D4-8DAD-4E68-B832-9C0C5878B77C}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC10_PerformanceMonitor
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC10_SKIPUAC_ASROCK
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DRIVERTOOLKIT AUTORUN
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReimageUpdater
Deleted HKLM\Software\IOBIT\ASC
Deleted HKLM\Software\IObit\RealTimeProtector
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Opera Browser Assistant
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cz.seznam.software.autoupdate
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cz.seznam.software.szndesktop
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1
Deleted HKLM\Software\Reimage
***** [ Chromium (and derivatives) ] *****
Deleted IObit Surfing Protection & Ads Removal - bbmegnmpleoagolcnjnejdacakedpcgd
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.SamsungSmartSwitch File C:\Users\ASRock\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk
Deleted Preinstalled.SamsungSmartSwitch File C:\Users\Public\Desktop\Smart Switch.lnk
Deleted Preinstalled.SamsungSmartSwitch Folder C:\Program Files\SAMSUNG\SMART SWITCH PC
Deleted Preinstalled.SamsungSmartSwitch Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG\SMART SWITCH PC
Deleted Preinstalled.SamsungSmartSwitch Folder C:\Users\ASRock\AppData\Roaming\SAMSUNG\SMART SWITCH PC
Deleted Preinstalled.SamsungSmartSwitch Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}
Deleted Preinstalled.SamsungSmartSwitch Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [6412 octets] - [31/01/2020 23:11:52]
AdwCleaner[S01].txt - [7176 octets] - [09/11/2020 20:42:06]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu- zpomalený PC
Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
honzaodlabe
- Návštěvník
- Příspěvky: 99
- Registrován: 08 lis 2008 19:32
Re:Tady jsou: Kontrola logu- zpomalený PC
Tady jsou:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-11-2020
Ran by ASRock (administrator) on ASROCK-PC (10-11-2020 00:06:26)
Running from C:\Users\ASRock\Downloads
Loaded Profiles: ASRock
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(DT Soft Ltd -> DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(Elgato Systems -> Elgato Systems GmbH) C:\Program Files\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(GENIATECH INC.,LTD) [File not signed] C:\Program Files\Common Files\TotalTV Player\Remote\TTTvRc.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <34>
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\ASRock\Downloads\adwcleaner_8.0.8.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\AgentService.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\SMMonitor.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Syspectr\OOSysAgent.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Rosetta Stone Ltd -> Rosetta Stone Ltd.) C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Secunia -> Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Secunia -> Secunia) C:\Program Files\Secunia\PSI\psia.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Western Digital Technologies, Inc. -> Western Digital) C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [98408 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [175584 2020-02-19] (MiniTool Software Limited -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [26782904 2020-11-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Run: [Remote Control Editor] => C:\Program Files\Common Files\TotalTV Player\Remote\TTTvRc.exe [1836544 2017-06-19] (GENIATECH INC.,LTD) [File not signed]
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\MountPoints2: {b367d44f-541b-11e2-b3af-002522739666} - I:\wubi.exe --cdmenu
HKLM\...\Windows NT x86\Print Processors\Canon MP550 series Print Processor: C:\Windows\System32\spool\prtprocs\W32X86\CNMPD9Z.DLL [27648 2010-04-24] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP550 series: C:\Windows\system32\CNMLM9Z.DLL [272384 2010-04-24] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\Windows\system32\WSPDFelementMonitor.dll [96968 2017-04-11] (Wondershare Technology Co.,Ltd -> Wondershare Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files\CCleaner Browser\Application\86.1.6738.114\Installer\chrmstp.exe [2020-11-05] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\86.0.4240.183\Installer\chrmstp.exe [2020-11-04] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2020-10-07]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia -> Secunia)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02ACA505-55B8-4FB5-8006-FA9D0AF5124A} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [194104 2011-10-04] (Google Inc -> Google) <==== ATTENTION
Task: {04DD91AE-BEDE-4E47-BDAD-FAE5932F63EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {072430D6-05BC-4A7F-8B9A-FECBE95662F7} - System32\Tasks\AdobeAAMUpdater-1.0-ASRock-PC-ASRock => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {07405305-1F0A-44BD-B770-F2D88BCE4363} - System32\Tasks\{06168F8C-F3B0-40D2-87EE-A2FD7B8EDDF8} => C:\Windows\system32\pcalua.exe -a H:\start.exe -d H:\
Task: {111A27C6-D4C5-412E-9650-4C3ED8B55F7F} - System32\Tasks\{D87924E7-3AD2-427B-8392-0148ED919BE6} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\startuplite-setup-1.07.exe -d C:\Users\ASRock\Downloads
Task: {126782EF-1B04-4401-88AA-8965B2C05A77} - System32\Tasks\{43DA2AE2-0829-4943-8A8C-127D53E17DDB} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Desktop\OpenOffice.org 3.3 (cs) Installation Files\java\jre-windows-i586.exe" -d "C:\Users\ASRock\Desktop\OpenOffice.org 3.3 (cs) Installation Files\java"
Task: {127DAF13-2633-4B1A-ACA5-AF340DFEE60D} - System32\Tasks\{EF89E52D-7B16-4823-AF4A-6D75959E418A} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\Install-winMd5Sum.exe -d C:\Users\ASRock\Downloads
Task: {189EED5E-1CEF-48A1-B3F5-6E8B736A07F8} - System32\Tasks\{7773C2EA-9FF7-4610-A859-0FC9A6D5B179} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\smwin143en.exe -d "C:\Program Files\Mozilla Firefox"
Task: {1BED3F63-6C01-4CE8-8861-5F94F4CFE1E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {221593B6-64BA-4769-87ED-83A07ECF3071} - System32\Tasks\{7893F07A-0E28-457F-B0F7-52A3F3B42A84} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Downloads\RosettaStoneAudioOptimizerInstaller (1).exe" -d C:\Users\ASRock\Downloads
Task: {22E5F691-7D91-4248-91FD-BD2A3E07F9BA} - System32\Tasks\{C47DEF80-4E64-4D1F-A42F-494C4FCFF9FF} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller Pro"
Task: {326A97A1-51E1-4F74-876C-F15C628233F2} - System32\Tasks\Opera scheduled assistant Autoupdate 1582743760 => C:\Program Files\Opera\launcher.exe [1529368 2020-10-29] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {3549F552-257B-48A8-832E-D9CB69C7399F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-11-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {371AE9B0-6E59-4547-928F-46D9A6B19BCC} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1946312 2020-11-02] (Piriform Software Ltd -> Piriform Software)
Task: {3E78145F-6DD9-423E-B7BD-865B8159E683} - System32\Tasks\{91AF20EF-5AF8-4584-8A07-C7C852D86E4F} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\HijackThis.exe -d C:\Users\ASRock\Downloads
Task: {4EBE5834-C010-4144-9882-E371F8043EC1} - System32\Tasks\Driver Booster SkipUAC (ASRock) => C:\Program Files\IObit\Driver Booster\5.0.3\DriverBooster.exe
Task: {59C4810C-CB4D-4F79-8928-F4BAD0C94F40} - System32\Tasks\{C1F2F6AE-673D-46A8-920D-463C4E5B1EDD} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\VMHybrid_1.39.100_WLH.exe -d "C:\Program Files\Mozilla Firefox"
Task: {5EDC88C4-5E63-4220-92E7-54561F4AC3E3} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3918440 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
Task: {5F21BFAB-CF74-435E-B7F4-E91BE44E6F1E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1499240 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {606638E0-228E-4194-AD0A-E65FD8EE66BD} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1946312 2020-11-02] (Piriform Software Ltd -> Piriform Software)
Task: {6570D0A1-C3E1-4261-8F08-C3C61492279D} - System32\Tasks\{5416AA1A-98FB-4F2D-A462-8372F2B3CA74} => C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe [10320896 2017-06-19] (GENIATECH INC.,LTD) [File not signed]
Task: {7679513E-97E8-45E2-97BE-A203121D32C3} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [175584 2020-02-19] (MiniTool Software Limited -> )
Task: {799A0D78-2F92-4FCA-86DE-3C0BCF313D80} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-09-03] (Piriform Software Ltd -> Piriform Software)
Task: {7CA2B169-6A25-4CE3-83D3-2922AE05566B} - System32\Tasks\Google Updater and Installer => C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc -> Google Inc.)
Task: {9818DF56-8865-43F9-91B3-A23976B9A90F} - System32\Tasks\pcupdater_UPDATES => C:\Program Files\RadarSync\pcupdater.exe [9736256 2013-01-24] (RadarSync -> RadarSync)
Task: {999253F8-7BA1-49B9-96B7-5C75E0B49034} - System32\Tasks\Uninstaller_SkipUac_ASRock => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {9CDE696B-5C26-4575-890A-373D7B77D5D5} - System32\Tasks\{A8102A9C-D4BF-4C85-9A3E-0744B1B79E3C} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\sp43155.exe -d "C:\Program Files\Mozilla Firefox"
Task: {9EFE0CCA-43C6-4905-95C8-20391AB46793} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {A5391D08-DB7B-4F92-B137-F6410C1FE499} - System32\Tasks\{E0BFEEE6-5026-4542-9F88-F5098DF7B3B5} => C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe [10320896 2017-06-19] (GENIATECH INC.,LTD) [File not signed]
Task: {A6E342A7-34E3-420E-9F83-C72B068F907F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000UA => C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc -> Google Inc.)
Task: {AD466674-F486-4C06-8B9A-705C3E6DE535} - System32\Tasks\{524466C9-6B0A-43D7-8F9A-4B10679A0FF0} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\OnLineRecovery_JF620_v9.0.0.28.exe -d C:\Users\ASRock\Downloads
Task: {B02C6B18-6B19-47F5-BB6F-88AF561302D2} - System32\Tasks\MiniTool Shadow Maker => C:\Program Files\MiniTool ShadowMaker\SMMonitor.exe [1027056 2020-08-30] (MiniTool Software Limited -> )
Task: {CCCDC791-06DA-4B93-B256-AB7993955449} - System32\Tasks\Opera scheduled Autoupdate 1496678798 => C:\Program Files\Opera\launcher.exe [1529368 2020-10-29] (Opera Software AS -> Opera Software)
Task: {D31A2138-4536-478A-8F82-BAA22083170B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000Core => C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc -> Google Inc.)
Task: {DB3B9057-5496-4400-923D-0BB66E01678D} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-09-03] (Piriform Software Ltd -> Piriform Software)
Task: {DC48B033-C744-41DB-BD49-D619877824AB} - System32\Tasks\{57D6CE74-987F-429E-8C6A-8F883A6C5648} => C:\Windows\system32\pcalua.exe -a H:\setup.exe -d H:\
Task: {DCBE69B8-0D0B-4169-9490-D328F1AD0313} - System32\Tasks\{32355ADF-D330-48C7-985C-D24D6DAE8351} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Downloads\Instaluj.cz - 9354.exe" -d C:\Users\ASRock\Downloads
Task: {E4604FC4-C7E4-405D-AFE0-F0EB1E4B4B42} - System32\Tasks\pcupdaterRunAtStartup => C:\Program Files\RadarSync\pcupdater.exe [9736256 2013-01-24] (RadarSync -> RadarSync)
Task: {E9F302E3-E775-4F4F-8F17-D4AB0F032B5D} - System32\Tasks\{C6A505E6-58EE-4196-9BB8-7841E32C122B} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\VirtualBox-4.2.20-90983-Win.exe -d C:\Users\ASRock\Downloads
Task: {F2B5AF81-2F58-41CE-9560-A71A32D5B48D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {FF8FC8BA-12CD-4E89-8D3B-8EFAB2B00272} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26782904 2020-11-04] (Piriform Software Ltd -> Piriform Software Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 46.16.122.2
Tcpip\..\Interfaces\{E33BE343-EF5F-45B5-8D94-A4D01331B8FF}: [DhcpNameServer] 46.16.122.2
FireFox:
========
FF DefaultProfile: j9cebcfi.default
FF ProfilePath: C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default [2020-11-09]
FF user.js: detected! => C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\user.js [2016-07-24]
FF Homepage: Mozilla\Firefox\Profiles\j9cebcfi.default -> hxxps://www.seznam.cz/?clid=22668
FF Extension: (Dashlane) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\jetpack-extension@dashlane.com.xpi [2020-11-08] [UpdateUrl:hxxps://ws1.dashlane.com/5/binaries/query?logins=&platform=firefox&target=ff_web_extension&format=json&version=]
FF Extension: (Avast Passwords) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2020-05-23] [UpdateUrl:hxxps://pamcdn.avast.com/pamcdn/extensions/firefox/update.json]
FF Extension: (Emoji Cheatsheet for GitHub, Basecamp etc.) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\jid1-Xo5SuA6qc1DFpw@jetpack.xpi [2017-11-15]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2020-11-08]
FF Extension: (McAfee® WebAdvisor) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}.xpi [2020-11-09] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF Extension: (Video DownloadHelper) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-05-23]
FF SearchPlugin: C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\searchplugins\seznam-avast.xml [2015-03-16]
FF HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-03-27] (CANON INC.) [File not signed]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-05-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-10-04] (Google Inc -> Google)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-09-03] (Piriform Software Ltd -> Piriform Software)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-09-03] (Piriform Software Ltd -> Piriform Software)
FF Plugin: @videolan.org/vlc,version=1.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2661226761-2934294044-4021329715-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ASRock\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2661226761-2934294044-4021329715-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\ASRock\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-03-25] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-2661226761-2934294044-4021329715-1000: sony.com/MediaGoDetector -> C:\Program Files\Sony\Media Go\npMediaGoDetector.dll [2016-10-24] (Sony Network Entertainment International LLC) [File not signed]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\all-gemius.js [2016-07-16]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default [2020-11-10]
CHR Notifications: Default -> hxxps://app.mondly.com; hxxps://cs.duolingo.com; hxxps://jak-vydelat-penize.pushresponse.net; hxxps://james.darpinian.com; hxxps://novaplus.nova.cz; hxxps://www.chip.cz; hxxps://www.easeus.com; hxxps://www.esky.cz; hxxps://zpravy.aktualne.cz
CHR HomePage: Default -> hxxp://www.centrum.cz/
CHR StartupUrls: Default -> "hxxp://centrum.cz/","hxxps://www.duolingo.com/","hxxps://app.mondly. ... x.php/live"
CHR Extension: (Avast Passwords) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2020-02-10]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-09]
CHR Extension: (Dashlane - Password Manager) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2020-11-07]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-10-31]
CHR Extension: (Duolingo Tweaks) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcankdajnfcbepbhjhfechmandhfplen [2015-12-06]
CHR Extension: (Duolingo Vocabulary Manager) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\mglmcjokbicehcaojghjmhfjnaooffcd [2015-12-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Chrome Media Router) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-10]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files\Sony\Media Go\MediaGoDetector.crx" <not found>
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [217088 2012-11-16] (Advanced Micro Devices, Inc. -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-11-16] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7522208 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [332344 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [2511456 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-09-03] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files\CCleaner Browser\Application\86.1.6738.114\elevation_service.exe [1136920 2020-11-02] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-09-03] (Piriform Software Ltd -> Piriform Software)
R2 EyeTV Netstream; C:\Program Files\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe [400864 2013-04-15] (Elgato Systems -> Elgato Systems GmbH)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [370792 2010-01-21] (NVIDIA Corporation -> )
R2 FoxitReaderUpdateService; C:\Program Files\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [1995184 2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [729632 2020-10-30] (McAfee, LLC -> McAfee, LLC)
R2 MTAgentService; C:\Program Files\MiniTool ShadowMaker\AgentService.exe [676336 2020-08-30] (MiniTool Software Limited -> )
R2 MTSchedulerService; C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe [204272 2020-08-30] (MiniTool Software Limited -> )
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [167528 2010-01-21] (NVIDIA Corporation -> )
R2 RosettaStoneDaemon; C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe [1646608 2012-06-19] (Rosetta Stone Ltd -> Rosetta Stone Ltd.)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia -> Secunia)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Sony Mobile Communications AB -> Avanquest Software) [File not signed]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 SyspectrAgent; C:\Program Files\OO Software\Syspectr\OOSysAgent.exe [310328 2020-09-18] (O&O Software GmbH -> O&O Software GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36496 2016-12-19] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe [263056 2011-08-01] (Western Digital Technologies, Inc. -> WDC)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdiox86; C:\Windows\System32\DRIVERS\amdiox86.sys [37944 2010-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10070016 2012-11-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [290304 2012-11-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35040 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [175776 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [189520 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [154696 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [55888 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40736 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [147712 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [375192 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [36104 2020-04-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [94192 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72840 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [691064 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [396616 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [163312 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [277960 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [78848 2016-07-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10070016 2012-11-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AVerA706; C:\Windows\System32\DRIVERS\AVerA706.sys [1223040 2010-04-08] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R3 CYDTV_SRV; C:\Windows\System32\drivers\cydtv.sys [1203200 2017-06-28] (Shenzhen Geniatech Technology LTD. -> )
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-01-01] (DT Soft Ltd -> DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [23688 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFl; C:\Windows\System32\drivers\EPMVolFl.sys [17672 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R0 EUDCPEPM; C:\Windows\System32\drivers\EUDCPEPM.sys [66184 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C:\Windows\system32\drivers\EUEDKEPM.sys [21640 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [13832 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [52376 2020-01-28] (Martin Malik - REALiX -> REALiX(tm))
R1 HWiNFO_150; C:\Windows\system32\drivers\HWiNFO32_150.SYS [53152 2020-05-24] (Martin Malik - REALiX -> REALiX(tm))
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2011-03-19] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
S3 k750mdfl; C:\Windows\System32\DRIVERS\k750mdfl.sys [6576 2011-03-19] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
S3 k750mdm; C:\Windows\System32\DRIVERS\k750mdm.sys [89872 2011-03-19] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
S3 k750mgmt; C:\Windows\System32\DRIVERS\k750mgmt.sys [81728 2011-03-19] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
S3 k750obex; C:\Windows\System32\DRIVERS\k750obex.sys [79488 2011-03-19] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [73984 2020-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [169472 2016-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nvsmu; C:\Windows\System32\DRIVERS\nvsmu.sys [18944 2010-03-22] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-12-06] (Secunia -> Secunia)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [17160 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13064 2019-11-08] (MiniTool Solution Ltd -> )
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [575696 2016-12-19] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam.sys [11520 2011-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [X]
U3 DfSdkS; no ImagePath
S1 HWiNFO; \??\C:\Users\ASRock\AppData\Local\Temp\HWiNFO32.SYS [X] <==== ATTENTION
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-09 20:37 - 2020-11-09 20:38 - 008447152 _____ (Malwarebytes) C:\Users\ASRock\Downloads\adwcleaner_8.0.8.exe
2020-11-09 20:37 - 2020-11-09 20:37 - 008447152 _____ (Malwarebytes) C:\Users\ASRock\Downloads\adwcleaner_8.0.8 (1).exe
2020-11-09 20:29 - 2020-11-09 20:30 - 030460656 _____ (Piriform Software Ltd) C:\Users\ASRock\Downloads\ccsetup574.exe
2020-11-08 21:56 - 2020-11-08 22:02 - 000066453 _____ C:\Users\ASRock\Downloads\Addition.txt
2020-11-08 21:43 - 2020-11-10 00:09 - 000035940 _____ C:\Users\ASRock\Downloads\FRST.txt
2020-11-08 21:30 - 2020-11-08 21:32 - 002012672 _____ (Farbar) C:\Users\ASRock\Downloads\FRST.exe
2020-11-08 21:13 - 2020-11-08 21:13 - 000053473 _____ C:\Users\ASRock\Downloads\Vypis_z_uctu-2401825416_20201001-20201031_cislo-5.pdf
2020-11-08 19:34 - 2020-11-09 20:20 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-08 16:20 - 2020-11-08 16:20 - 001107968 _____ C:\Users\ASRock\Downloads\RSIT.exe
2020-11-08 16:07 - 2020-11-08 16:11 - 000060069 _____ C:\Users\ASRock\Desktop\Addition.txt
2020-11-08 16:01 - 2020-11-08 16:11 - 000038024 _____ C:\Users\ASRock\Desktop\FRST.txt
2020-11-07 22:33 - 2020-11-07 22:33 - 000711408 _____ C:\Users\ASRock\Downloads\cz_manual_evolveo_sigma_t2 (6).pdf
2020-11-07 22:33 - 2020-11-07 22:33 - 000711408 _____ C:\Users\ASRock\Downloads\cz_manual_evolveo_sigma_t2 (5).pdf
2020-11-07 22:13 - 2020-11-07 22:13 - 000000000 ____D C:\Users\ASRock\AppData\LocalLow\Foxit
2020-11-02 21:06 - 2020-11-02 21:06 - 000000000 ____D C:\Users\ASRock\Downloads\Simca
2020-11-02 20:56 - 2020-11-02 20:59 - 406931777 _____ C:\Users\ASRock\Downloads\Simca.zip
2020-10-27 22:55 - 2020-11-09 20:53 - 000257746 _____ C:\Windows\ntbtlog.txt
2020-10-26 20:33 - 2020-10-26 20:34 - 000007664 _____ C:\Users\ASRock\Documents\cc_20201026_203352.reg
2020-10-26 20:23 - 2020-10-26 20:24 - 029853224 _____ (Piriform Software Ltd) C:\Users\ASRock\Downloads\ccsetup573.exe
2020-10-21 23:09 - 2020-10-21 23:09 - 000570586 _____ (Authorsoft Corporation ) C:\Users\ASRock\Downloads\USBFormatToolSetup (1).exe
2020-10-20 23:41 - 2020-10-20 23:41 - 000001220 _____ C:\Users\Public\Desktop\EaseUS Partition Master 14.5.lnk
2020-10-20 23:41 - 2020-10-20 23:41 - 000001220 _____ C:\ProgramData\Desktop\EaseUS Partition Master 14.5.lnk
2020-10-20 23:41 - 2020-10-20 23:41 - 000000000 ____D C:\ProgramData\SystemAcCrux
2020-10-20 23:41 - 2020-10-20 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 14.5
2020-10-20 23:41 - 2020-07-07 14:14 - 000149128 _____ C:\Windows\system32\setupempdrv03.exe
2020-10-20 23:41 - 2020-07-07 14:14 - 000023688 _____ C:\Windows\system32\epmntdrv.sys
2020-10-20 23:41 - 2020-07-07 14:14 - 000017672 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\EPMVolFl.sys
2020-10-20 23:41 - 2020-07-07 14:14 - 000017672 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\EPMVolFl.sys
2020-10-20 23:41 - 2020-07-07 14:14 - 000013832 _____ C:\Windows\system32\EuGdiDrv.sys
2020-10-20 23:41 - 2020-07-07 14:12 - 003734664 _____ C:\Windows\system32\BootMan.exe
2020-10-20 23:41 - 2020-07-07 14:12 - 000024712 _____ C:\Windows\system32\EuEpmGdi.dll
2020-10-20 23:41 - 2020-07-07 14:11 - 000066184 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\EUDCPEPM.sys
2020-10-20 23:41 - 2020-07-07 14:11 - 000021640 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\EUEDKEPM.sys
2020-10-20 23:41 - 2020-02-23 13:49 - 000000057 _____ C:\Windows\system32\setupepmdrv.ini
2020-10-20 23:40 - 2020-10-20 23:40 - 047169616 _____ (EaseUS ) C:\Users\ASRock\Downloads\epm_free_easeus.exe
2020-10-20 23:40 - 2020-10-20 23:40 - 000000000 ____D C:\Program Files\EaseUS
2020-10-20 23:39 - 2020-10-20 23:39 - 001710608 _____ C:\Users\ASRock\Downloads\epm_free_installer.exe
2020-10-20 23:06 - 2020-10-20 23:06 - 000226437 _____ C:\Users\ASRock\Downloads\Stepankovi_2.pdf.zip
2020-10-20 00:30 - 2020-10-20 00:30 - 000080038 _____ C:\Users\ASRock\Downloads\kupon.pdf
2020-10-19 21:46 - 2020-10-19 21:46 - 000002060 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2020-10-19 21:46 - 2020-10-19 21:46 - 000002060 _____ C:\ProgramData\Desktop\Foxit Reader.lnk
2020-10-19 21:46 - 2020-10-19 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2020-10-18 09:04 - 2020-10-18 09:03 - 000285280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-10-18 09:03 - 2020-10-18 09:03 - 000163312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-10-18 09:03 - 2020-10-18 09:03 - 000147712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-10-17 22:19 - 2020-10-17 22:19 - 000000000 ____D C:\Users\ASRock\Downloads\Honza_Kozel.pdf
2020-10-17 22:16 - 2020-10-17 22:17 - 000206693 _____ C:\Users\ASRock\Downloads\Honza_Kozel.pdf.zip
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-10 00:08 - 2017-11-23 10:39 - 000000000 ____D C:\FRST
2020-11-10 00:04 - 2016-09-09 22:25 - 000000000 ____D C:\Users\ASRock\AppData\Local\AVAST Software
2020-11-09 21:32 - 2011-03-07 17:49 - 000000000 ____D C:\ProgramData\AVAST Software
2020-11-09 21:05 - 2009-07-14 05:34 - 000026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-11-09 21:05 - 2009-07-14 05:34 - 000026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-11-09 20:56 - 2020-10-01 23:34 - 000000000 ____D C:\Users\ASRock\AppData\Roaming\QtProject
2020-11-09 20:51 - 2011-03-21 00:23 - 000000000 ____D C:\Program Files\CCleaner
2020-11-09 20:49 - 2016-05-31 15:13 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2020-11-09 20:48 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-11-09 20:46 - 2018-05-06 00:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2020-11-09 20:46 - 2018-05-06 00:18 - 000000000 ____D C:\Users\ASRock\AppData\Roaming\Samsung
2020-11-09 20:46 - 2018-05-06 00:17 - 000000000 ____D C:\Program Files\Samsung
2020-11-09 20:45 - 2016-07-24 23:30 - 000000000 ____D C:\Program Files\Common Files\IObit
2020-11-09 20:45 - 2016-07-24 22:57 - 000000000 ____D C:\Users\ASRock\AppData\LocalLow\IObit
2020-11-09 20:45 - 2016-07-24 22:57 - 000000000 ____D C:\ProgramData\IObit
2020-11-09 20:45 - 2011-03-23 01:27 - 000000000 ____D C:\Users\ASRock\AppData\Roaming\IObit
2020-11-09 20:31 - 2017-11-09 00:06 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-11-09 20:31 - 2011-03-21 00:23 - 000000934 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-11-09 20:31 - 2011-03-21 00:23 - 000000934 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-11-09 20:24 - 2017-03-13 21:54 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-11-09 20:20 - 2015-05-16 22:51 - 000000924 _____ C:\Windows\Tasks\Google Software Updater.job
2020-11-09 20:20 - 2014-05-16 09:17 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2020-11-09 00:56 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\tracing
2020-11-09 00:51 - 2017-04-03 08:47 - 000000000 ____D C:\Users\ASRock\AppData\LocalLow\Mozilla
2020-11-09 00:22 - 2020-10-07 18:59 - 000002982 _____ C:\Windows\system32\Tasks\{E0BFEEE6-5026-4542-9F88-F5098DF7B3B5}
2020-11-09 00:22 - 2020-10-07 18:59 - 000002982 _____ C:\Windows\system32\Tasks\{5416AA1A-98FB-4F2D-A462-8372F2B3CA74}
2020-11-09 00:22 - 2020-10-01 23:33 - 000002998 _____ C:\Windows\system32\Tasks\MiniTool Shadow Maker
2020-11-09 00:22 - 2020-10-01 23:32 - 000003184 _____ C:\Windows\system32\Tasks\MiniToolPartitionWizard
2020-11-09 00:22 - 2020-09-18 19:34 - 000003176 _____ C:\Windows\system32\Tasks\{524466C9-6B0A-43D7-8F9A-4B10679A0FF0}
2020-11-09 00:22 - 2020-07-06 21:32 - 000004464 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-11-09 00:22 - 2019-07-18 11:39 - 000003132 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2020-11-09 00:22 - 2019-07-18 11:38 - 000003714 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2020-11-09 00:22 - 2019-07-18 11:37 - 000003426 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2020-11-09 00:22 - 2019-07-18 11:37 - 000003298 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2020-11-09 00:22 - 2018-08-20 11:40 - 000002794 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-11-09 00:22 - 2017-11-22 18:06 - 000003836 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1496678798
2020-11-09 00:22 - 2015-12-03 17:47 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-11-09 00:22 - 2011-08-18 02:09 - 000003586 _____ C:\Windows\system32\Tasks\Google Software Updater
2020-11-09 00:22 - 2011-08-18 02:09 - 000003374 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-11-09 00:22 - 2011-08-18 02:09 - 000003246 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-08 20:12 - 2013-08-16 20:00 - 000000000 ____D C:\Users\ASRock\Desktop\Pro Honzíka
2020-11-08 16:20 - 2013-04-24 19:25 - 000000000 ____D C:\Program Files\trend micro
2020-11-06 19:04 - 2020-05-29 14:30 - 000001994 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-05 21:20 - 2019-07-18 11:40 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2020-11-05 21:20 - 2019-07-18 11:40 - 000002190 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2020-11-05 21:20 - 2019-07-18 11:40 - 000002190 _____ C:\ProgramData\Desktop\CCleaner Browser.lnk
2020-11-05 21:20 - 2019-07-18 11:37 - 000000000 ____D C:\Program Files\CCleaner Browser
2020-11-04 23:42 - 2014-02-22 21:06 - 000002135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-04 23:42 - 2014-02-22 21:06 - 000002094 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-04 23:42 - 2014-02-22 21:06 - 000002094 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-11-03 21:57 - 2017-06-05 17:06 - 000000000 ____D C:\Program Files\Opera
2020-10-31 00:34 - 2011-03-07 17:09 - 001704428 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-31 00:34 - 2009-07-14 09:44 - 000713412 _____ C:\Windows\system32\perfh005.dat
2020-10-31 00:34 - 2009-07-14 09:44 - 000158440 _____ C:\Windows\system32\perfc005.dat
2020-10-31 00:34 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2020-10-26 20:34 - 2014-10-19 21:29 - 000796160 ___SH C:\Users\ASRock\Desktop\Thumbs.db
2020-10-21 23:20 - 2018-06-23 18:38 - 000001099 _____ C:\Users\ASRock\Desktop\USB Disk Storage Format Tool.lnk
2020-10-21 23:20 - 2018-06-23 18:38 - 000000063 _____ C:\Users\ASRock\Desktop\Create Bootable USB.url
2020-10-21 23:20 - 2018-06-23 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Storage Format Tool 5.3
2020-10-21 23:20 - 2018-06-23 18:38 - 000000000 ____D C:\Program Files\USB Disk Storage Format Tool
2020-10-19 21:49 - 2013-08-04 13:27 - 000000993 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-10-19 21:49 - 2013-08-04 13:27 - 000000993 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-10-19 21:47 - 2018-12-06 21:52 - 000001233 _____ C:\Users\Public\Desktop\Skype.lnk
2020-10-19 21:47 - 2018-12-06 21:52 - 000001233 _____ C:\ProgramData\Desktop\Skype.lnk
2020-10-19 21:47 - 2018-12-06 21:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-10-19 21:47 - 2012-05-06 17:59 - 000000000 ____D C:\Users\ASRock\AppData\Roaming\Skype
2020-10-19 21:46 - 2016-08-25 21:41 - 000000000 ____D C:\ProgramData\Foxit Software
2020-10-19 21:44 - 2019-11-13 20:00 - 000000068 _____ C:\Users\Public\Documents\pre_fileassoc.tmp
2020-10-19 21:44 - 2019-11-13 20:00 - 000000068 _____ C:\ProgramData\Documents\pre_fileassoc.tmp
2020-10-18 09:19 - 2020-04-15 18:34 - 000375192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-10-18 09:06 - 2011-03-26 10:56 - 000000000 ____D C:\Windows\system32\Macromed
2020-10-18 09:03 - 2019-01-08 23:14 - 000154696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-10-18 09:03 - 2019-01-08 23:14 - 000055888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-10-18 09:03 - 2018-11-15 20:43 - 000040736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-10-18 09:03 - 2013-03-18 13:32 - 000277960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-10-18 09:03 - 2013-03-18 13:32 - 000072840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-10-18 09:03 - 2012-03-14 14:35 - 000094192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-10-18 09:03 - 2011-03-07 17:50 - 000396616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-10-18 09:02 - 2019-01-14 20:32 - 000189520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-10-18 09:02 - 2019-01-08 23:14 - 000035040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-10-18 09:02 - 2018-01-10 20:27 - 000175776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-10-18 09:02 - 2011-03-07 17:50 - 000691064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-10-15 23:41 - 2014-05-29 10:05 - 000000000 ____D C:\Users\ASRock\Desktop\SonEric_28_5_2014
2020-10-14 22:38 - 2013-02-14 17:37 - 000000000 ____D C:\Users\ASRock\Desktop\RECEPTY
==================== Files in the root of some directories ========
2013-09-19 16:58 - 2013-09-19 16:58 - 000000000 _____ () C:\Users\ASRock\AppData\Roaming\pdfperformer
2015-01-05 14:23 - 2015-01-05 14:25 - 000011264 ___SH () C:\Users\ASRock\AppData\Roaming\Thumbs.db
2011-06-23 17:32 - 2016-06-06 22:30 - 000006144 _____ () C:\Users\ASRock\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-06-23 19:04 - 2018-06-23 19:04 - 000000001 _____ () C:\Users\ASRock\AppData\Local\llftool.4.40.agreement
2016-01-16 15:19 - 2016-01-16 15:19 - 000003977 _____ () C:\Users\ASRock\AppData\Local\recently-used.xbel
2011-09-05 13:04 - 2012-04-11 23:24 - 000007605 _____ () C:\Users\ASRock\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-11-05 21:39
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-11-2020
Ran by ASRock (10-11-2020 00:14:13)
Running from C:\Users\ASRock\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2011-03-07 15:57:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2661226761-2934294044-4021329715-500 - Administrator - Disabled)
ASRock (S-1-5-21-2661226761-2934294044-4021329715-1000 - Administrator - Enabled) => C:\Users\ASRock
Guest (S-1-5-21-2661226761-2934294044-4021329715-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2661226761-2934294044-4021329715-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (HKLM\...\{23170F69-40C1-2701-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
AbiWord 2.8.6 (HKLM\...\AbiWord2) (Version: 2.8.6 - AbiSource Developers)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20064 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{E43B4909-141E-DFF3-8C58-62B5E4D66BBA}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM\...\{0CAE2FF0-AFC9-733D-EC3C-04BCB6B3C06F}) (Version: 2.0.4251.33734 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 20.8.2432 - Avast Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CalcRC 2.5 verze 2.5 (HKLM\...\{A50CCD4D-7B79-47D9-B6B8-415E4D9A1E9C}}_is1) (Version: 2.5 - Tomecek)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: - )
Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version: - )
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.74 - Piriform)
CCleaner Browser (HKLM\...\CCleaner Browser) (Version: 86.1.6738.114 - Autoři prohlížeče CCleaner Browser)
CSE HTML Validator Standard v12.03 (HKLM\...\CSEHTMLVALIDATOR120_is1) (Version: 12.3.0.0 - AI Internet Solutions LLC)
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 5.1.0.0333 - DT Soft Ltd)
Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Driver Install 32bit (HKLM\...\{98ECAF17-9201-4E2D-B689-4F277C12FB17}) (Version: 1.32.1748.0 - Shenzhen Geniatech Inc.,Ltd)
EaseUS Partition Master 14.5 (HKLM\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EyeTV Netstream for Windows Media Center (HKLM\...\EyeTV Netstream Service) (Version: 1.01.00.16 - Elgato Systems GmbH)
FastStone Image Viewer 4.2 (HKLM\...\FastStone Image Viewer) (Version: 4.2 - FastStone Soft)
File Identifier (HKLM\...\{C257E434-E8F1-4E06-A616-598E4933553E}_is1) (Version: 1.0.10 - Sharpened Productions)
File Viewer Plus (HKLM\...\{C8B24B83-920A-446E-B027-38F72C9D8898}_is1) (Version: 2.0.0 - Sharpened Productions)
Firehand Ember (HKLM\...\Firehand Ember) (Version: - )
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 10.0.1.35811 - Foxit Software Inc.)
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
FreeCommander 2009.02b (HKLM\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
FreeOCR v5.4 (HKLM\...\freeocr_is1) (Version: - )
GeoShow3D Lite (HKLM\...\GeoShow3D Lite) (Version: - )
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Goniometrické funkce (HKLM\...\Goniometrické funkce) (Version: - )
Google Drive (HKLM\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Earth Pro (HKLM\...\{59F21DFB-6977-434B-9CB9-67783D6E7B6B}) (Version: 7.3.3.7786 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 86.0.4240.183 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Google+ Auto Backup (HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.09) (Version: 9.09 - Artifex Software Inc.)
Hard Disk Low Level Format Tool 4.40 (HKLM\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU)
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
HD Tune Pro 4.50 (HKLM\...\HD Tune Pro_is1) (Version: - EFD Software)
Hetman Partition Recovery 2.2 (HKLM\...\Hetman Partition Recovery) (Version: - )
HWiNFO32 Version 6.26 (HKLM\...\HWiNFO32_is1) (Version: 6.26 - Martin Malik - REALiX)
Icecream Screen Recorder version 1.37 (HKLM\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 1.37 - Icecream Apps)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Java 8 Update 251 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\jdownloader09) (Version: 0.9 - AppWork GmbH)
KiCad 2013.03.04 (HKLM\...\KiCad) (Version: 2013.03.04 - )
Ladicka (HKLM\...\Ladicka) (Version: - )
Media Go (HKLM\...\{60CDD65B-61AD-4BE4-BEA8-BB2D15534D4B}) (Version: 3.2.191 - Sony)
Media Go Video Playback Engine 2.20.109.05220 (HKLM\...\{B48AA269-C017-875E-AE23-CE1DCEE07626}) (Version: 2.20.109.05220 - Sony)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft IntelliPoint 7.1 (HKLM\...\{7057ABC2-EFF3-4E43-9806-8BCB6EEA9FE6}) (Version: 7.10.344.0 - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MiniTool Partition Wizard Free 12 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Software Limited)
MiniTool Partition Wizard verze 1.5 (HKLM\...\MiniTool Partition Wizard_is1) (Version: 1.5 - )
MiniTool ShadowMaker PW Edition (HKLM\...\MT-75D7C412-925B-4AD0-90DC-5E4FEE22EAE1_is1) (Version: 3.5 - MiniTool Software Limited)
Minus Desktop Tool 1.7 (HKLM\...\Minus_is1) (Version: 1.7 - Minus Inc.)
Mozilla Firefox 82.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 82.0.2 (x86 en-US)) (Version: 82.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 82.0.2.7605 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NEC Electronics USB 3.0 Host Controller Driver (HKLM\...\{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
NEC Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
Nero 7 Essentials (HKLM\...\{9B4E6CB9-E54D-47F7-A414-E2D5740E1029}) (Version: 7.02.8507 - Nero AG)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM\...\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7325.0 - NVIDIA Corporation)
O&O Syspectr (HKLM\...\{CE8921E4-D3AC-43A6-BD3D-356546A076D7}) (Version: 0.200.46 - O&O Software GmbH)
OpenOffice 4.1.7 (HKLM\...\{E3E3C1D4-6886-4EDB-9F12-335641465055}) (Version: 4.17.9800 - Apache Software Foundation)
OpenWith.org 1.0.3 (HKLM\...\{B52F8C4B-FE88-4B59-9B80-1C93669D7DEB}_is1) (Version: - OpenWith.org)
Opera Stable 37.0.2178.32 (HKU\.DEFAULT\...\Opera 37.0.2178.32) (Version: 37.0.2178.32 - Opera Software)
Opera Stable 72.0.3815.186 (HKLM\...\Opera 72.0.3815.186) (Version: 72.0.3815.186 - Opera Software)
Paragon Partition Manager™ 2013 Free (HKLM\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PCLab (HKLM\...\PCLab) (Version: - )
PDF Editor 5 (HKLM\...\PDF Editor 5) (Version: - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Platform (HKLM\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Hidden
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Podpora aplikací Apple (32bitová) (HKLM\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
ProfiCAD (HKLM\...\ProfiCAD_is1) (Version: - )
Psaní všemi deseti 1.5 (HKLM\...\Psaní všemi deseti_is1) (Version: - Richard Šusta, David Vejchoda)
RadarSync PC Updater 2012 (HKLM\...\RadarSync PC Updater 2012_is1) (Version: 4.1.0.14931 - RadarSync Ltd)
rajče průvodce verze 1.59.45.260 (HKLM\...\rajče.net_is1) (Version: - rajče.net)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Registrace uživatele zařízení Canon MP550 series (HKLM\...\Registrace uživatele zařízení Canon MP550 series) (Version: - )
Revo Uninstaller 1.92 (HKLM\...\Revo Uninstaller) (Version: 1.92 - VS Revo Group)
Rosetta Stone Ltd Services (HKLM\...\{3165E4A6-D5DE-46B0-8597-D55E2B826B84}) (Version: 3.2.21 - Rosetta Stone Ltd.)
Rosetta Stone TOTALe (HKLM\...\{6B6BC189-D606-4BC7-9758-E6C364F76A55}) (Version: 4.5.5.0 - Rosetta Stone, Ltd)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Scope (HKLM\...\{59E13EA0-9604-47DF-BEB7-3651E6E09221}) (Version: 1.22.0 - Zeitnitz)
Secunia PSI (3.0.0.9016) (HKLM\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
SequoiaView (HKLM\...\SequoiaView) (Version: - )
SES Driver (HKLM\...\{0673654C-5296-453B-9798-B61CD7E03FEB}) (Version: 1.0.0 - Western Digital)
Skype Click to Call (HKLM\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype verze 8.65 (HKLM\...\Skype_is1) (Version: 8.65 - Skype Technologies S.A.)
Software Informer 1.1 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
Sony PC Companion 2.10.303 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Sound Control v2.15 (HKLM\...\Sound Control_is1) (Version: - Really Effective)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
TotalDocConverter (HKLM\...\Total Doc Converter_is1) (Version: - Softplicity, Inc.)
TotalTV Player (HKLM\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.32.4 - )
Unity Web Player (HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Universal Viewer (HKLM\...\Universal Viewer) (Version: - UVViewSoft)
USB Disk Storage Format Tool 6.0 (HKLM\...\USB Disk Storage Format Tool_is1) (Version: - Authorsoft Corporation)
USB Flash Drive Format Tool 1.0 (HKLM\...\USB Flash Drive Format Tool_is1) (Version: - Rogosoft Corporation)
VIA Platforma Ovladače zařízení (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VideoMate T, M, P, S Series Driver (HKLM\...\{41E340F0-0BD6-4A87-AF29-E9E584471756}) (Version: 1.39.100 - )
Visual Analyser 2011 (HKLM\...\{BE2F9F39-9512-4DFD-A412-0355A2FE66D3}) (Version: 14.0.0.19 - Alfredo Accattatis)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WD SmartWare (HKLM\...\{51B055DD-A5F8-4D0C-A09C-66E58AD56F20}) (Version: 1.5.1 - Western Digital)
WebAdvisor od společnosti McAfee (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.163 - McAfee, LLC)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Wondershare Helper Compact 2.5.2 (HKLM\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Wondershare PDFelement 6 Pro(Build 6.2.2) (HKLM\...\{B026557A-EF19-4812-8A79-B30F94AA0A78}_is1) (Version: 6.2.2.2615 - Wondershare Software Co.,Ltd.)
Wondershare PDFelement(Build 7.5.3) (HKLM\...\{77078E40-A92E-47FD-A0F6-168A4BF6CF3A}_is1) (Version: 7.5.3.4801 - Wondershare Software Co.,Ltd.)
World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version: - Wargaming.net)
Xml Viewer (HKLM\...\{F58E04CD-6E76-43C8-AAF1-482225C2910E}) (Version: 3 - MindFusion Limited)
Zoner Context 4 Lite (HKLM\...\{B55C39AA-34DB-11D5-A3A9-004F4E01877A}) (Version: 4.0.0.0 - Zoner software, s.r.o.)
Zoom (HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\ASRock\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS -> Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}\InprocServer32 -> C:\Program Files\AVAST Software\Avast\ashShell.dll (Avast Software s.r.o. -> AVAST Software)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{7B0EFEE5-076F-A2E3-8F15-9DDAC7CC61C3}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-18] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-05-04] (Nero AG -> Nero AG)
ContextMenuHandlers1: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files\DAEMON Tools Pro\DTShl32.dll [2012-04-26] (DT Soft Ltd -> DT Soft Ltd)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers1: [OpenWith.org] -> {1569D0D3-1127-48A2-A4BC-958553F472C5} => C:\Program Files\OpenWith.org Desktop Tool\OpenWith.org Shell Extension.dll [2009-03-13] (OpenWith.org) [File not signed]
ContextMenuHandlers1: [PeContextMenuExtension] -> {098A124A-AA1C-38C8-A65E-D1199A14516A} => C:\Program Files\Common Files\Wondershare\PDFelement\AddIns\PEShellExt_x86.dll [2020-04-16] (Wondershare Technology Co.,Ltd -> Wondershare)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers1: [TotalConverter] -> {280CFDE1-1354-4431-92F3-03073BA593FB} => C:\Program Files\TotalDocConverter\axTotalConverter.dll [2006-11-30] () [File not signed]
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\WDContextMenuHandler.dll [2011-08-01] (Western Digital) [File not signed]
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\WDContextMenuHandler.dll [2011-08-01] (Western Digital) [File not signed]
ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files\DAEMON Tools Pro\DTShl32.dll [2012-04-26] (DT Soft Ltd -> DT Soft Ltd)
ContextMenuHandlers2: [Hetman Partition Recovery] -> {66953641-5DA9-4A81-82E8-2727300BBD29} => C:\Program Files\Hetman Software\Hetman Partition Recovery 2.2\Resources\DiskMenu.dll [2014-11-27] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2012-11-16] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\WDContextMenuHandler.dll [2011-08-01] (Western Digital) [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2013-04-15 09:06 - 2013-04-15 09:06 - 000032768 _____ () [File not signed] C:\Program Files\Elgato\EyeTV Netstream\Interop.NetFwTypeLib.dll
2013-04-15 09:06 - 2013-04-15 09:06 - 000014848 _____ () [File not signed] C:\Program Files\Elgato\EyeTV Netstream\Interop.UPNPLib.dll
2020-10-01 23:32 - 2020-08-29 04:47 - 000085504 _____ () [File not signed] C:\Program Files\MiniTool ShadowMaker\coresync.dll
2020-10-01 23:32 - 2019-08-15 04:52 - 000064000 _____ () [File not signed] C:\Program Files\MiniTool ShadowMaker\SMTPEmail.dll
2011-10-14 10:21 - 2006-11-30 15:03 - 000434688 _____ () [File not signed] C:\Program Files\TotalDocConverter\axTotalConverter.dll
2010-11-02 07:33 - 2010-11-02 07:33 - 000886272 _____ () [File not signed] C:\Program Files\Western Digital\WD SmartWare\System.Data.SQLite.dll
2011-08-01 06:34 - 2011-08-01 06:34 - 000064000 _____ () [File not signed] C:\Program Files\Western Digital\WD SmartWare\WDCollections.dll
2011-06-02 11:23 - 2010-04-24 04:00 - 000272384 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMLM9Z.DLL
2011-03-19 15:28 - 2010-04-24 05:00 - 000027648 _____ (CANON INC.) [File not signed] C:\Windows\system32\spool\PRTPROCS\W32X86\CNMPD9Z.DLL
2018-04-21 22:37 - 2015-12-04 20:43 - 000021504 _____ (eMPIA Technology, Inc.) [File not signed] C:\Program Files\Common Files\TotalTV Player\Remote\BDADLL.dll
2020-10-01 23:32 - 2020-08-29 04:47 - 000150016 _____ (Chengdu Speed Digital Technology Co..Ltd.) [File not signed] C:\Program Files\MiniTool ShadowMaker\FileInfoCommon.dll
2020-10-01 23:32 - 2020-08-29 04:47 - 000055808 _____ (Chengdu Speed Digital Technology Co..Ltd.) [File not signed] C:\Program Files\MiniTool ShadowMaker\ChannelNetFileInfo.dll
2003-03-18 21:12 - 2003-03-18 21:12 - 001047552 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
2003-03-19 07:14 - 2003-03-19 07:14 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll
2003-02-21 15:42 - 2003-02-21 15:42 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll
2003-03-19 07:20 - 2003-03-19 07:20 - 001060864 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL
2019-03-27 22:48 - 2019-03-27 22:48 - 000115200 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2011-12-14 21:38 - 2011-12-14 21:38 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\MSVCP140.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\ucrtbase.DLL
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\VCRUNTIME140.dll
2020-10-01 23:32 - 2013-09-20 10:21 - 000067072 _____ (NT KERNEL RESOURCES LAB.) [File not signed] C:\Program Files\MiniTool ShadowMaker\vdskapi.dll
2012-01-03 14:07 - 2009-03-13 16:36 - 000026112 _____ (OpenWith.org) [File not signed] C:\Program Files\OpenWith.org Desktop Tool\OpenWith.org Shell Extension.dll
2020-09-23 21:48 - 2020-09-23 21:48 - 001261568 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\OO Software\Syspectr\SQLite.Interop.dll
2020-10-01 23:32 - 2017-09-14 13:45 - 000037888 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\bearer\qgenericbearer.dll
2020-10-01 23:32 - 2017-09-14 13:45 - 000039424 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\bearer\qnativewifibearer.dll
2020-10-01 23:32 - 2017-09-14 13:45 - 000024576 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\imageformats\qgif.dll
2020-10-01 23:32 - 2017-09-14 13:53 - 000030720 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\imageformats\qicns.dll
2020-10-01 23:32 - 2017-09-14 13:45 - 000025088 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\imageformats\qico.dll
2020-10-01 23:32 - 2017-09-14 13:45 - 000243200 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\imageformats\qjpeg.dll
2020-10-01 23:32 - 2017-09-14 13:53 - 000018944 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\imageformats\qsvg.dll
2020-10-01 23:32 - 2017-09-14 13:53 - 000017920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\imageformats\qtga.dll
2020-10-01 23:32 - 2017-09-14 13:53 - 000313344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\imageformats\qtiff.dll
2020-10-01 23:32 - 2017-09-14 13:53 - 000017920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\imageformats\qwbmp.dll
2020-10-01 23:32 - 2017-09-14 13:53 - 000324608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\imageformats\qwebp.dll
2020-10-01 23:32 - 2017-09-14 13:46 - 001012224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\platforms\qwindows.dll
2020-10-01 23:32 - 2016-09-25 16:39 - 000251392 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\Qt5Svg.dll
2020-10-01 23:32 - 2017-09-14 13:45 - 000689664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\sqldrivers\qsqlite.dll
2020-10-01 23:32 - 2020-08-29 04:47 - 001228288 _____ (TODO: <Company name>) [File not signed] C:\Program Files\MiniTool ShadowMaker\core7z.dll
2020-09-23 21:49 - 2020-07-22 14:11 - 002122240 _____ (TODO: <Company name>) [File not signed] C:\Program Files\OO Software\Syspectr\Modules\8648d6ec-91ba-46f4-a6f4-2c2c58d88daf\CDI-Lib-Win32.dat
2011-08-01 09:07 - 2011-08-01 09:07 - 000329728 _____ (Western Digital) [File not signed] C:\Program Files\Western Digital\WD SmartWare\WDContextMenuHandler.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-05-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-10-30] (McAfee, LLC -> McAfee, LLC)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-05-16] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files\Geniatech\TotalTV Player\THCDeskBand.dll [2017-06-19] (GENIATECH INC.,LTD) [File not signed]
Toolbar: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (Canon Inc. -> CANON INC.)
Toolbar: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000 -> No Name - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21] (Skype Technologies SA -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2019-01-04 20:22 - 000000068 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ASRock\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 46.16.122.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Avast Cleanup Premium.lnk => C:\Windows\pss\Avast Cleanup Premium.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVer HID Receiver.lnk => C:\Windows\pss\AVer HID Receiver.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk => C:\Windows\pss\AVerQuick.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ASRock^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.lnk => C:\Windows\pss\OpenOffice.org 3.4.lnk.Startup
MSCONFIG\startupfolder: C:^Users^ASRock^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Sound Control.lnk => C:\Windows\pss\Sound Control.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AshSnap => C:\Program Files\Ashampoo\Ashampoo Snap 4\ashsnap.exe
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: Google Quick Search Box => "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
MSCONFIG\startupreg: Google Update => "C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\ASRock\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
MSCONFIG\startupreg: NeroFilterCheck =>
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Sony Ericsson PC Companion => "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TuneupUI.exe => "C:\Program Files\Avast Software\Cleanup\TuneupUI.exe" /nogui
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{60DF021B-9A80-4628-95ED-BEC6B27D1B21}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{BCE470F4-3112-40D4-83FA-0E36EB48420A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{93B6E010-6A25-4F30-B398-F3EC5D0DD673}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{9234EA94-C968-4574-894C-72BC12C5ABE8}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming.net LLP -> Wargaming.net) [File not signed]
FirewallRules: [UDP Query User{99646DB9-6489-4ABA-B94A-1C657FE74FB7}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming.net LLP -> Wargaming.net) [File not signed]
FirewallRules: [TCP Query User{5BAD410E-8E16-4807-9CDF-71A605324C75}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net LLP -> Wargaming.net) [File not signed]
FirewallRules: [UDP Query User{F32BC3ED-2C74-48C7-B434-D1B7F6509D33}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net LLP -> Wargaming.net) [File not signed]
FirewallRules: [{A3FF6EF4-0EAB-4432-BF6D-0282FA359740}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9B74D3DA-9B84-4737-B366-CC3D635F9D3F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{879CE865-2FB7-4C34-8D7F-C9EC724B0593}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{3755EEF4-511C-45D1-8E5A-4245911B7ADE}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{506112E1-7F75-4452-83C6-86278564C835}] => (Block) LPort=445
FirewallRules: [{0587DDA9-5A9D-463C-84F3-29C86CC1D3F0}] => (Block) LPort=445
FirewallRules: [{06AFF714-1CFC-4BBF-BD8B-C5C4CFFF65D2}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\InstTool.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{B903561F-DB08-4476-93F1-54C519459239}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\InstTool.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{768A0F84-6DD9-4352-A896-60C93847167C}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{BA23D28E-3CE9-474A-800F-A2A9678A8DCF}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{D9C1F29F-267D-4834-85A2-6DAED1D7F7A1}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{A4577353-D512-4883-B2A8-D0174A77912E}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [TCP Query User{43506699-BFA8-46C7-969F-36967A2F916A}C:\program files\sony\media go\mediago.exe] => (Block) C:\program files\sony\media go\mediago.exe (Sony Network Entertainment International LLC -> Sony Network Entertainment International LLC)
FirewallRules: [UDP Query User{8F6C3A22-040D-4240-A790-EA72FBB48700}C:\program files\sony\media go\mediago.exe] => (Block) C:\program files\sony\media go\mediago.exe (Sony Network Entertainment International LLC -> Sony Network Entertainment International LLC)
FirewallRules: [{4A78B1A6-BA93-4862-9956-E5F4A61798DC}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E1069FC0-E1C0-4EC8-9655-982223D106DE}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F1687F9A-B6F3-4991-83BF-9D2332945C9D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{53E3A275-E5E2-4309-9739-729C7E408F7A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A5B4CB04-8996-4A0C-9B1A-92AAC1593820}] => (Allow) C:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe (Rosetta Stone Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{9994FB61-FF84-4D3B-B89A-7E2EC83D5742}] => (Allow) C:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe (Rosetta Stone Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{B6F77E66-C7F8-4308-9E92-DDFDFD778963}] => (Allow) C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe (Rosetta Stone Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{B208465D-56D4-4E2B-BB71-D03F66B4F63A}] => (Allow) C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe (Rosetta Stone Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{ADBF8810-7BB8-46ED-AE42-4D4EC50F3DFE}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{AD36DD4E-5A34-4B7D-B659-EB24EE8D6334}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{43B12C5E-F5B1-4DDF-B4CC-DF45126E5CF3}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{73867CCB-A603-4360-8D68-1B4B9DB5DCDE}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{F3341A93-B7EE-4CC0-BE50-90DCA7C5D6F1}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F05F7456-12A5-4B2C-BA74-7BDEA71D26BA}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AFBDBE72-1568-477C-AE67-D5485B12B9B3}] => (Allow) C:\Program Files\Opera\71.0.3770.284\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{BF58789D-876E-4408-8828-BA55037582A6}] => (Allow) C:\Program Files\Opera\72.0.3815.186\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{E591E108-FE5D-466D-93FA-405D136B5645}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C2201953-1DB5-4E39-BC32-3E565CC4A69E}] => (Allow) C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{CFAC25EB-71A7-4D48-AA51-C56D58E80E71}] => (Allow) C:\Windows\ehome\ehrecvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{463572D9-FC48-4B06-AFCE-617DEDBBE803}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> )
FirewallRules: [{1A3339F9-0B87-41E1-95CA-0269DC54AB61}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> )
==================== Restore Points =========================
31-10-2020 22:59:31 Naplánovaný kontrolní bod
09-11-2020 20:45:21 AdwCleaner_BeforeCleaning_09/11/2020_20:45:17
==================== Faulty Device Manager Devices ============
Name: HWiNFO Kernel Driver
Description: HWiNFO Kernel Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HWiNFO
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (11/09/2020 11:23:15 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (11/09/2020 10:23:13 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (11/09/2020 09:23:20 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (11/09/2020 08:45:21 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {4f62cab8-da6b-4a3a-abc1-80e6170244df}
Error: (11/09/2020 08:39:09 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (11/09/2020 08:26:35 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (11/09/2020 12:53:17 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 86.0.4240.183 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 1708
Čas spuštění: 01d6b5ebf18a0445
Čas ukončení: 761
Cesta k aplikaci: C:\Program Files\Google\Chrome\Application\chrome.exe
ID hlášení: 71176fee-221d-11eb-a521-e97e627cf197
Error: (11/09/2020 12:23:31 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
System errors:
=============
Error: (11/09/2020 08:50:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
HWiNFO
Error: (11/09/2020 08:45:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (11/09/2020 08:45:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MTAgentService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/09/2020 08:45:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (11/09/2020 08:45:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MTSchedulerService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/09/2020 08:45:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ForceWare Intelligent Application Manager (IAM) byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/09/2020 08:45:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (11/09/2020 08:45:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Secunia PSI Agent byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
===================================
Date: 2015-01-16 15:32:01.178
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files\Settings Manager\smdmf\Helper.dll;folder:C:\Program Files\Settings Manager\
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2015-01-16 15:21:07.502
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files\Settings Manager\smdmf\Helper.dll
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2015-01-13 20:57:23.600
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files\Settings Manager\smdmf\Helper.dll
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2015-01-09 18:05:50.229
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:containerfile:C:\Users\ASRock\AppData\Local\Temp\nsx4EB4.tmp\nsg57FF.tmp\SettingsManagerMediaBar.exe;file:C:\Program Files\Settings Manager\smdmf\smdmfu.exe;file:C:\Users\ASRock\AppData\Local\Temp\nsx4EB4.tmp\nsg57FF.tmp\SettingsManagerMediaBar.exe->(VFS:Helper.dll#4);process:pid:4204;process:pid:4204,ProcessStart:130652960117988281;process:pid:860
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2015-01-09 17:55:24.089
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:containerfile:C:\Users\ASRock\AppData\Local\Temp\nsx4EB4.tmp\nsg57FF.tmp\SettingsManagerMediaBar.exe;file:C:\Program Files\Settings Manager\smdmf\smdmfu.exe;file:C:\Users\ASRock\AppData\Local\Temp\nsx4EB4.tmp\nsg57FF.tmp\SettingsManagerMediaBar.exe->(VFS:Helper.dll#4);process:pid:4204;process:pid:860
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2016-08-06 21:37:52.669
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:1.225.2931.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:1.1.12902.0
Kód chyby:0x800704c8
Popis chyby:Požadovanou operaci nelze provést se souborem, jehož uživateli mapovaný oddíl je otevřen.
Date: 2014-05-16 01:01:57.593
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
Date: 2014-05-16 01:01:57.588
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
CodeIntegrity:
===================================
Date: 2016-12-19 14:25:43.530
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 14:25:42.733
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 01:08:53.214
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 01:08:52.683
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 00:44:26.237
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 00:43:21.522
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 00:43:15.582
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 00:42:52.987
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P1.80 05/21/2010
Motherboard: ASRock K10N78D
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+
Percentage of memory in use: 87%
Total physical RAM: 3327.18 MB
Available physical RAM: 418.95 MB
Total Virtual: 6654.36 MB
Available Virtual: 2578.71 MB
==================== Drives ================================
Drive c: (Win 7) (Fixed) (Total:298.09 GB) (Free:168.16 GB) NTFS
Drive d: () (Fixed) (Total:17.58 GB) (Free:1.58 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (DATA) (Fixed) (Total:46.94 GB) (Free:5.98 GB) NTFS
Drive f: () (Fixed) (Total:3.65 GB) (Free:3.26 GB) NTFS
Drive g: (LINUX) (Fixed) (Total:6.34 GB) (Free:1.94 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: D215FAD2)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 74.5 GB) (Disk ID: 004F4E7D)
Partition 1: (Active) - (Size=17.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=56.9 GB) - (Type=0F Extended)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-11-2020
Ran by ASRock (administrator) on ASROCK-PC (10-11-2020 00:06:26)
Running from C:\Users\ASRock\Downloads
Loaded Profiles: ASRock
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(DT Soft Ltd -> DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(Elgato Systems -> Elgato Systems GmbH) C:\Program Files\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(GENIATECH INC.,LTD) [File not signed] C:\Program Files\Common Files\TotalTV Player\Remote\TTTvRc.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <34>
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\ASRock\Downloads\adwcleaner_8.0.8.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\AgentService.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\SMMonitor.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Syspectr\OOSysAgent.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Rosetta Stone Ltd -> Rosetta Stone Ltd.) C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Secunia -> Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Secunia -> Secunia) C:\Program Files\Secunia\PSI\psia.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Western Digital Technologies, Inc. -> Western Digital) C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [98408 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [175584 2020-02-19] (MiniTool Software Limited -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [26782904 2020-11-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Run: [Remote Control Editor] => C:\Program Files\Common Files\TotalTV Player\Remote\TTTvRc.exe [1836544 2017-06-19] (GENIATECH INC.,LTD) [File not signed]
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\MountPoints2: {b367d44f-541b-11e2-b3af-002522739666} - I:\wubi.exe --cdmenu
HKLM\...\Windows NT x86\Print Processors\Canon MP550 series Print Processor: C:\Windows\System32\spool\prtprocs\W32X86\CNMPD9Z.DLL [27648 2010-04-24] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP550 series: C:\Windows\system32\CNMLM9Z.DLL [272384 2010-04-24] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\Windows\system32\WSPDFelementMonitor.dll [96968 2017-04-11] (Wondershare Technology Co.,Ltd -> Wondershare Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files\CCleaner Browser\Application\86.1.6738.114\Installer\chrmstp.exe [2020-11-05] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\86.0.4240.183\Installer\chrmstp.exe [2020-11-04] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2020-10-07]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia -> Secunia)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02ACA505-55B8-4FB5-8006-FA9D0AF5124A} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [194104 2011-10-04] (Google Inc -> Google) <==== ATTENTION
Task: {04DD91AE-BEDE-4E47-BDAD-FAE5932F63EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {072430D6-05BC-4A7F-8B9A-FECBE95662F7} - System32\Tasks\AdobeAAMUpdater-1.0-ASRock-PC-ASRock => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {07405305-1F0A-44BD-B770-F2D88BCE4363} - System32\Tasks\{06168F8C-F3B0-40D2-87EE-A2FD7B8EDDF8} => C:\Windows\system32\pcalua.exe -a H:\start.exe -d H:\
Task: {111A27C6-D4C5-412E-9650-4C3ED8B55F7F} - System32\Tasks\{D87924E7-3AD2-427B-8392-0148ED919BE6} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\startuplite-setup-1.07.exe -d C:\Users\ASRock\Downloads
Task: {126782EF-1B04-4401-88AA-8965B2C05A77} - System32\Tasks\{43DA2AE2-0829-4943-8A8C-127D53E17DDB} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Desktop\OpenOffice.org 3.3 (cs) Installation Files\java\jre-windows-i586.exe" -d "C:\Users\ASRock\Desktop\OpenOffice.org 3.3 (cs) Installation Files\java"
Task: {127DAF13-2633-4B1A-ACA5-AF340DFEE60D} - System32\Tasks\{EF89E52D-7B16-4823-AF4A-6D75959E418A} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\Install-winMd5Sum.exe -d C:\Users\ASRock\Downloads
Task: {189EED5E-1CEF-48A1-B3F5-6E8B736A07F8} - System32\Tasks\{7773C2EA-9FF7-4610-A859-0FC9A6D5B179} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\smwin143en.exe -d "C:\Program Files\Mozilla Firefox"
Task: {1BED3F63-6C01-4CE8-8861-5F94F4CFE1E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {221593B6-64BA-4769-87ED-83A07ECF3071} - System32\Tasks\{7893F07A-0E28-457F-B0F7-52A3F3B42A84} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Downloads\RosettaStoneAudioOptimizerInstaller (1).exe" -d C:\Users\ASRock\Downloads
Task: {22E5F691-7D91-4248-91FD-BD2A3E07F9BA} - System32\Tasks\{C47DEF80-4E64-4D1F-A42F-494C4FCFF9FF} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller Pro"
Task: {326A97A1-51E1-4F74-876C-F15C628233F2} - System32\Tasks\Opera scheduled assistant Autoupdate 1582743760 => C:\Program Files\Opera\launcher.exe [1529368 2020-10-29] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {3549F552-257B-48A8-832E-D9CB69C7399F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-11-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {371AE9B0-6E59-4547-928F-46D9A6B19BCC} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1946312 2020-11-02] (Piriform Software Ltd -> Piriform Software)
Task: {3E78145F-6DD9-423E-B7BD-865B8159E683} - System32\Tasks\{91AF20EF-5AF8-4584-8A07-C7C852D86E4F} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\HijackThis.exe -d C:\Users\ASRock\Downloads
Task: {4EBE5834-C010-4144-9882-E371F8043EC1} - System32\Tasks\Driver Booster SkipUAC (ASRock) => C:\Program Files\IObit\Driver Booster\5.0.3\DriverBooster.exe
Task: {59C4810C-CB4D-4F79-8928-F4BAD0C94F40} - System32\Tasks\{C1F2F6AE-673D-46A8-920D-463C4E5B1EDD} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\VMHybrid_1.39.100_WLH.exe -d "C:\Program Files\Mozilla Firefox"
Task: {5EDC88C4-5E63-4220-92E7-54561F4AC3E3} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3918440 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
Task: {5F21BFAB-CF74-435E-B7F4-E91BE44E6F1E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1499240 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {606638E0-228E-4194-AD0A-E65FD8EE66BD} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1946312 2020-11-02] (Piriform Software Ltd -> Piriform Software)
Task: {6570D0A1-C3E1-4261-8F08-C3C61492279D} - System32\Tasks\{5416AA1A-98FB-4F2D-A462-8372F2B3CA74} => C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe [10320896 2017-06-19] (GENIATECH INC.,LTD) [File not signed]
Task: {7679513E-97E8-45E2-97BE-A203121D32C3} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [175584 2020-02-19] (MiniTool Software Limited -> )
Task: {799A0D78-2F92-4FCA-86DE-3C0BCF313D80} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-09-03] (Piriform Software Ltd -> Piriform Software)
Task: {7CA2B169-6A25-4CE3-83D3-2922AE05566B} - System32\Tasks\Google Updater and Installer => C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc -> Google Inc.)
Task: {9818DF56-8865-43F9-91B3-A23976B9A90F} - System32\Tasks\pcupdater_UPDATES => C:\Program Files\RadarSync\pcupdater.exe [9736256 2013-01-24] (RadarSync -> RadarSync)
Task: {999253F8-7BA1-49B9-96B7-5C75E0B49034} - System32\Tasks\Uninstaller_SkipUac_ASRock => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {9CDE696B-5C26-4575-890A-373D7B77D5D5} - System32\Tasks\{A8102A9C-D4BF-4C85-9A3E-0744B1B79E3C} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\sp43155.exe -d "C:\Program Files\Mozilla Firefox"
Task: {9EFE0CCA-43C6-4905-95C8-20391AB46793} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {A5391D08-DB7B-4F92-B137-F6410C1FE499} - System32\Tasks\{E0BFEEE6-5026-4542-9F88-F5098DF7B3B5} => C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe [10320896 2017-06-19] (GENIATECH INC.,LTD) [File not signed]
Task: {A6E342A7-34E3-420E-9F83-C72B068F907F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000UA => C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc -> Google Inc.)
Task: {AD466674-F486-4C06-8B9A-705C3E6DE535} - System32\Tasks\{524466C9-6B0A-43D7-8F9A-4B10679A0FF0} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\OnLineRecovery_JF620_v9.0.0.28.exe -d C:\Users\ASRock\Downloads
Task: {B02C6B18-6B19-47F5-BB6F-88AF561302D2} - System32\Tasks\MiniTool Shadow Maker => C:\Program Files\MiniTool ShadowMaker\SMMonitor.exe [1027056 2020-08-30] (MiniTool Software Limited -> )
Task: {CCCDC791-06DA-4B93-B256-AB7993955449} - System32\Tasks\Opera scheduled Autoupdate 1496678798 => C:\Program Files\Opera\launcher.exe [1529368 2020-10-29] (Opera Software AS -> Opera Software)
Task: {D31A2138-4536-478A-8F82-BAA22083170B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000Core => C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc -> Google Inc.)
Task: {DB3B9057-5496-4400-923D-0BB66E01678D} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-09-03] (Piriform Software Ltd -> Piriform Software)
Task: {DC48B033-C744-41DB-BD49-D619877824AB} - System32\Tasks\{57D6CE74-987F-429E-8C6A-8F883A6C5648} => C:\Windows\system32\pcalua.exe -a H:\setup.exe -d H:\
Task: {DCBE69B8-0D0B-4169-9490-D328F1AD0313} - System32\Tasks\{32355ADF-D330-48C7-985C-D24D6DAE8351} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Downloads\Instaluj.cz - 9354.exe" -d C:\Users\ASRock\Downloads
Task: {E4604FC4-C7E4-405D-AFE0-F0EB1E4B4B42} - System32\Tasks\pcupdaterRunAtStartup => C:\Program Files\RadarSync\pcupdater.exe [9736256 2013-01-24] (RadarSync -> RadarSync)
Task: {E9F302E3-E775-4F4F-8F17-D4AB0F032B5D} - System32\Tasks\{C6A505E6-58EE-4196-9BB8-7841E32C122B} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\VirtualBox-4.2.20-90983-Win.exe -d C:\Users\ASRock\Downloads
Task: {F2B5AF81-2F58-41CE-9560-A71A32D5B48D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {FF8FC8BA-12CD-4E89-8D3B-8EFAB2B00272} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26782904 2020-11-04] (Piriform Software Ltd -> Piriform Software Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 46.16.122.2
Tcpip\..\Interfaces\{E33BE343-EF5F-45B5-8D94-A4D01331B8FF}: [DhcpNameServer] 46.16.122.2
FireFox:
========
FF DefaultProfile: j9cebcfi.default
FF ProfilePath: C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default [2020-11-09]
FF user.js: detected! => C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\user.js [2016-07-24]
FF Homepage: Mozilla\Firefox\Profiles\j9cebcfi.default -> hxxps://www.seznam.cz/?clid=22668
FF Extension: (Dashlane) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\jetpack-extension@dashlane.com.xpi [2020-11-08] [UpdateUrl:hxxps://ws1.dashlane.com/5/binaries/query?logins=&platform=firefox&target=ff_web_extension&format=json&version=]
FF Extension: (Avast Passwords) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2020-05-23] [UpdateUrl:hxxps://pamcdn.avast.com/pamcdn/extensions/firefox/update.json]
FF Extension: (Emoji Cheatsheet for GitHub, Basecamp etc.) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\jid1-Xo5SuA6qc1DFpw@jetpack.xpi [2017-11-15]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2020-11-08]
FF Extension: (McAfee® WebAdvisor) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}.xpi [2020-11-09] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF Extension: (Video DownloadHelper) - C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-05-23]
FF SearchPlugin: C:\Users\ASRock\AppData\Roaming\Mozilla\Firefox\Profiles\j9cebcfi.default\searchplugins\seznam-avast.xml [2015-03-16]
FF HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-03-27] (CANON INC.) [File not signed]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-05-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-10-04] (Google Inc -> Google)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-09-03] (Piriform Software Ltd -> Piriform Software)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-09-03] (Piriform Software Ltd -> Piriform Software)
FF Plugin: @videolan.org/vlc,version=1.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2661226761-2934294044-4021329715-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ASRock\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2661226761-2934294044-4021329715-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\ASRock\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-03-25] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-2661226761-2934294044-4021329715-1000: sony.com/MediaGoDetector -> C:\Program Files\Sony\Media Go\npMediaGoDetector.dll [2016-10-24] (Sony Network Entertainment International LLC) [File not signed]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\all-gemius.js [2016-07-16]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default [2020-11-10]
CHR Notifications: Default -> hxxps://app.mondly.com; hxxps://cs.duolingo.com; hxxps://jak-vydelat-penize.pushresponse.net; hxxps://james.darpinian.com; hxxps://novaplus.nova.cz; hxxps://www.chip.cz; hxxps://www.easeus.com; hxxps://www.esky.cz; hxxps://zpravy.aktualne.cz
CHR HomePage: Default -> hxxp://www.centrum.cz/
CHR StartupUrls: Default -> "hxxp://centrum.cz/","hxxps://www.duolingo.com/","hxxps://app.mondly. ... x.php/live"
CHR Extension: (Avast Passwords) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2020-02-10]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-09]
CHR Extension: (Dashlane - Password Manager) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2020-11-07]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-10-31]
CHR Extension: (Duolingo Tweaks) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcankdajnfcbepbhjhfechmandhfplen [2015-12-06]
CHR Extension: (Duolingo Vocabulary Manager) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\mglmcjokbicehcaojghjmhfjnaooffcd [2015-12-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Chrome Media Router) - C:\Users\ASRock\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-10]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files\Sony\Media Go\MediaGoDetector.crx" <not found>
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [217088 2012-11-16] (Advanced Micro Devices, Inc. -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-11-16] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7522208 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [332344 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [2511456 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-09-03] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files\CCleaner Browser\Application\86.1.6738.114\elevation_service.exe [1136920 2020-11-02] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-09-03] (Piriform Software Ltd -> Piriform Software)
R2 EyeTV Netstream; C:\Program Files\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe [400864 2013-04-15] (Elgato Systems -> Elgato Systems GmbH)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [370792 2010-01-21] (NVIDIA Corporation -> )
R2 FoxitReaderUpdateService; C:\Program Files\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [1995184 2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [729632 2020-10-30] (McAfee, LLC -> McAfee, LLC)
R2 MTAgentService; C:\Program Files\MiniTool ShadowMaker\AgentService.exe [676336 2020-08-30] (MiniTool Software Limited -> )
R2 MTSchedulerService; C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe [204272 2020-08-30] (MiniTool Software Limited -> )
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [167528 2010-01-21] (NVIDIA Corporation -> )
R2 RosettaStoneDaemon; C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe [1646608 2012-06-19] (Rosetta Stone Ltd -> Rosetta Stone Ltd.)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia -> Secunia)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Sony Mobile Communications AB -> Avanquest Software) [File not signed]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 SyspectrAgent; C:\Program Files\OO Software\Syspectr\OOSysAgent.exe [310328 2020-09-18] (O&O Software GmbH -> O&O Software GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36496 2016-12-19] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe [263056 2011-08-01] (Western Digital Technologies, Inc. -> WDC)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdiox86; C:\Windows\System32\DRIVERS\amdiox86.sys [37944 2010-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10070016 2012-11-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [290304 2012-11-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35040 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [175776 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [189520 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [154696 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [55888 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40736 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [147712 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [375192 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [36104 2020-04-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [94192 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72840 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [691064 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [396616 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [163312 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [277960 2020-10-18] (Avast Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [78848 2016-07-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10070016 2012-11-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AVerA706; C:\Windows\System32\DRIVERS\AVerA706.sys [1223040 2010-04-08] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R3 CYDTV_SRV; C:\Windows\System32\drivers\cydtv.sys [1203200 2017-06-28] (Shenzhen Geniatech Technology LTD. -> )
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-01-01] (DT Soft Ltd -> DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [23688 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFl; C:\Windows\System32\drivers\EPMVolFl.sys [17672 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R0 EUDCPEPM; C:\Windows\System32\drivers\EUDCPEPM.sys [66184 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C:\Windows\system32\drivers\EUEDKEPM.sys [21640 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [13832 2020-07-07] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [52376 2020-01-28] (Martin Malik - REALiX -> REALiX(tm))
R1 HWiNFO_150; C:\Windows\system32\drivers\HWiNFO32_150.SYS [53152 2020-05-24] (Martin Malik - REALiX -> REALiX(tm))
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2011-03-19] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
S3 k750mdfl; C:\Windows\System32\DRIVERS\k750mdfl.sys [6576 2011-03-19] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
S3 k750mdm; C:\Windows\System32\DRIVERS\k750mdm.sys [89872 2011-03-19] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
S3 k750mgmt; C:\Windows\System32\DRIVERS\k750mgmt.sys [81728 2011-03-19] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
S3 k750obex; C:\Windows\System32\DRIVERS\k750obex.sys [79488 2011-03-19] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [73984 2020-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [169472 2016-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nvsmu; C:\Windows\System32\DRIVERS\nvsmu.sys [18944 2010-03-22] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-12-06] (Secunia -> Secunia)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [17160 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13064 2019-11-08] (MiniTool Solution Ltd -> )
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [575696 2016-12-19] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam.sys [11520 2011-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [X]
U3 DfSdkS; no ImagePath
S1 HWiNFO; \??\C:\Users\ASRock\AppData\Local\Temp\HWiNFO32.SYS [X] <==== ATTENTION
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-09 20:37 - 2020-11-09 20:38 - 008447152 _____ (Malwarebytes) C:\Users\ASRock\Downloads\adwcleaner_8.0.8.exe
2020-11-09 20:37 - 2020-11-09 20:37 - 008447152 _____ (Malwarebytes) C:\Users\ASRock\Downloads\adwcleaner_8.0.8 (1).exe
2020-11-09 20:29 - 2020-11-09 20:30 - 030460656 _____ (Piriform Software Ltd) C:\Users\ASRock\Downloads\ccsetup574.exe
2020-11-08 21:56 - 2020-11-08 22:02 - 000066453 _____ C:\Users\ASRock\Downloads\Addition.txt
2020-11-08 21:43 - 2020-11-10 00:09 - 000035940 _____ C:\Users\ASRock\Downloads\FRST.txt
2020-11-08 21:30 - 2020-11-08 21:32 - 002012672 _____ (Farbar) C:\Users\ASRock\Downloads\FRST.exe
2020-11-08 21:13 - 2020-11-08 21:13 - 000053473 _____ C:\Users\ASRock\Downloads\Vypis_z_uctu-2401825416_20201001-20201031_cislo-5.pdf
2020-11-08 19:34 - 2020-11-09 20:20 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-08 16:20 - 2020-11-08 16:20 - 001107968 _____ C:\Users\ASRock\Downloads\RSIT.exe
2020-11-08 16:07 - 2020-11-08 16:11 - 000060069 _____ C:\Users\ASRock\Desktop\Addition.txt
2020-11-08 16:01 - 2020-11-08 16:11 - 000038024 _____ C:\Users\ASRock\Desktop\FRST.txt
2020-11-07 22:33 - 2020-11-07 22:33 - 000711408 _____ C:\Users\ASRock\Downloads\cz_manual_evolveo_sigma_t2 (6).pdf
2020-11-07 22:33 - 2020-11-07 22:33 - 000711408 _____ C:\Users\ASRock\Downloads\cz_manual_evolveo_sigma_t2 (5).pdf
2020-11-07 22:13 - 2020-11-07 22:13 - 000000000 ____D C:\Users\ASRock\AppData\LocalLow\Foxit
2020-11-02 21:06 - 2020-11-02 21:06 - 000000000 ____D C:\Users\ASRock\Downloads\Simca
2020-11-02 20:56 - 2020-11-02 20:59 - 406931777 _____ C:\Users\ASRock\Downloads\Simca.zip
2020-10-27 22:55 - 2020-11-09 20:53 - 000257746 _____ C:\Windows\ntbtlog.txt
2020-10-26 20:33 - 2020-10-26 20:34 - 000007664 _____ C:\Users\ASRock\Documents\cc_20201026_203352.reg
2020-10-26 20:23 - 2020-10-26 20:24 - 029853224 _____ (Piriform Software Ltd) C:\Users\ASRock\Downloads\ccsetup573.exe
2020-10-21 23:09 - 2020-10-21 23:09 - 000570586 _____ (Authorsoft Corporation ) C:\Users\ASRock\Downloads\USBFormatToolSetup (1).exe
2020-10-20 23:41 - 2020-10-20 23:41 - 000001220 _____ C:\Users\Public\Desktop\EaseUS Partition Master 14.5.lnk
2020-10-20 23:41 - 2020-10-20 23:41 - 000001220 _____ C:\ProgramData\Desktop\EaseUS Partition Master 14.5.lnk
2020-10-20 23:41 - 2020-10-20 23:41 - 000000000 ____D C:\ProgramData\SystemAcCrux
2020-10-20 23:41 - 2020-10-20 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 14.5
2020-10-20 23:41 - 2020-07-07 14:14 - 000149128 _____ C:\Windows\system32\setupempdrv03.exe
2020-10-20 23:41 - 2020-07-07 14:14 - 000023688 _____ C:\Windows\system32\epmntdrv.sys
2020-10-20 23:41 - 2020-07-07 14:14 - 000017672 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\EPMVolFl.sys
2020-10-20 23:41 - 2020-07-07 14:14 - 000017672 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\EPMVolFl.sys
2020-10-20 23:41 - 2020-07-07 14:14 - 000013832 _____ C:\Windows\system32\EuGdiDrv.sys
2020-10-20 23:41 - 2020-07-07 14:12 - 003734664 _____ C:\Windows\system32\BootMan.exe
2020-10-20 23:41 - 2020-07-07 14:12 - 000024712 _____ C:\Windows\system32\EuEpmGdi.dll
2020-10-20 23:41 - 2020-07-07 14:11 - 000066184 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\EUDCPEPM.sys
2020-10-20 23:41 - 2020-07-07 14:11 - 000021640 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\EUEDKEPM.sys
2020-10-20 23:41 - 2020-02-23 13:49 - 000000057 _____ C:\Windows\system32\setupepmdrv.ini
2020-10-20 23:40 - 2020-10-20 23:40 - 047169616 _____ (EaseUS ) C:\Users\ASRock\Downloads\epm_free_easeus.exe
2020-10-20 23:40 - 2020-10-20 23:40 - 000000000 ____D C:\Program Files\EaseUS
2020-10-20 23:39 - 2020-10-20 23:39 - 001710608 _____ C:\Users\ASRock\Downloads\epm_free_installer.exe
2020-10-20 23:06 - 2020-10-20 23:06 - 000226437 _____ C:\Users\ASRock\Downloads\Stepankovi_2.pdf.zip
2020-10-20 00:30 - 2020-10-20 00:30 - 000080038 _____ C:\Users\ASRock\Downloads\kupon.pdf
2020-10-19 21:46 - 2020-10-19 21:46 - 000002060 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2020-10-19 21:46 - 2020-10-19 21:46 - 000002060 _____ C:\ProgramData\Desktop\Foxit Reader.lnk
2020-10-19 21:46 - 2020-10-19 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2020-10-18 09:04 - 2020-10-18 09:03 - 000285280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-10-18 09:03 - 2020-10-18 09:03 - 000163312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-10-18 09:03 - 2020-10-18 09:03 - 000147712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-10-17 22:19 - 2020-10-17 22:19 - 000000000 ____D C:\Users\ASRock\Downloads\Honza_Kozel.pdf
2020-10-17 22:16 - 2020-10-17 22:17 - 000206693 _____ C:\Users\ASRock\Downloads\Honza_Kozel.pdf.zip
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-10 00:08 - 2017-11-23 10:39 - 000000000 ____D C:\FRST
2020-11-10 00:04 - 2016-09-09 22:25 - 000000000 ____D C:\Users\ASRock\AppData\Local\AVAST Software
2020-11-09 21:32 - 2011-03-07 17:49 - 000000000 ____D C:\ProgramData\AVAST Software
2020-11-09 21:05 - 2009-07-14 05:34 - 000026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-11-09 21:05 - 2009-07-14 05:34 - 000026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-11-09 20:56 - 2020-10-01 23:34 - 000000000 ____D C:\Users\ASRock\AppData\Roaming\QtProject
2020-11-09 20:51 - 2011-03-21 00:23 - 000000000 ____D C:\Program Files\CCleaner
2020-11-09 20:49 - 2016-05-31 15:13 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2020-11-09 20:48 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-11-09 20:46 - 2018-05-06 00:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2020-11-09 20:46 - 2018-05-06 00:18 - 000000000 ____D C:\Users\ASRock\AppData\Roaming\Samsung
2020-11-09 20:46 - 2018-05-06 00:17 - 000000000 ____D C:\Program Files\Samsung
2020-11-09 20:45 - 2016-07-24 23:30 - 000000000 ____D C:\Program Files\Common Files\IObit
2020-11-09 20:45 - 2016-07-24 22:57 - 000000000 ____D C:\Users\ASRock\AppData\LocalLow\IObit
2020-11-09 20:45 - 2016-07-24 22:57 - 000000000 ____D C:\ProgramData\IObit
2020-11-09 20:45 - 2011-03-23 01:27 - 000000000 ____D C:\Users\ASRock\AppData\Roaming\IObit
2020-11-09 20:31 - 2017-11-09 00:06 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-11-09 20:31 - 2011-03-21 00:23 - 000000934 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-11-09 20:31 - 2011-03-21 00:23 - 000000934 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-11-09 20:24 - 2017-03-13 21:54 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-11-09 20:20 - 2015-05-16 22:51 - 000000924 _____ C:\Windows\Tasks\Google Software Updater.job
2020-11-09 20:20 - 2014-05-16 09:17 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2020-11-09 00:56 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\tracing
2020-11-09 00:51 - 2017-04-03 08:47 - 000000000 ____D C:\Users\ASRock\AppData\LocalLow\Mozilla
2020-11-09 00:22 - 2020-10-07 18:59 - 000002982 _____ C:\Windows\system32\Tasks\{E0BFEEE6-5026-4542-9F88-F5098DF7B3B5}
2020-11-09 00:22 - 2020-10-07 18:59 - 000002982 _____ C:\Windows\system32\Tasks\{5416AA1A-98FB-4F2D-A462-8372F2B3CA74}
2020-11-09 00:22 - 2020-10-01 23:33 - 000002998 _____ C:\Windows\system32\Tasks\MiniTool Shadow Maker
2020-11-09 00:22 - 2020-10-01 23:32 - 000003184 _____ C:\Windows\system32\Tasks\MiniToolPartitionWizard
2020-11-09 00:22 - 2020-09-18 19:34 - 000003176 _____ C:\Windows\system32\Tasks\{524466C9-6B0A-43D7-8F9A-4B10679A0FF0}
2020-11-09 00:22 - 2020-07-06 21:32 - 000004464 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-11-09 00:22 - 2019-07-18 11:39 - 000003132 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2020-11-09 00:22 - 2019-07-18 11:38 - 000003714 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2020-11-09 00:22 - 2019-07-18 11:37 - 000003426 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2020-11-09 00:22 - 2019-07-18 11:37 - 000003298 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2020-11-09 00:22 - 2018-08-20 11:40 - 000002794 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-11-09 00:22 - 2017-11-22 18:06 - 000003836 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1496678798
2020-11-09 00:22 - 2015-12-03 17:47 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-11-09 00:22 - 2011-08-18 02:09 - 000003586 _____ C:\Windows\system32\Tasks\Google Software Updater
2020-11-09 00:22 - 2011-08-18 02:09 - 000003374 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-11-09 00:22 - 2011-08-18 02:09 - 000003246 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-08 20:12 - 2013-08-16 20:00 - 000000000 ____D C:\Users\ASRock\Desktop\Pro Honzíka
2020-11-08 16:20 - 2013-04-24 19:25 - 000000000 ____D C:\Program Files\trend micro
2020-11-06 19:04 - 2020-05-29 14:30 - 000001994 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-05 21:20 - 2019-07-18 11:40 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2020-11-05 21:20 - 2019-07-18 11:40 - 000002190 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2020-11-05 21:20 - 2019-07-18 11:40 - 000002190 _____ C:\ProgramData\Desktop\CCleaner Browser.lnk
2020-11-05 21:20 - 2019-07-18 11:37 - 000000000 ____D C:\Program Files\CCleaner Browser
2020-11-04 23:42 - 2014-02-22 21:06 - 000002135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-04 23:42 - 2014-02-22 21:06 - 000002094 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-04 23:42 - 2014-02-22 21:06 - 000002094 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-11-03 21:57 - 2017-06-05 17:06 - 000000000 ____D C:\Program Files\Opera
2020-10-31 00:34 - 2011-03-07 17:09 - 001704428 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-31 00:34 - 2009-07-14 09:44 - 000713412 _____ C:\Windows\system32\perfh005.dat
2020-10-31 00:34 - 2009-07-14 09:44 - 000158440 _____ C:\Windows\system32\perfc005.dat
2020-10-31 00:34 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2020-10-26 20:34 - 2014-10-19 21:29 - 000796160 ___SH C:\Users\ASRock\Desktop\Thumbs.db
2020-10-21 23:20 - 2018-06-23 18:38 - 000001099 _____ C:\Users\ASRock\Desktop\USB Disk Storage Format Tool.lnk
2020-10-21 23:20 - 2018-06-23 18:38 - 000000063 _____ C:\Users\ASRock\Desktop\Create Bootable USB.url
2020-10-21 23:20 - 2018-06-23 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Storage Format Tool 5.3
2020-10-21 23:20 - 2018-06-23 18:38 - 000000000 ____D C:\Program Files\USB Disk Storage Format Tool
2020-10-19 21:49 - 2013-08-04 13:27 - 000000993 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-10-19 21:49 - 2013-08-04 13:27 - 000000993 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-10-19 21:47 - 2018-12-06 21:52 - 000001233 _____ C:\Users\Public\Desktop\Skype.lnk
2020-10-19 21:47 - 2018-12-06 21:52 - 000001233 _____ C:\ProgramData\Desktop\Skype.lnk
2020-10-19 21:47 - 2018-12-06 21:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-10-19 21:47 - 2012-05-06 17:59 - 000000000 ____D C:\Users\ASRock\AppData\Roaming\Skype
2020-10-19 21:46 - 2016-08-25 21:41 - 000000000 ____D C:\ProgramData\Foxit Software
2020-10-19 21:44 - 2019-11-13 20:00 - 000000068 _____ C:\Users\Public\Documents\pre_fileassoc.tmp
2020-10-19 21:44 - 2019-11-13 20:00 - 000000068 _____ C:\ProgramData\Documents\pre_fileassoc.tmp
2020-10-18 09:19 - 2020-04-15 18:34 - 000375192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-10-18 09:06 - 2011-03-26 10:56 - 000000000 ____D C:\Windows\system32\Macromed
2020-10-18 09:03 - 2019-01-08 23:14 - 000154696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-10-18 09:03 - 2019-01-08 23:14 - 000055888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-10-18 09:03 - 2018-11-15 20:43 - 000040736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-10-18 09:03 - 2013-03-18 13:32 - 000277960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-10-18 09:03 - 2013-03-18 13:32 - 000072840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-10-18 09:03 - 2012-03-14 14:35 - 000094192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-10-18 09:03 - 2011-03-07 17:50 - 000396616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-10-18 09:02 - 2019-01-14 20:32 - 000189520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-10-18 09:02 - 2019-01-08 23:14 - 000035040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-10-18 09:02 - 2018-01-10 20:27 - 000175776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-10-18 09:02 - 2011-03-07 17:50 - 000691064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-10-15 23:41 - 2014-05-29 10:05 - 000000000 ____D C:\Users\ASRock\Desktop\SonEric_28_5_2014
2020-10-14 22:38 - 2013-02-14 17:37 - 000000000 ____D C:\Users\ASRock\Desktop\RECEPTY
==================== Files in the root of some directories ========
2013-09-19 16:58 - 2013-09-19 16:58 - 000000000 _____ () C:\Users\ASRock\AppData\Roaming\pdfperformer
2015-01-05 14:23 - 2015-01-05 14:25 - 000011264 ___SH () C:\Users\ASRock\AppData\Roaming\Thumbs.db
2011-06-23 17:32 - 2016-06-06 22:30 - 000006144 _____ () C:\Users\ASRock\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-06-23 19:04 - 2018-06-23 19:04 - 000000001 _____ () C:\Users\ASRock\AppData\Local\llftool.4.40.agreement
2016-01-16 15:19 - 2016-01-16 15:19 - 000003977 _____ () C:\Users\ASRock\AppData\Local\recently-used.xbel
2011-09-05 13:04 - 2012-04-11 23:24 - 000007605 _____ () C:\Users\ASRock\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-11-05 21:39
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-11-2020
Ran by ASRock (10-11-2020 00:14:13)
Running from C:\Users\ASRock\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2011-03-07 15:57:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2661226761-2934294044-4021329715-500 - Administrator - Disabled)
ASRock (S-1-5-21-2661226761-2934294044-4021329715-1000 - Administrator - Enabled) => C:\Users\ASRock
Guest (S-1-5-21-2661226761-2934294044-4021329715-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2661226761-2934294044-4021329715-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (HKLM\...\{23170F69-40C1-2701-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
AbiWord 2.8.6 (HKLM\...\AbiWord2) (Version: 2.8.6 - AbiSource Developers)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20064 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{E43B4909-141E-DFF3-8C58-62B5E4D66BBA}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM\...\{0CAE2FF0-AFC9-733D-EC3C-04BCB6B3C06F}) (Version: 2.0.4251.33734 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 20.8.2432 - Avast Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CalcRC 2.5 verze 2.5 (HKLM\...\{A50CCD4D-7B79-47D9-B6B8-415E4D9A1E9C}}_is1) (Version: 2.5 - Tomecek)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: - )
Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version: - )
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.74 - Piriform)
CCleaner Browser (HKLM\...\CCleaner Browser) (Version: 86.1.6738.114 - Autoři prohlížeče CCleaner Browser)
CSE HTML Validator Standard v12.03 (HKLM\...\CSEHTMLVALIDATOR120_is1) (Version: 12.3.0.0 - AI Internet Solutions LLC)
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 5.1.0.0333 - DT Soft Ltd)
Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Driver Install 32bit (HKLM\...\{98ECAF17-9201-4E2D-B689-4F277C12FB17}) (Version: 1.32.1748.0 - Shenzhen Geniatech Inc.,Ltd)
EaseUS Partition Master 14.5 (HKLM\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EyeTV Netstream for Windows Media Center (HKLM\...\EyeTV Netstream Service) (Version: 1.01.00.16 - Elgato Systems GmbH)
FastStone Image Viewer 4.2 (HKLM\...\FastStone Image Viewer) (Version: 4.2 - FastStone Soft)
File Identifier (HKLM\...\{C257E434-E8F1-4E06-A616-598E4933553E}_is1) (Version: 1.0.10 - Sharpened Productions)
File Viewer Plus (HKLM\...\{C8B24B83-920A-446E-B027-38F72C9D8898}_is1) (Version: 2.0.0 - Sharpened Productions)
Firehand Ember (HKLM\...\Firehand Ember) (Version: - )
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 10.0.1.35811 - Foxit Software Inc.)
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
FreeCommander 2009.02b (HKLM\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
FreeOCR v5.4 (HKLM\...\freeocr_is1) (Version: - )
GeoShow3D Lite (HKLM\...\GeoShow3D Lite) (Version: - )
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Goniometrické funkce (HKLM\...\Goniometrické funkce) (Version: - )
Google Drive (HKLM\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Earth Pro (HKLM\...\{59F21DFB-6977-434B-9CB9-67783D6E7B6B}) (Version: 7.3.3.7786 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 86.0.4240.183 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Google+ Auto Backup (HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.09) (Version: 9.09 - Artifex Software Inc.)
Hard Disk Low Level Format Tool 4.40 (HKLM\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU)
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
HD Tune Pro 4.50 (HKLM\...\HD Tune Pro_is1) (Version: - EFD Software)
Hetman Partition Recovery 2.2 (HKLM\...\Hetman Partition Recovery) (Version: - )
HWiNFO32 Version 6.26 (HKLM\...\HWiNFO32_is1) (Version: 6.26 - Martin Malik - REALiX)
Icecream Screen Recorder version 1.37 (HKLM\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 1.37 - Icecream Apps)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Java 8 Update 251 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\jdownloader09) (Version: 0.9 - AppWork GmbH)
KiCad 2013.03.04 (HKLM\...\KiCad) (Version: 2013.03.04 - )
Ladicka (HKLM\...\Ladicka) (Version: - )
Media Go (HKLM\...\{60CDD65B-61AD-4BE4-BEA8-BB2D15534D4B}) (Version: 3.2.191 - Sony)
Media Go Video Playback Engine 2.20.109.05220 (HKLM\...\{B48AA269-C017-875E-AE23-CE1DCEE07626}) (Version: 2.20.109.05220 - Sony)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft IntelliPoint 7.1 (HKLM\...\{7057ABC2-EFF3-4E43-9806-8BCB6EEA9FE6}) (Version: 7.10.344.0 - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MiniTool Partition Wizard Free 12 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Software Limited)
MiniTool Partition Wizard verze 1.5 (HKLM\...\MiniTool Partition Wizard_is1) (Version: 1.5 - )
MiniTool ShadowMaker PW Edition (HKLM\...\MT-75D7C412-925B-4AD0-90DC-5E4FEE22EAE1_is1) (Version: 3.5 - MiniTool Software Limited)
Minus Desktop Tool 1.7 (HKLM\...\Minus_is1) (Version: 1.7 - Minus Inc.)
Mozilla Firefox 82.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 82.0.2 (x86 en-US)) (Version: 82.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 82.0.2.7605 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NEC Electronics USB 3.0 Host Controller Driver (HKLM\...\{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
NEC Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
Nero 7 Essentials (HKLM\...\{9B4E6CB9-E54D-47F7-A414-E2D5740E1029}) (Version: 7.02.8507 - Nero AG)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM\...\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7325.0 - NVIDIA Corporation)
O&O Syspectr (HKLM\...\{CE8921E4-D3AC-43A6-BD3D-356546A076D7}) (Version: 0.200.46 - O&O Software GmbH)
OpenOffice 4.1.7 (HKLM\...\{E3E3C1D4-6886-4EDB-9F12-335641465055}) (Version: 4.17.9800 - Apache Software Foundation)
OpenWith.org 1.0.3 (HKLM\...\{B52F8C4B-FE88-4B59-9B80-1C93669D7DEB}_is1) (Version: - OpenWith.org)
Opera Stable 37.0.2178.32 (HKU\.DEFAULT\...\Opera 37.0.2178.32) (Version: 37.0.2178.32 - Opera Software)
Opera Stable 72.0.3815.186 (HKLM\...\Opera 72.0.3815.186) (Version: 72.0.3815.186 - Opera Software)
Paragon Partition Manager™ 2013 Free (HKLM\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PCLab (HKLM\...\PCLab) (Version: - )
PDF Editor 5 (HKLM\...\PDF Editor 5) (Version: - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Platform (HKLM\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Hidden
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Podpora aplikací Apple (32bitová) (HKLM\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
ProfiCAD (HKLM\...\ProfiCAD_is1) (Version: - )
Psaní všemi deseti 1.5 (HKLM\...\Psaní všemi deseti_is1) (Version: - Richard Šusta, David Vejchoda)
RadarSync PC Updater 2012 (HKLM\...\RadarSync PC Updater 2012_is1) (Version: 4.1.0.14931 - RadarSync Ltd)
rajče průvodce verze 1.59.45.260 (HKLM\...\rajče.net_is1) (Version: - rajče.net)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Registrace uživatele zařízení Canon MP550 series (HKLM\...\Registrace uživatele zařízení Canon MP550 series) (Version: - )
Revo Uninstaller 1.92 (HKLM\...\Revo Uninstaller) (Version: 1.92 - VS Revo Group)
Rosetta Stone Ltd Services (HKLM\...\{3165E4A6-D5DE-46B0-8597-D55E2B826B84}) (Version: 3.2.21 - Rosetta Stone Ltd.)
Rosetta Stone TOTALe (HKLM\...\{6B6BC189-D606-4BC7-9758-E6C364F76A55}) (Version: 4.5.5.0 - Rosetta Stone, Ltd)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Scope (HKLM\...\{59E13EA0-9604-47DF-BEB7-3651E6E09221}) (Version: 1.22.0 - Zeitnitz)
Secunia PSI (3.0.0.9016) (HKLM\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
SequoiaView (HKLM\...\SequoiaView) (Version: - )
SES Driver (HKLM\...\{0673654C-5296-453B-9798-B61CD7E03FEB}) (Version: 1.0.0 - Western Digital)
Skype Click to Call (HKLM\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype verze 8.65 (HKLM\...\Skype_is1) (Version: 8.65 - Skype Technologies S.A.)
Software Informer 1.1 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
Sony PC Companion 2.10.303 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Sound Control v2.15 (HKLM\...\Sound Control_is1) (Version: - Really Effective)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
TotalDocConverter (HKLM\...\Total Doc Converter_is1) (Version: - Softplicity, Inc.)
TotalTV Player (HKLM\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.32.4 - )
Unity Web Player (HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Universal Viewer (HKLM\...\Universal Viewer) (Version: - UVViewSoft)
USB Disk Storage Format Tool 6.0 (HKLM\...\USB Disk Storage Format Tool_is1) (Version: - Authorsoft Corporation)
USB Flash Drive Format Tool 1.0 (HKLM\...\USB Flash Drive Format Tool_is1) (Version: - Rogosoft Corporation)
VIA Platforma Ovladače zařízení (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VideoMate T, M, P, S Series Driver (HKLM\...\{41E340F0-0BD6-4A87-AF29-E9E584471756}) (Version: 1.39.100 - )
Visual Analyser 2011 (HKLM\...\{BE2F9F39-9512-4DFD-A412-0355A2FE66D3}) (Version: 14.0.0.19 - Alfredo Accattatis)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WD SmartWare (HKLM\...\{51B055DD-A5F8-4D0C-A09C-66E58AD56F20}) (Version: 1.5.1 - Western Digital)
WebAdvisor od společnosti McAfee (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.163 - McAfee, LLC)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Wondershare Helper Compact 2.5.2 (HKLM\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Wondershare PDFelement 6 Pro(Build 6.2.2) (HKLM\...\{B026557A-EF19-4812-8A79-B30F94AA0A78}_is1) (Version: 6.2.2.2615 - Wondershare Software Co.,Ltd.)
Wondershare PDFelement(Build 7.5.3) (HKLM\...\{77078E40-A92E-47FD-A0F6-168A4BF6CF3A}_is1) (Version: 7.5.3.4801 - Wondershare Software Co.,Ltd.)
World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version: - Wargaming.net)
Xml Viewer (HKLM\...\{F58E04CD-6E76-43C8-AAF1-482225C2910E}) (Version: 3 - MindFusion Limited)
Zoner Context 4 Lite (HKLM\...\{B55C39AA-34DB-11D5-A3A9-004F4E01877A}) (Version: 4.0.0.0 - Zoner software, s.r.o.)
Zoom (HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\ASRock\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS -> Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}\InprocServer32 -> C:\Program Files\AVAST Software\Avast\ashShell.dll (Avast Software s.r.o. -> AVAST Software)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{7B0EFEE5-076F-A2E3-8F15-9DDAC7CC61C3}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-18] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-05-04] (Nero AG -> Nero AG)
ContextMenuHandlers1: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files\DAEMON Tools Pro\DTShl32.dll [2012-04-26] (DT Soft Ltd -> DT Soft Ltd)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers1: [OpenWith.org] -> {1569D0D3-1127-48A2-A4BC-958553F472C5} => C:\Program Files\OpenWith.org Desktop Tool\OpenWith.org Shell Extension.dll [2009-03-13] (OpenWith.org) [File not signed]
ContextMenuHandlers1: [PeContextMenuExtension] -> {098A124A-AA1C-38C8-A65E-D1199A14516A} => C:\Program Files\Common Files\Wondershare\PDFelement\AddIns\PEShellExt_x86.dll [2020-04-16] (Wondershare Technology Co.,Ltd -> Wondershare)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers1: [TotalConverter] -> {280CFDE1-1354-4431-92F3-03073BA593FB} => C:\Program Files\TotalDocConverter\axTotalConverter.dll [2006-11-30] () [File not signed]
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\WDContextMenuHandler.dll [2011-08-01] (Western Digital) [File not signed]
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\WDContextMenuHandler.dll [2011-08-01] (Western Digital) [File not signed]
ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files\DAEMON Tools Pro\DTShl32.dll [2012-04-26] (DT Soft Ltd -> DT Soft Ltd)
ContextMenuHandlers2: [Hetman Partition Recovery] -> {66953641-5DA9-4A81-82E8-2727300BBD29} => C:\Program Files\Hetman Software\Hetman Partition Recovery 2.2\Resources\DiskMenu.dll [2014-11-27] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2012-11-16] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\WDContextMenuHandler.dll [2011-08-01] (Western Digital) [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2013-04-15 09:06 - 2013-04-15 09:06 - 000032768 _____ () [File not signed] C:\Program Files\Elgato\EyeTV Netstream\Interop.NetFwTypeLib.dll
2013-04-15 09:06 - 2013-04-15 09:06 - 000014848 _____ () [File not signed] C:\Program Files\Elgato\EyeTV Netstream\Interop.UPNPLib.dll
2020-10-01 23:32 - 2020-08-29 04:47 - 000085504 _____ () [File not signed] C:\Program Files\MiniTool ShadowMaker\coresync.dll
2020-10-01 23:32 - 2019-08-15 04:52 - 000064000 _____ () [File not signed] C:\Program Files\MiniTool ShadowMaker\SMTPEmail.dll
2011-10-14 10:21 - 2006-11-30 15:03 - 000434688 _____ () [File not signed] C:\Program Files\TotalDocConverter\axTotalConverter.dll
2010-11-02 07:33 - 2010-11-02 07:33 - 000886272 _____ () [File not signed] C:\Program Files\Western Digital\WD SmartWare\System.Data.SQLite.dll
2011-08-01 06:34 - 2011-08-01 06:34 - 000064000 _____ () [File not signed] C:\Program Files\Western Digital\WD SmartWare\WDCollections.dll
2011-06-02 11:23 - 2010-04-24 04:00 - 000272384 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMLM9Z.DLL
2011-03-19 15:28 - 2010-04-24 05:00 - 000027648 _____ (CANON INC.) [File not signed] C:\Windows\system32\spool\PRTPROCS\W32X86\CNMPD9Z.DLL
2018-04-21 22:37 - 2015-12-04 20:43 - 000021504 _____ (eMPIA Technology, Inc.) [File not signed] C:\Program Files\Common Files\TotalTV Player\Remote\BDADLL.dll
2020-10-01 23:32 - 2020-08-29 04:47 - 000150016 _____ (Chengdu Speed Digital Technology Co..Ltd.) [File not signed] C:\Program Files\MiniTool ShadowMaker\FileInfoCommon.dll
2020-10-01 23:32 - 2020-08-29 04:47 - 000055808 _____ (Chengdu Speed Digital Technology Co..Ltd.) [File not signed] C:\Program Files\MiniTool ShadowMaker\ChannelNetFileInfo.dll
2003-03-18 21:12 - 2003-03-18 21:12 - 001047552 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
2003-03-19 07:14 - 2003-03-19 07:14 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll
2003-02-21 15:42 - 2003-02-21 15:42 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll
2003-03-19 07:20 - 2003-03-19 07:20 - 001060864 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL
2019-03-27 22:48 - 2019-03-27 22:48 - 000115200 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2011-12-14 21:38 - 2011-12-14 21:38 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2020-07-09 22:51 - 2020-07-09 22:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\MSVCP140.dll
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\ucrtbase.DLL
2020-11-09 20:26 - 2020-11-09 20:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20110904\avast.local_vc142.crt\VCRUNTIME140.dll
2020-10-01 23:32 - 2013-09-20 10:21 - 000067072 _____ (NT KERNEL RESOURCES LAB.) [File not signed] C:\Program Files\MiniTool ShadowMaker\vdskapi.dll
2012-01-03 14:07 - 2009-03-13 16:36 - 000026112 _____ (OpenWith.org) [File not signed] C:\Program Files\OpenWith.org Desktop Tool\OpenWith.org Shell Extension.dll
2020-09-23 21:48 - 2020-09-23 21:48 - 001261568 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\OO Software\Syspectr\SQLite.Interop.dll
2020-10-01 23:32 - 2017-09-14 13:45 - 000037888 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\bearer\qgenericbearer.dll
2020-10-01 23:32 - 2017-09-14 13:45 - 000039424 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\bearer\qnativewifibearer.dll
2020-10-01 23:32 - 2017-09-14 13:45 - 000024576 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\imageformats\qgif.dll
2020-10-01 23:32 - 2017-09-14 13:53 - 000030720 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\imageformats\qicns.dll
2020-10-01 23:32 - 2017-09-14 13:45 - 000025088 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\imageformats\qico.dll
2020-10-01 23:32 - 2017-09-14 13:45 - 000243200 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\imageformats\qjpeg.dll
2020-10-01 23:32 - 2017-09-14 13:53 - 000018944 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\imageformats\qsvg.dll
2020-10-01 23:32 - 2017-09-14 13:53 - 000017920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\imageformats\qtga.dll
2020-10-01 23:32 - 2017-09-14 13:53 - 000313344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\imageformats\qtiff.dll
2020-10-01 23:32 - 2017-09-14 13:53 - 000017920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\imageformats\qwbmp.dll
2020-10-01 23:32 - 2017-09-14 13:53 - 000324608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\imageformats\qwebp.dll
2020-10-01 23:32 - 2017-09-14 13:46 - 001012224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\platforms\qwindows.dll
2020-10-01 23:32 - 2016-09-25 16:39 - 000251392 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\Qt5Svg.dll
2020-10-01 23:32 - 2017-09-14 13:45 - 000689664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\sqldrivers\qsqlite.dll
2020-10-01 23:32 - 2020-08-29 04:47 - 001228288 _____ (TODO: <Company name>) [File not signed] C:\Program Files\MiniTool ShadowMaker\core7z.dll
2020-09-23 21:49 - 2020-07-22 14:11 - 002122240 _____ (TODO: <Company name>) [File not signed] C:\Program Files\OO Software\Syspectr\Modules\8648d6ec-91ba-46f4-a6f4-2c2c58d88daf\CDI-Lib-Win32.dat
2011-08-01 09:07 - 2011-08-01 09:07 - 000329728 _____ (Western Digital) [File not signed] C:\Program Files\Western Digital\WD SmartWare\WDContextMenuHandler.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-05-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-10-30] (McAfee, LLC -> McAfee, LLC)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-05-16] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files\Geniatech\TotalTV Player\THCDeskBand.dll [2017-06-19] (GENIATECH INC.,LTD) [File not signed]
Toolbar: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (Canon Inc. -> CANON INC.)
Toolbar: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000 -> No Name - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21] (Skype Technologies SA -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2019-01-04 20:22 - 000000068 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ASRock\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 46.16.122.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Avast Cleanup Premium.lnk => C:\Windows\pss\Avast Cleanup Premium.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVer HID Receiver.lnk => C:\Windows\pss\AVer HID Receiver.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk => C:\Windows\pss\AVerQuick.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ASRock^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.lnk => C:\Windows\pss\OpenOffice.org 3.4.lnk.Startup
MSCONFIG\startupfolder: C:^Users^ASRock^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Sound Control.lnk => C:\Windows\pss\Sound Control.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AshSnap => C:\Program Files\Ashampoo\Ashampoo Snap 4\ashsnap.exe
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: Google Quick Search Box => "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
MSCONFIG\startupreg: Google Update => "C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\ASRock\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
MSCONFIG\startupreg: NeroFilterCheck =>
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Sony Ericsson PC Companion => "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TuneupUI.exe => "C:\Program Files\Avast Software\Cleanup\TuneupUI.exe" /nogui
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{60DF021B-9A80-4628-95ED-BEC6B27D1B21}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{BCE470F4-3112-40D4-83FA-0E36EB48420A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{93B6E010-6A25-4F30-B398-F3EC5D0DD673}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{9234EA94-C968-4574-894C-72BC12C5ABE8}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming.net LLP -> Wargaming.net) [File not signed]
FirewallRules: [UDP Query User{99646DB9-6489-4ABA-B94A-1C657FE74FB7}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming.net LLP -> Wargaming.net) [File not signed]
FirewallRules: [TCP Query User{5BAD410E-8E16-4807-9CDF-71A605324C75}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net LLP -> Wargaming.net) [File not signed]
FirewallRules: [UDP Query User{F32BC3ED-2C74-48C7-B434-D1B7F6509D33}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net LLP -> Wargaming.net) [File not signed]
FirewallRules: [{A3FF6EF4-0EAB-4432-BF6D-0282FA359740}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9B74D3DA-9B84-4737-B366-CC3D635F9D3F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{879CE865-2FB7-4C34-8D7F-C9EC724B0593}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{3755EEF4-511C-45D1-8E5A-4245911B7ADE}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{506112E1-7F75-4452-83C6-86278564C835}] => (Block) LPort=445
FirewallRules: [{0587DDA9-5A9D-463C-84F3-29C86CC1D3F0}] => (Block) LPort=445
FirewallRules: [{06AFF714-1CFC-4BBF-BD8B-C5C4CFFF65D2}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\InstTool.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{B903561F-DB08-4476-93F1-54C519459239}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\InstTool.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{768A0F84-6DD9-4352-A896-60C93847167C}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{BA23D28E-3CE9-474A-800F-A2A9678A8DCF}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{D9C1F29F-267D-4834-85A2-6DAED1D7F7A1}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{A4577353-D512-4883-B2A8-D0174A77912E}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [TCP Query User{43506699-BFA8-46C7-969F-36967A2F916A}C:\program files\sony\media go\mediago.exe] => (Block) C:\program files\sony\media go\mediago.exe (Sony Network Entertainment International LLC -> Sony Network Entertainment International LLC)
FirewallRules: [UDP Query User{8F6C3A22-040D-4240-A790-EA72FBB48700}C:\program files\sony\media go\mediago.exe] => (Block) C:\program files\sony\media go\mediago.exe (Sony Network Entertainment International LLC -> Sony Network Entertainment International LLC)
FirewallRules: [{4A78B1A6-BA93-4862-9956-E5F4A61798DC}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E1069FC0-E1C0-4EC8-9655-982223D106DE}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F1687F9A-B6F3-4991-83BF-9D2332945C9D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{53E3A275-E5E2-4309-9739-729C7E408F7A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A5B4CB04-8996-4A0C-9B1A-92AAC1593820}] => (Allow) C:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe (Rosetta Stone Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{9994FB61-FF84-4D3B-B89A-7E2EC83D5742}] => (Allow) C:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe (Rosetta Stone Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{B6F77E66-C7F8-4308-9E92-DDFDFD778963}] => (Allow) C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe (Rosetta Stone Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{B208465D-56D4-4E2B-BB71-D03F66B4F63A}] => (Allow) C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe (Rosetta Stone Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{ADBF8810-7BB8-46ED-AE42-4D4EC50F3DFE}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{AD36DD4E-5A34-4B7D-B659-EB24EE8D6334}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{43B12C5E-F5B1-4DDF-B4CC-DF45126E5CF3}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{73867CCB-A603-4360-8D68-1B4B9DB5DCDE}] => (Allow) C:\Program Files\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{F3341A93-B7EE-4CC0-BE50-90DCA7C5D6F1}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F05F7456-12A5-4B2C-BA74-7BDEA71D26BA}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AFBDBE72-1568-477C-AE67-D5485B12B9B3}] => (Allow) C:\Program Files\Opera\71.0.3770.284\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{BF58789D-876E-4408-8828-BA55037582A6}] => (Allow) C:\Program Files\Opera\72.0.3815.186\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{E591E108-FE5D-466D-93FA-405D136B5645}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C2201953-1DB5-4E39-BC32-3E565CC4A69E}] => (Allow) C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{CFAC25EB-71A7-4D48-AA51-C56D58E80E71}] => (Allow) C:\Windows\ehome\ehrecvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{463572D9-FC48-4B06-AFCE-617DEDBBE803}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> )
FirewallRules: [{1A3339F9-0B87-41E1-95CA-0269DC54AB61}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> )
==================== Restore Points =========================
31-10-2020 22:59:31 Naplánovaný kontrolní bod
09-11-2020 20:45:21 AdwCleaner_BeforeCleaning_09/11/2020_20:45:17
==================== Faulty Device Manager Devices ============
Name: HWiNFO Kernel Driver
Description: HWiNFO Kernel Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HWiNFO
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (11/09/2020 11:23:15 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (11/09/2020 10:23:13 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (11/09/2020 09:23:20 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (11/09/2020 08:45:21 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {4f62cab8-da6b-4a3a-abc1-80e6170244df}
Error: (11/09/2020 08:39:09 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (11/09/2020 08:26:35 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (11/09/2020 12:53:17 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 86.0.4240.183 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 1708
Čas spuštění: 01d6b5ebf18a0445
Čas ukončení: 761
Cesta k aplikaci: C:\Program Files\Google\Chrome\Application\chrome.exe
ID hlášení: 71176fee-221d-11eb-a521-e97e627cf197
Error: (11/09/2020 12:23:31 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.
System errors:
=============
Error: (11/09/2020 08:50:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
HWiNFO
Error: (11/09/2020 08:45:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (11/09/2020 08:45:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MTAgentService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/09/2020 08:45:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (11/09/2020 08:45:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MTSchedulerService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/09/2020 08:45:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ForceWare Intelligent Application Manager (IAM) byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/09/2020 08:45:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (11/09/2020 08:45:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Secunia PSI Agent byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
===================================
Date: 2015-01-16 15:32:01.178
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files\Settings Manager\smdmf\Helper.dll;folder:C:\Program Files\Settings Manager\
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2015-01-16 15:21:07.502
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files\Settings Manager\smdmf\Helper.dll
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2015-01-13 20:57:23.600
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files\Settings Manager\smdmf\Helper.dll
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2015-01-09 18:05:50.229
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:containerfile:C:\Users\ASRock\AppData\Local\Temp\nsx4EB4.tmp\nsg57FF.tmp\SettingsManagerMediaBar.exe;file:C:\Program Files\Settings Manager\smdmf\smdmfu.exe;file:C:\Users\ASRock\AppData\Local\Temp\nsx4EB4.tmp\nsg57FF.tmp\SettingsManagerMediaBar.exe->(VFS:Helper.dll#4);process:pid:4204;process:pid:4204,ProcessStart:130652960117988281;process:pid:860
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2015-01-09 17:55:24.089
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:containerfile:C:\Users\ASRock\AppData\Local\Temp\nsx4EB4.tmp\nsg57FF.tmp\SettingsManagerMediaBar.exe;file:C:\Program Files\Settings Manager\smdmf\smdmfu.exe;file:C:\Users\ASRock\AppData\Local\Temp\nsx4EB4.tmp\nsg57FF.tmp\SettingsManagerMediaBar.exe->(VFS:Helper.dll#4);process:pid:4204;process:pid:860
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2016-08-06 21:37:52.669
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:1.225.2931.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:1.1.12902.0
Kód chyby:0x800704c8
Popis chyby:Požadovanou operaci nelze provést se souborem, jehož uživateli mapovaný oddíl je otevřen.
Date: 2014-05-16 01:01:57.593
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
Date: 2014-05-16 01:01:57.588
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
CodeIntegrity:
===================================
Date: 2016-12-19 14:25:43.530
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 14:25:42.733
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 01:08:53.214
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 01:08:52.683
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 00:44:26.237
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 00:43:21.522
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 00:43:15.582
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-19 00:42:52.987
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\VIASysFx.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P1.80 05/21/2010
Motherboard: ASRock K10N78D
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+
Percentage of memory in use: 87%
Total physical RAM: 3327.18 MB
Available physical RAM: 418.95 MB
Total Virtual: 6654.36 MB
Available Virtual: 2578.71 MB
==================== Drives ================================
Drive c: (Win 7) (Fixed) (Total:298.09 GB) (Free:168.16 GB) NTFS
Drive d: () (Fixed) (Total:17.58 GB) (Free:1.58 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (DATA) (Fixed) (Total:46.94 GB) (Free:5.98 GB) NTFS
Drive f: () (Fixed) (Total:3.65 GB) (Free:3.26 GB) NTFS
Drive g: (LINUX) (Fixed) (Total:6.34 GB) (Free:1.94 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: D215FAD2)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 74.5 GB) (Disk ID: 004F4E7D)
Partition 1: (Active) - (Size=17.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=56.9 GB) - (Type=0F Extended)
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu- zpomalený PC
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\ASRock\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\MountPoints2: {b367d44f-541b-11e2-b3af-002522739666} - I:\wubi.exe --cdmenu
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {02ACA505-55B8-4FB5-8006-FA9D0AF5124A} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [194104 2011-10-04] (Google Inc -> Google) <==== ATTENTION
Task: {04DD91AE-BEDE-4E47-BDAD-FAE5932F63EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
ask: {07405305-1F0A-44BD-B770-F2D88BCE4363} - System32\Tasks\{06168F8C-F3B0-40D2-87EE-A2FD7B8EDDF8} => C:\Windows\system32\pcalua.exe -a H:\start.exe -d H:\
Task: {111A27C6-D4C5-412E-9650-4C3ED8B55F7F} - System32\Tasks\{D87924E7-3AD2-427B-8392-0148ED919BE6} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\startuplite-setup-1.07.exe -d C:\Users\ASRock\Downloads
Task: {126782EF-1B04-4401-88AA-8965B2C05A77} - System32\Tasks\{43DA2AE2-0829-4943-8A8C-127D53E17DDB} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Desktop\OpenOffice.org 3.3 (cs) Installation Files\java\jre-windows-i586.exe" -d "C:\Users\ASRock\Desktop\OpenOffice.org 3.3 (cs) Installation Files\java"
Task: {127DAF13-2633-4B1A-ACA5-AF340DFEE60D} - System32\Tasks\{EF89E52D-7B16-4823-AF4A-6D75959E418A} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\Install-winMd5Sum.exe -d C:\Users\ASRock\Downloads
Task: {189EED5E-1CEF-48A1-B3F5-6E8B736A07F8} - System32\Tasks\{7773C2EA-9FF7-4610-A859-0FC9A6D5B179} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\smwin143en.exe -d "C:\Program Files\Mozilla Firefox"
Task: {1BED3F63-6C01-4CE8-8861-5F94F4CFE1E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {221593B6-64BA-4769-87ED-83A07ECF3071} - System32\Tasks\{7893F07A-0E28-457F-B0F7-52A3F3B42A84} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Downloads\RosettaStoneAudioOptimizerInstaller (1).exe" -d C:\Users\ASRock\Downloads
Task: {22E5F691-7D91-4248-91FD-BD2A3E07F9BA} - System32\Tasks\{C47DEF80-4E64-4D1F-A42F-494C4FCFF9FF} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller Pro"
Task: {59C4810C-CB4D-4F79-8928-F4BAD0C94F40} - System32\Tasks\{C1F2F6AE-673D-46A8-920D-463C4E5B1EDD} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\VMHybrid_1.39.100_WLH.exe -d "C:\Program Files\Mozilla Firefox"
Task: {9CDE696B-5C26-4575-890A-373D7B77D5D5} - System32\Tasks\{A8102A9C-D4BF-4C85-9A3E-0744B1B79E3C} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\sp43155.exe -d "C:\Program Files\Mozilla Firefox"
Task: {D31A2138-4536-478A-8F82-BAA22083170B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000Core => C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc -> Google Inc.)
Task: {DC48B033-C744-41DB-BD49-D619877824AB} - System32\Tasks\{57D6CE74-987F-429E-8C6A-8F883A6C5648} => C:\Windows\system32\pcalua.exe -a H:\setup.exe -d H:\
Task: {DCBE69B8-0D0B-4169-9490-D328F1AD0313} - System32\Tasks\{32355ADF-D330-48C7-985C-D24D6DAE8351} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Downloads\Instaluj.cz - 9354.exe" -d C:\Users\ASRock\Downloads
Task: {E9F302E3-E775-4F4F-8F17-D4AB0F032B5D} - System32\Tasks\{C6A505E6-58EE-4196-9BB8-7841E32C122B} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\VirtualBox-4.2.20-90983-Win.exe -d C:\Users\ASRock\Downloads
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe <==== ATTENTION
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files\Sony\Media Go\MediaGoDetector.crx" <not found>
U3 DfSdkS; no ImagePath
S1 HWiNFO; \??\C:\Users\ASRock\AppData\Local\Temp\HWiNFO32.SYS [X] <==== ATTENTION
C:\Windows\system32\Tasks\{E0BFEEE6-5026-4542-9F88-F5098DF7B3B5}
C:\Windows\system32\Tasks\{5416AA1A-98FB-4F2D-A462-8372F2B3CA74}
C:\Windows\system32\Tasks\{524466C9-6B0A-43D7-8F9A-4B10679A0FF0}
C:\Windows\system32\Tasks\Google Software Updater
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Public\Documents\pre_fileassoc.tmp
C:\ProgramData\Documents\pre_fileassoc.tmp
C:\Users\ASRock\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => -> No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
MSCONFIG\startupreg: NeroFilterCheck =>
C:\Program Files\Settings Manager\smdmf\Helper.dll
C:\Users\ASRock\AppData\Local\Temp
EmptyTemp:
Hosts:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
honzaodlabe
- Návštěvník
- Příspěvky: 99
- Registrován: 08 lis 2008 19:32
Re: Kontrola logu- zpomalený PC
Učinil jsem źádané, ale omylem jsem spustil znovu skenování. Po jeho dokončení jsem spustil fix, a ten teď běží už déle než hodinu a jinak se nic neděje. Mám dále čekat nebo udělat něco jiného? Děkuji.
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu- zpomalený PC
Pokud jste smazal, dejte sem obsah souboru fixlog.txt. Jinak můžete skenování zrušit.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
honzaodlabe
- Návštěvník
- Příspěvky: 99
- Registrován: 08 lis 2008 19:32
Re: Kontrola logu- zpomalený PC
Zjistil jsem, že po spuštění FIX došlo k přerušení internetového připojení a ten proces FIX běžel více jak dvě hodiny a nešel vypnout. Tak jsem restartoval PC a obnovil systém z posledního bodu obnovy (ze včerejška) .
Přikládám ten Fixlog.txt, Asi bude nutno udělat nový FRST ?
Fix result of Farbar Recovery Scan Tool (x86) Version: 06-11-2020
Ran by ASRock (10-11-2020 16:32:34) Run:1
Running from C:\Users\ASRock\Downloads
Loaded Profiles: ASRock
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\MountPoints2: {b367d44f-541b-11e2-b3af-002522739666} - I:\wubi.exe --cdmenu
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {02ACA505-55B8-4FB5-8006-FA9D0AF5124A} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [194104 2011-10-04] (Google Inc -> Google) <==== ATTENTION
Task: {04DD91AE-BEDE-4E47-BDAD-FAE5932F63EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
ask: {07405305-1F0A-44BD-B770-F2D88BCE4363} - System32\Tasks\{06168F8C-F3B0-40D2-87EE-A2FD7B8EDDF8} => C:\Windows\system32\pcalua.exe -a H:\start.exe -d H:\
Task: {111A27C6-D4C5-412E-9650-4C3ED8B55F7F} - System32\Tasks\{D87924E7-3AD2-427B-8392-0148ED919BE6} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\startuplite-setup-1.07.exe -d C:\Users\ASRock\Downloads
Task: {126782EF-1B04-4401-88AA-8965B2C05A77} - System32\Tasks\{43DA2AE2-0829-4943-8A8C-127D53E17DDB} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Desktop\OpenOffice.org 3.3 (cs) Installation Files\java\jre-windows-i586.exe" -d "C:\Users\ASRock\Desktop\OpenOffice.org 3.3 (cs) Installation Files\java"
Task: {127DAF13-2633-4B1A-ACA5-AF340DFEE60D} - System32\Tasks\{EF89E52D-7B16-4823-AF4A-6D75959E418A} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\Install-winMd5Sum.exe -d C:\Users\ASRock\Downloads
Task: {189EED5E-1CEF-48A1-B3F5-6E8B736A07F8} - System32\Tasks\{7773C2EA-9FF7-4610-A859-0FC9A6D5B179} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\smwin143en.exe -d "C:\Program Files\Mozilla Firefox"
Task: {1BED3F63-6C01-4CE8-8861-5F94F4CFE1E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {221593B6-64BA-4769-87ED-83A07ECF3071} - System32\Tasks\{7893F07A-0E28-457F-B0F7-52A3F3B42A84} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Downloads\RosettaStoneAudioOptimizerInstaller (1).exe" -d C:\Users\ASRock\Downloads
Task: {22E5F691-7D91-4248-91FD-BD2A3E07F9BA} - System32\Tasks\{C47DEF80-4E64-4D1F-A42F-494C4FCFF9FF} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller Pro"
Task: {59C4810C-CB4D-4F79-8928-F4BAD0C94F40} - System32\Tasks\{C1F2F6AE-673D-46A8-920D-463C4E5B1EDD} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\VMHybrid_1.39.100_WLH.exe -d "C:\Program Files\Mozilla Firefox"
Task: {9CDE696B-5C26-4575-890A-373D7B77D5D5} - System32\Tasks\{A8102A9C-D4BF-4C85-9A3E-0744B1B79E3C} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\sp43155.exe -d "C:\Program Files\Mozilla Firefox"
Task: {D31A2138-4536-478A-8F82-BAA22083170B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000Core => C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc -> Google Inc.)
Task: {DC48B033-C744-41DB-BD49-D619877824AB} - System32\Tasks\{57D6CE74-987F-429E-8C6A-8F883A6C5648} => C:\Windows\system32\pcalua.exe -a H:\setup.exe -d H:\
Task: {DCBE69B8-0D0B-4169-9490-D328F1AD0313} - System32\Tasks\{32355ADF-D330-48C7-985C-D24D6DAE8351} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Downloads\Instaluj.cz - 9354.exe" -d C:\Users\ASRock\Downloads
Task: {E9F302E3-E775-4F4F-8F17-D4AB0F032B5D} - System32\Tasks\{C6A505E6-58EE-4196-9BB8-7841E32C122B} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\VirtualBox-4.2.20-90983-Win.exe -d C:\Users\ASRock\Downloads
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe <==== ATTENTION
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files\Sony\Media Go\MediaGoDetector.crx" <not found>
U3 DfSdkS; no ImagePath
S1 HWiNFO; \??\C:\Users\ASRock\AppData\Local\Temp\HWiNFO32.SYS [X] <==== ATTENTION
C:\Windows\system32\Tasks\{E0BFEEE6-5026-4542-9F88-F5098DF7B3B5}
C:\Windows\system32\Tasks\{5416AA1A-98FB-4F2D-A462-8372F2B3CA74}
C:\Windows\system32\Tasks\{524466C9-6B0A-43D7-8F9A-4B10679A0FF0}
C:\Windows\system32\Tasks\Google Software Updater
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Public\Documents\pre_fileassoc.tmp
C:\ProgramData\Documents\pre_fileassoc.tmp
C:\Users\ASRock\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => -> No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
MSCONFIG\startupreg: NeroFilterCheck =>
C:\Program Files\Settings Manager\smdmf\Helper.dll
C:\Users\ASRock\AppData\Local\Temp
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b367d44f-541b-11e2-b3af-002522739666} => removed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
HKLM\SOFTWARE\Policies\Google => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{02ACA505-55B8-4FB5-8006-FA9D0AF5124A}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02ACA505-55B8-4FB5-8006-FA9D0AF5124A}" => removed successfully.
C:\Windows\System32\Tasks\Google Software Updater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Google Software Updater" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{04DD91AE-BEDE-4E47-BDAD-FAE5932F63EC}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04DD91AE-BEDE-4E47-BDAD-FAE5932F63EC}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
ask: {07405305-1F0A-44BD-B770-F2D88BCE4363} - System32\Tasks\{06168F8C-F3B0-40D2-87EE-A2FD7B8EDDF8} => C:\Windows\system32\pcalua.exe -a H:\start.exe -d H:\ => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{111A27C6-D4C5-412E-9650-4C3ED8B55F7F}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{111A27C6-D4C5-412E-9650-4C3ED8B55F7F}" => removed successfully.
C:\Windows\System32\Tasks\{D87924E7-3AD2-427B-8392-0148ED919BE6} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D87924E7-3AD2-427B-8392-0148ED919BE6}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{126782EF-1B04-4401-88AA-8965B2C05A77}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{126782EF-1B04-4401-88AA-8965B2C05A77}" => removed successfully.
C:\Windows\System32\Tasks\{43DA2AE2-0829-4943-8A8C-127D53E17DDB} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{43DA2AE2-0829-4943-8A8C-127D53E17DDB}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{127DAF13-2633-4B1A-ACA5-AF340DFEE60D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{127DAF13-2633-4B1A-ACA5-AF340DFEE60D}" => removed successfully.
C:\Windows\System32\Tasks\{EF89E52D-7B16-4823-AF4A-6D75959E418A} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EF89E52D-7B16-4823-AF4A-6D75959E418A}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{189EED5E-1CEF-48A1-B3F5-6E8B736A07F8}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{189EED5E-1CEF-48A1-B3F5-6E8B736A07F8}" => removed successfully.
C:\Windows\System32\Tasks\{7773C2EA-9FF7-4610-A859-0FC9A6D5B179} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7773C2EA-9FF7-4610-A859-0FC9A6D5B179}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1BED3F63-6C01-4CE8-8861-5F94F4CFE1E2}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BED3F63-6C01-4CE8-8861-5F94F4CFE1E2}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{221593B6-64BA-4769-87ED-83A07ECF3071}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{221593B6-64BA-4769-87ED-83A07ECF3071}" => removed successfully.
C:\Windows\System32\Tasks\{7893F07A-0E28-457F-B0F7-52A3F3B42A84} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7893F07A-0E28-457F-B0F7-52A3F3B42A84}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22E5F691-7D91-4248-91FD-BD2A3E07F9BA}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22E5F691-7D91-4248-91FD-BD2A3E07F9BA}" => removed successfully.
C:\Windows\System32\Tasks\{C47DEF80-4E64-4D1F-A42F-494C4FCFF9FF} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C47DEF80-4E64-4D1F-A42F-494C4FCFF9FF}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{59C4810C-CB4D-4F79-8928-F4BAD0C94F40}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59C4810C-CB4D-4F79-8928-F4BAD0C94F40}" => removed successfully.
C:\Windows\System32\Tasks\{C1F2F6AE-673D-46A8-920D-463C4E5B1EDD} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C1F2F6AE-673D-46A8-920D-463C4E5B1EDD}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CDE696B-5C26-4575-890A-373D7B77D5D5}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CDE696B-5C26-4575-890A-373D7B77D5D5}" => removed successfully.
C:\Windows\System32\Tasks\{A8102A9C-D4BF-4C85-9A3E-0744B1B79E3C} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A8102A9C-D4BF-4C85-9A3E-0744B1B79E3C}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D31A2138-4536-478A-8F82-BAA22083170B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D31A2138-4536-478A-8F82-BAA22083170B}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000Core => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000Core" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC48B033-C744-41DB-BD49-D619877824AB}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC48B033-C744-41DB-BD49-D619877824AB}" => removed successfully.
C:\Windows\System32\Tasks\{57D6CE74-987F-429E-8C6A-8F883A6C5648} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{57D6CE74-987F-429E-8C6A-8F883A6C5648}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DCBE69B8-0D0B-4169-9490-D328F1AD0313}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCBE69B8-0D0B-4169-9490-D328F1AD0313}" => removed successfully.
C:\Windows\System32\Tasks\{32355ADF-D330-48C7-985C-D24D6DAE8351} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{32355ADF-D330-48C7-985C-D24D6DAE8351}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E9F302E3-E775-4F4F-8F17-D4AB0F032B5D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9F302E3-E775-4F4F-8F17-D4AB0F032B5D}" => removed successfully.
C:\Windows\System32\Tasks\{C6A505E6-58EE-4196-9BB8-7841E32C122B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C6A505E6-58EE-4196-9BB8-7841E32C122B}" => removed successfully.
C:\Windows\Tasks\Google Software Updater.job => moved successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000007 => removed successfully.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\ihenkjeihefokohmemphikjnjbmegdik => removed successfully.
HKLM\System\CurrentControlSet\Services\DfSdkS => removed successfully.
DfSdkS => service removed successfully.
HKLM\System\CurrentControlSet\Services\HWiNFO => removed successfully.
HWiNFO => service removed successfully.
C:\Windows\system32\Tasks\{E0BFEEE6-5026-4542-9F88-F5098DF7B3B5} => moved successfully
C:\Windows\system32\Tasks\{5416AA1A-98FB-4F2D-A462-8372F2B3CA74} => moved successfully
C:\Windows\system32\Tasks\{524466C9-6B0A-43D7-8F9A-4B10679A0FF0} => moved successfully
"C:\Windows\system32\Tasks\Google Software Updater" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\Public\Documents\pre_fileassoc.tmp => moved successfully
"C:\ProgramData\Documents\pre_fileassoc.tmp" => not found
C:\Users\ASRock\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235} => removed successfully.
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco1 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco2 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco3 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\Software\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
Přikládám ten Fixlog.txt, Asi bude nutno udělat nový FRST ?
Fix result of Farbar Recovery Scan Tool (x86) Version: 06-11-2020
Ran by ASRock (10-11-2020 16:32:34) Run:1
Running from C:\Users\ASRock\Downloads
Loaded Profiles: ASRock
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\MountPoints2: {b367d44f-541b-11e2-b3af-002522739666} - I:\wubi.exe --cdmenu
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {02ACA505-55B8-4FB5-8006-FA9D0AF5124A} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [194104 2011-10-04] (Google Inc -> Google) <==== ATTENTION
Task: {04DD91AE-BEDE-4E47-BDAD-FAE5932F63EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
ask: {07405305-1F0A-44BD-B770-F2D88BCE4363} - System32\Tasks\{06168F8C-F3B0-40D2-87EE-A2FD7B8EDDF8} => C:\Windows\system32\pcalua.exe -a H:\start.exe -d H:\
Task: {111A27C6-D4C5-412E-9650-4C3ED8B55F7F} - System32\Tasks\{D87924E7-3AD2-427B-8392-0148ED919BE6} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\startuplite-setup-1.07.exe -d C:\Users\ASRock\Downloads
Task: {126782EF-1B04-4401-88AA-8965B2C05A77} - System32\Tasks\{43DA2AE2-0829-4943-8A8C-127D53E17DDB} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Desktop\OpenOffice.org 3.3 (cs) Installation Files\java\jre-windows-i586.exe" -d "C:\Users\ASRock\Desktop\OpenOffice.org 3.3 (cs) Installation Files\java"
Task: {127DAF13-2633-4B1A-ACA5-AF340DFEE60D} - System32\Tasks\{EF89E52D-7B16-4823-AF4A-6D75959E418A} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\Install-winMd5Sum.exe -d C:\Users\ASRock\Downloads
Task: {189EED5E-1CEF-48A1-B3F5-6E8B736A07F8} - System32\Tasks\{7773C2EA-9FF7-4610-A859-0FC9A6D5B179} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\smwin143en.exe -d "C:\Program Files\Mozilla Firefox"
Task: {1BED3F63-6C01-4CE8-8861-5F94F4CFE1E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {221593B6-64BA-4769-87ED-83A07ECF3071} - System32\Tasks\{7893F07A-0E28-457F-B0F7-52A3F3B42A84} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Downloads\RosettaStoneAudioOptimizerInstaller (1).exe" -d C:\Users\ASRock\Downloads
Task: {22E5F691-7D91-4248-91FD-BD2A3E07F9BA} - System32\Tasks\{C47DEF80-4E64-4D1F-A42F-494C4FCFF9FF} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller Pro"
Task: {59C4810C-CB4D-4F79-8928-F4BAD0C94F40} - System32\Tasks\{C1F2F6AE-673D-46A8-920D-463C4E5B1EDD} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\VMHybrid_1.39.100_WLH.exe -d "C:\Program Files\Mozilla Firefox"
Task: {9CDE696B-5C26-4575-890A-373D7B77D5D5} - System32\Tasks\{A8102A9C-D4BF-4C85-9A3E-0744B1B79E3C} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\sp43155.exe -d "C:\Program Files\Mozilla Firefox"
Task: {D31A2138-4536-478A-8F82-BAA22083170B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000Core => C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc -> Google Inc.)
Task: {DC48B033-C744-41DB-BD49-D619877824AB} - System32\Tasks\{57D6CE74-987F-429E-8C6A-8F883A6C5648} => C:\Windows\system32\pcalua.exe -a H:\setup.exe -d H:\
Task: {DCBE69B8-0D0B-4169-9490-D328F1AD0313} - System32\Tasks\{32355ADF-D330-48C7-985C-D24D6DAE8351} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Downloads\Instaluj.cz - 9354.exe" -d C:\Users\ASRock\Downloads
Task: {E9F302E3-E775-4F4F-8F17-D4AB0F032B5D} - System32\Tasks\{C6A505E6-58EE-4196-9BB8-7841E32C122B} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\VirtualBox-4.2.20-90983-Win.exe -d C:\Users\ASRock\Downloads
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe <==== ATTENTION
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files\Sony\Media Go\MediaGoDetector.crx" <not found>
U3 DfSdkS; no ImagePath
S1 HWiNFO; \??\C:\Users\ASRock\AppData\Local\Temp\HWiNFO32.SYS [X] <==== ATTENTION
C:\Windows\system32\Tasks\{E0BFEEE6-5026-4542-9F88-F5098DF7B3B5}
C:\Windows\system32\Tasks\{5416AA1A-98FB-4F2D-A462-8372F2B3CA74}
C:\Windows\system32\Tasks\{524466C9-6B0A-43D7-8F9A-4B10679A0FF0}
C:\Windows\system32\Tasks\Google Software Updater
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Public\Documents\pre_fileassoc.tmp
C:\ProgramData\Documents\pre_fileassoc.tmp
C:\Users\ASRock\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => -> No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
MSCONFIG\startupreg: NeroFilterCheck =>
C:\Program Files\Settings Manager\smdmf\Helper.dll
C:\Users\ASRock\AppData\Local\Temp
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b367d44f-541b-11e2-b3af-002522739666} => removed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
HKLM\SOFTWARE\Policies\Google => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{02ACA505-55B8-4FB5-8006-FA9D0AF5124A}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02ACA505-55B8-4FB5-8006-FA9D0AF5124A}" => removed successfully.
C:\Windows\System32\Tasks\Google Software Updater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Google Software Updater" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{04DD91AE-BEDE-4E47-BDAD-FAE5932F63EC}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04DD91AE-BEDE-4E47-BDAD-FAE5932F63EC}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
ask: {07405305-1F0A-44BD-B770-F2D88BCE4363} - System32\Tasks\{06168F8C-F3B0-40D2-87EE-A2FD7B8EDDF8} => C:\Windows\system32\pcalua.exe -a H:\start.exe -d H:\ => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{111A27C6-D4C5-412E-9650-4C3ED8B55F7F}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{111A27C6-D4C5-412E-9650-4C3ED8B55F7F}" => removed successfully.
C:\Windows\System32\Tasks\{D87924E7-3AD2-427B-8392-0148ED919BE6} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D87924E7-3AD2-427B-8392-0148ED919BE6}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{126782EF-1B04-4401-88AA-8965B2C05A77}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{126782EF-1B04-4401-88AA-8965B2C05A77}" => removed successfully.
C:\Windows\System32\Tasks\{43DA2AE2-0829-4943-8A8C-127D53E17DDB} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{43DA2AE2-0829-4943-8A8C-127D53E17DDB}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{127DAF13-2633-4B1A-ACA5-AF340DFEE60D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{127DAF13-2633-4B1A-ACA5-AF340DFEE60D}" => removed successfully.
C:\Windows\System32\Tasks\{EF89E52D-7B16-4823-AF4A-6D75959E418A} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EF89E52D-7B16-4823-AF4A-6D75959E418A}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{189EED5E-1CEF-48A1-B3F5-6E8B736A07F8}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{189EED5E-1CEF-48A1-B3F5-6E8B736A07F8}" => removed successfully.
C:\Windows\System32\Tasks\{7773C2EA-9FF7-4610-A859-0FC9A6D5B179} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7773C2EA-9FF7-4610-A859-0FC9A6D5B179}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1BED3F63-6C01-4CE8-8861-5F94F4CFE1E2}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BED3F63-6C01-4CE8-8861-5F94F4CFE1E2}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{221593B6-64BA-4769-87ED-83A07ECF3071}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{221593B6-64BA-4769-87ED-83A07ECF3071}" => removed successfully.
C:\Windows\System32\Tasks\{7893F07A-0E28-457F-B0F7-52A3F3B42A84} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7893F07A-0E28-457F-B0F7-52A3F3B42A84}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22E5F691-7D91-4248-91FD-BD2A3E07F9BA}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22E5F691-7D91-4248-91FD-BD2A3E07F9BA}" => removed successfully.
C:\Windows\System32\Tasks\{C47DEF80-4E64-4D1F-A42F-494C4FCFF9FF} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C47DEF80-4E64-4D1F-A42F-494C4FCFF9FF}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{59C4810C-CB4D-4F79-8928-F4BAD0C94F40}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59C4810C-CB4D-4F79-8928-F4BAD0C94F40}" => removed successfully.
C:\Windows\System32\Tasks\{C1F2F6AE-673D-46A8-920D-463C4E5B1EDD} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C1F2F6AE-673D-46A8-920D-463C4E5B1EDD}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CDE696B-5C26-4575-890A-373D7B77D5D5}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CDE696B-5C26-4575-890A-373D7B77D5D5}" => removed successfully.
C:\Windows\System32\Tasks\{A8102A9C-D4BF-4C85-9A3E-0744B1B79E3C} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A8102A9C-D4BF-4C85-9A3E-0744B1B79E3C}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D31A2138-4536-478A-8F82-BAA22083170B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D31A2138-4536-478A-8F82-BAA22083170B}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000Core => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000Core" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC48B033-C744-41DB-BD49-D619877824AB}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC48B033-C744-41DB-BD49-D619877824AB}" => removed successfully.
C:\Windows\System32\Tasks\{57D6CE74-987F-429E-8C6A-8F883A6C5648} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{57D6CE74-987F-429E-8C6A-8F883A6C5648}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DCBE69B8-0D0B-4169-9490-D328F1AD0313}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCBE69B8-0D0B-4169-9490-D328F1AD0313}" => removed successfully.
C:\Windows\System32\Tasks\{32355ADF-D330-48C7-985C-D24D6DAE8351} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{32355ADF-D330-48C7-985C-D24D6DAE8351}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E9F302E3-E775-4F4F-8F17-D4AB0F032B5D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9F302E3-E775-4F4F-8F17-D4AB0F032B5D}" => removed successfully.
C:\Windows\System32\Tasks\{C6A505E6-58EE-4196-9BB8-7841E32C122B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C6A505E6-58EE-4196-9BB8-7841E32C122B}" => removed successfully.
C:\Windows\Tasks\Google Software Updater.job => moved successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000007 => removed successfully.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\ihenkjeihefokohmemphikjnjbmegdik => removed successfully.
HKLM\System\CurrentControlSet\Services\DfSdkS => removed successfully.
DfSdkS => service removed successfully.
HKLM\System\CurrentControlSet\Services\HWiNFO => removed successfully.
HWiNFO => service removed successfully.
C:\Windows\system32\Tasks\{E0BFEEE6-5026-4542-9F88-F5098DF7B3B5} => moved successfully
C:\Windows\system32\Tasks\{5416AA1A-98FB-4F2D-A462-8372F2B3CA74} => moved successfully
C:\Windows\system32\Tasks\{524466C9-6B0A-43D7-8F9A-4B10679A0FF0} => moved successfully
"C:\Windows\system32\Tasks\Google Software Updater" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\Public\Documents\pre_fileassoc.tmp => moved successfully
"C:\ProgramData\Documents\pre_fileassoc.tmp" => not found
C:\Users\ASRock\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235} => removed successfully.
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco1 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco2 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco3 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\Software\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu- zpomalený PC
Smazáno, ale chybí konec logu. Údaje o Hosts: a EmptyTemp:. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
honzaodlabe
- Návštěvník
- Příspěvky: 99
- Registrován: 08 lis 2008 19:32
Re: Kontrola logu- zpomalený PC
Posílám ještě tu spodní část logu, jestli je to to, co chybělo?
Změnu zatím nedokážu posoudit, až po dalších spuštěních PC.
Ten bod obnovy byl popsán jako odinstalace AdwClean, proto nevím, zda se něco nevrátilo do předchozího stavu, proto jsem se ptal na nový log FRST.
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b367d44f-541b-11e2-b3af-002522739666} => removed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
HKLM\SOFTWARE\Policies\Google => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{02ACA505-55B8-4FB5-8006-FA9D0AF5124A}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02ACA505-55B8-4FB5-8006-FA9D0AF5124A}" => removed successfully.
C:\Windows\System32\Tasks\Google Software Updater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Google Software Updater" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{04DD91AE-BEDE-4E47-BDAD-FAE5932F63EC}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04DD91AE-BEDE-4E47-BDAD-FAE5932F63EC}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
ask: {07405305-1F0A-44BD-B770-F2D88BCE4363} - System32\Tasks\{06168F8C-F3B0-40D2-87EE-A2FD7B8EDDF8} => C:\Windows\system32\pcalua.exe -a H:\start.exe -d H:\ => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{111A27C6-D4C5-412E-9650-4C3ED8B55F7F}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{111A27C6-D4C5-412E-9650-4C3ED8B55F7F}" => removed successfully.
C:\Windows\System32\Tasks\{D87924E7-3AD2-427B-8392-0148ED919BE6} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D87924E7-3AD2-427B-8392-0148ED919BE6}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{126782EF-1B04-4401-88AA-8965B2C05A77}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{126782EF-1B04-4401-88AA-8965B2C05A77}" => removed successfully.
C:\Windows\System32\Tasks\{43DA2AE2-0829-4943-8A8C-127D53E17DDB} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{43DA2AE2-0829-4943-8A8C-127D53E17DDB}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{127DAF13-2633-4B1A-ACA5-AF340DFEE60D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{127DAF13-2633-4B1A-ACA5-AF340DFEE60D}" => removed successfully.
C:\Windows\System32\Tasks\{EF89E52D-7B16-4823-AF4A-6D75959E418A} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EF89E52D-7B16-4823-AF4A-6D75959E418A}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{189EED5E-1CEF-48A1-B3F5-6E8B736A07F8}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{189EED5E-1CEF-48A1-B3F5-6E8B736A07F8}" => removed successfully.
C:\Windows\System32\Tasks\{7773C2EA-9FF7-4610-A859-0FC9A6D5B179} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7773C2EA-9FF7-4610-A859-0FC9A6D5B179}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1BED3F63-6C01-4CE8-8861-5F94F4CFE1E2}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BED3F63-6C01-4CE8-8861-5F94F4CFE1E2}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{221593B6-64BA-4769-87ED-83A07ECF3071}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{221593B6-64BA-4769-87ED-83A07ECF3071}" => removed successfully.
C:\Windows\System32\Tasks\{7893F07A-0E28-457F-B0F7-52A3F3B42A84} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7893F07A-0E28-457F-B0F7-52A3F3B42A84}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22E5F691-7D91-4248-91FD-BD2A3E07F9BA}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22E5F691-7D91-4248-91FD-BD2A3E07F9BA}" => removed successfully.
C:\Windows\System32\Tasks\{C47DEF80-4E64-4D1F-A42F-494C4FCFF9FF} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C47DEF80-4E64-4D1F-A42F-494C4FCFF9FF}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{59C4810C-CB4D-4F79-8928-F4BAD0C94F40}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59C4810C-CB4D-4F79-8928-F4BAD0C94F40}" => removed successfully.
C:\Windows\System32\Tasks\{C1F2F6AE-673D-46A8-920D-463C4E5B1EDD} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C1F2F6AE-673D-46A8-920D-463C4E5B1EDD}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CDE696B-5C26-4575-890A-373D7B77D5D5}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CDE696B-5C26-4575-890A-373D7B77D5D5}" => removed successfully.
C:\Windows\System32\Tasks\{A8102A9C-D4BF-4C85-9A3E-0744B1B79E3C} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A8102A9C-D4BF-4C85-9A3E-0744B1B79E3C}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D31A2138-4536-478A-8F82-BAA22083170B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D31A2138-4536-478A-8F82-BAA22083170B}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000Core => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000Core" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC48B033-C744-41DB-BD49-D619877824AB}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC48B033-C744-41DB-BD49-D619877824AB}" => removed successfully.
C:\Windows\System32\Tasks\{57D6CE74-987F-429E-8C6A-8F883A6C5648} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{57D6CE74-987F-429E-8C6A-8F883A6C5648}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DCBE69B8-0D0B-4169-9490-D328F1AD0313}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCBE69B8-0D0B-4169-9490-D328F1AD0313}" => removed successfully.
C:\Windows\System32\Tasks\{32355ADF-D330-48C7-985C-D24D6DAE8351} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{32355ADF-D330-48C7-985C-D24D6DAE8351}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E9F302E3-E775-4F4F-8F17-D4AB0F032B5D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9F302E3-E775-4F4F-8F17-D4AB0F032B5D}" => removed successfully.
C:\Windows\System32\Tasks\{C6A505E6-58EE-4196-9BB8-7841E32C122B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C6A505E6-58EE-4196-9BB8-7841E32C122B}" => removed successfully.
C:\Windows\Tasks\Google Software Updater.job => moved successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000007 => removed successfully.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\ihenkjeihefokohmemphikjnjbmegdik => removed successfully.
HKLM\System\CurrentControlSet\Services\DfSdkS => removed successfully.
DfSdkS => service removed successfully.
HKLM\System\CurrentControlSet\Services\HWiNFO => removed successfully.
HWiNFO => service removed successfully.
C:\Windows\system32\Tasks\{E0BFEEE6-5026-4542-9F88-F5098DF7B3B5} => moved successfully
C:\Windows\system32\Tasks\{5416AA1A-98FB-4F2D-A462-8372F2B3CA74} => moved successfully
C:\Windows\system32\Tasks\{524466C9-6B0A-43D7-8F9A-4B10679A0FF0} => moved successfully
"C:\Windows\system32\Tasks\Google Software Updater" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\Public\Documents\pre_fileassoc.tmp => moved successfully
"C:\ProgramData\Documents\pre_fileassoc.tmp" => not found
C:\Users\ASRock\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235} => removed successfully.
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco1 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco2 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco3 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\Software\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
Změnu zatím nedokážu posoudit, až po dalších spuštěních PC.
Ten bod obnovy byl popsán jako odinstalace AdwClean, proto nevím, zda se něco nevrátilo do předchozího stavu, proto jsem se ptal na nový log FRST.
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b367d44f-541b-11e2-b3af-002522739666} => removed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
HKLM\SOFTWARE\Policies\Google => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{02ACA505-55B8-4FB5-8006-FA9D0AF5124A}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02ACA505-55B8-4FB5-8006-FA9D0AF5124A}" => removed successfully.
C:\Windows\System32\Tasks\Google Software Updater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Google Software Updater" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{04DD91AE-BEDE-4E47-BDAD-FAE5932F63EC}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04DD91AE-BEDE-4E47-BDAD-FAE5932F63EC}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
ask: {07405305-1F0A-44BD-B770-F2D88BCE4363} - System32\Tasks\{06168F8C-F3B0-40D2-87EE-A2FD7B8EDDF8} => C:\Windows\system32\pcalua.exe -a H:\start.exe -d H:\ => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{111A27C6-D4C5-412E-9650-4C3ED8B55F7F}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{111A27C6-D4C5-412E-9650-4C3ED8B55F7F}" => removed successfully.
C:\Windows\System32\Tasks\{D87924E7-3AD2-427B-8392-0148ED919BE6} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D87924E7-3AD2-427B-8392-0148ED919BE6}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{126782EF-1B04-4401-88AA-8965B2C05A77}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{126782EF-1B04-4401-88AA-8965B2C05A77}" => removed successfully.
C:\Windows\System32\Tasks\{43DA2AE2-0829-4943-8A8C-127D53E17DDB} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{43DA2AE2-0829-4943-8A8C-127D53E17DDB}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{127DAF13-2633-4B1A-ACA5-AF340DFEE60D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{127DAF13-2633-4B1A-ACA5-AF340DFEE60D}" => removed successfully.
C:\Windows\System32\Tasks\{EF89E52D-7B16-4823-AF4A-6D75959E418A} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EF89E52D-7B16-4823-AF4A-6D75959E418A}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{189EED5E-1CEF-48A1-B3F5-6E8B736A07F8}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{189EED5E-1CEF-48A1-B3F5-6E8B736A07F8}" => removed successfully.
C:\Windows\System32\Tasks\{7773C2EA-9FF7-4610-A859-0FC9A6D5B179} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7773C2EA-9FF7-4610-A859-0FC9A6D5B179}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1BED3F63-6C01-4CE8-8861-5F94F4CFE1E2}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BED3F63-6C01-4CE8-8861-5F94F4CFE1E2}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{221593B6-64BA-4769-87ED-83A07ECF3071}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{221593B6-64BA-4769-87ED-83A07ECF3071}" => removed successfully.
C:\Windows\System32\Tasks\{7893F07A-0E28-457F-B0F7-52A3F3B42A84} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7893F07A-0E28-457F-B0F7-52A3F3B42A84}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22E5F691-7D91-4248-91FD-BD2A3E07F9BA}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22E5F691-7D91-4248-91FD-BD2A3E07F9BA}" => removed successfully.
C:\Windows\System32\Tasks\{C47DEF80-4E64-4D1F-A42F-494C4FCFF9FF} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C47DEF80-4E64-4D1F-A42F-494C4FCFF9FF}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{59C4810C-CB4D-4F79-8928-F4BAD0C94F40}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59C4810C-CB4D-4F79-8928-F4BAD0C94F40}" => removed successfully.
C:\Windows\System32\Tasks\{C1F2F6AE-673D-46A8-920D-463C4E5B1EDD} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C1F2F6AE-673D-46A8-920D-463C4E5B1EDD}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CDE696B-5C26-4575-890A-373D7B77D5D5}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CDE696B-5C26-4575-890A-373D7B77D5D5}" => removed successfully.
C:\Windows\System32\Tasks\{A8102A9C-D4BF-4C85-9A3E-0744B1B79E3C} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A8102A9C-D4BF-4C85-9A3E-0744B1B79E3C}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D31A2138-4536-478A-8F82-BAA22083170B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D31A2138-4536-478A-8F82-BAA22083170B}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000Core => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000Core" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC48B033-C744-41DB-BD49-D619877824AB}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC48B033-C744-41DB-BD49-D619877824AB}" => removed successfully.
C:\Windows\System32\Tasks\{57D6CE74-987F-429E-8C6A-8F883A6C5648} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{57D6CE74-987F-429E-8C6A-8F883A6C5648}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DCBE69B8-0D0B-4169-9490-D328F1AD0313}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCBE69B8-0D0B-4169-9490-D328F1AD0313}" => removed successfully.
C:\Windows\System32\Tasks\{32355ADF-D330-48C7-985C-D24D6DAE8351} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{32355ADF-D330-48C7-985C-D24D6DAE8351}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E9F302E3-E775-4F4F-8F17-D4AB0F032B5D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9F302E3-E775-4F4F-8F17-D4AB0F032B5D}" => removed successfully.
C:\Windows\System32\Tasks\{C6A505E6-58EE-4196-9BB8-7841E32C122B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C6A505E6-58EE-4196-9BB8-7841E32C122B}" => removed successfully.
C:\Windows\Tasks\Google Software Updater.job => moved successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000007 => removed successfully.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\ihenkjeihefokohmemphikjnjbmegdik => removed successfully.
HKLM\System\CurrentControlSet\Services\DfSdkS => removed successfully.
DfSdkS => service removed successfully.
HKLM\System\CurrentControlSet\Services\HWiNFO => removed successfully.
HWiNFO => service removed successfully.
C:\Windows\system32\Tasks\{E0BFEEE6-5026-4542-9F88-F5098DF7B3B5} => moved successfully
C:\Windows\system32\Tasks\{5416AA1A-98FB-4F2D-A462-8372F2B3CA74} => moved successfully
C:\Windows\system32\Tasks\{524466C9-6B0A-43D7-8F9A-4B10679A0FF0} => moved successfully
"C:\Windows\system32\Tasks\Google Software Updater" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\Public\Documents\pre_fileassoc.tmp => moved successfully
"C:\ProgramData\Documents\pre_fileassoc.tmp" => not found
C:\Users\ASRock\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235} => removed successfully.
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco1 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco2 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco3 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\Software\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu- zpomalený PC
Konec fixlogu by měl vypadat asi takto:
a ten stále chybí.=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19099574 B
Java, Flash, Steam htmlcache => 1128 B
Windows/system/drivers => 12635379 B
Edge => 38912 B
Chrome => 155600314 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6144 B
Users => 6144 B
ProgramData => 6144 B
Public => 6144 B
systemprofile => 6144 B
LocalService => 26650 B
NetworkService => 204351450 B
R => 231096854 B
DefaultAppPool => 231102998 B
RecycleBin => 140356 B
EmptyTemp: => 824.3 MB temporary data Removed.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
honzaodlabe
- Návštěvník
- Příspěvky: 99
- Registrován: 08 lis 2008 19:32
Re: Kontrola logu- zpomalený PC
Vložil jsem znovu Váš soubor do stažených a spustil znovu fix. Avast nato uložil FRST do truhly s tím, že obsahuje hrozbu: IDP.HEUR.23. Tak jsem odsouhlasil výjimku, načež pc restartoval pak už FRST - FIX proběhl normálně během několika vteřin. Tady je log:
Fix result of Farbar Recovery Scan Tool (x86) Version: 11-11-2020
Ran by ASRock (11-11-2020 22:13:29) Run:1
Running from C:\Users\ASRock\Downloads
Loaded Profiles: ASRock
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\MountPoints2: {b367d44f-541b-11e2-b3af-002522739666} - I:\wubi.exe --cdmenu
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {02ACA505-55B8-4FB5-8006-FA9D0AF5124A} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [194104 2011-10-04] (Google Inc -> Google) <==== ATTENTION
Task: {04DD91AE-BEDE-4E47-BDAD-FAE5932F63EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
ask: {07405305-1F0A-44BD-B770-F2D88BCE4363} - System32\Tasks\{06168F8C-F3B0-40D2-87EE-A2FD7B8EDDF8} => C:\Windows\system32\pcalua.exe -a H:\start.exe -d H:\
Task: {111A27C6-D4C5-412E-9650-4C3ED8B55F7F} - System32\Tasks\{D87924E7-3AD2-427B-8392-0148ED919BE6} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\startuplite-setup-1.07.exe -d C:\Users\ASRock\Downloads
Task: {126782EF-1B04-4401-88AA-8965B2C05A77} - System32\Tasks\{43DA2AE2-0829-4943-8A8C-127D53E17DDB} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Desktop\OpenOffice.org 3.3 (cs) Installation Files\java\jre-windows-i586.exe" -d "C:\Users\ASRock\Desktop\OpenOffice.org 3.3 (cs) Installation Files\java"
Task: {127DAF13-2633-4B1A-ACA5-AF340DFEE60D} - System32\Tasks\{EF89E52D-7B16-4823-AF4A-6D75959E418A} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\Install-winMd5Sum.exe -d C:\Users\ASRock\Downloads
Task: {189EED5E-1CEF-48A1-B3F5-6E8B736A07F8} - System32\Tasks\{7773C2EA-9FF7-4610-A859-0FC9A6D5B179} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\smwin143en.exe -d "C:\Program Files\Mozilla Firefox"
Task: {1BED3F63-6C01-4CE8-8861-5F94F4CFE1E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {221593B6-64BA-4769-87ED-83A07ECF3071} - System32\Tasks\{7893F07A-0E28-457F-B0F7-52A3F3B42A84} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Downloads\RosettaStoneAudioOptimizerInstaller (1).exe" -d C:\Users\ASRock\Downloads
Task: {22E5F691-7D91-4248-91FD-BD2A3E07F9BA} - System32\Tasks\{C47DEF80-4E64-4D1F-A42F-494C4FCFF9FF} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller Pro"
Task: {59C4810C-CB4D-4F79-8928-F4BAD0C94F40} - System32\Tasks\{C1F2F6AE-673D-46A8-920D-463C4E5B1EDD} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\VMHybrid_1.39.100_WLH.exe -d "C:\Program Files\Mozilla Firefox"
Task: {9CDE696B-5C26-4575-890A-373D7B77D5D5} - System32\Tasks\{A8102A9C-D4BF-4C85-9A3E-0744B1B79E3C} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\sp43155.exe -d "C:\Program Files\Mozilla Firefox"
Task: {D31A2138-4536-478A-8F82-BAA22083170B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000Core => C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc -> Google Inc.)
Task: {DC48B033-C744-41DB-BD49-D619877824AB} - System32\Tasks\{57D6CE74-987F-429E-8C6A-8F883A6C5648} => C:\Windows\system32\pcalua.exe -a H:\setup.exe -d H:\
Task: {DCBE69B8-0D0B-4169-9490-D328F1AD0313} - System32\Tasks\{32355ADF-D330-48C7-985C-D24D6DAE8351} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Downloads\Instaluj.cz - 9354.exe" -d C:\Users\ASRock\Downloads
Task: {E9F302E3-E775-4F4F-8F17-D4AB0F032B5D} - System32\Tasks\{C6A505E6-58EE-4196-9BB8-7841E32C122B} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\VirtualBox-4.2.20-90983-Win.exe -d C:\Users\ASRock\Downloads
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe <==== ATTENTION
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files\Sony\Media Go\MediaGoDetector.crx" <not found>
U3 DfSdkS; no ImagePath
S1 HWiNFO; \??\C:\Users\ASRock\AppData\Local\Temp\HWiNFO32.SYS [X] <==== ATTENTION
C:\Windows\system32\Tasks\{E0BFEEE6-5026-4542-9F88-F5098DF7B3B5}
C:\Windows\system32\Tasks\{5416AA1A-98FB-4F2D-A462-8372F2B3CA74}
C:\Windows\system32\Tasks\{524466C9-6B0A-43D7-8F9A-4B10679A0FF0}
C:\Windows\system32\Tasks\Google Software Updater
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Public\Documents\pre_fileassoc.tmp
C:\ProgramData\Documents\pre_fileassoc.tmp
C:\Users\ASRock\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => -> No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
MSCONFIG\startupreg: NeroFilterCheck =>
C:\Program Files\Settings Manager\smdmf\Helper.dll
C:\Users\ASRock\AppData\Local\Temp
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b367d44f-541b-11e2-b3af-002522739666} => removed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
HKLM\SOFTWARE\Policies\Google => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{02ACA505-55B8-4FB5-8006-FA9D0AF5124A}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02ACA505-55B8-4FB5-8006-FA9D0AF5124A}" => removed successfully.
C:\Windows\System32\Tasks\Google Software Updater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Google Software Updater" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{04DD91AE-BEDE-4E47-BDAD-FAE5932F63EC}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04DD91AE-BEDE-4E47-BDAD-FAE5932F63EC}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
ask: {07405305-1F0A-44BD-B770-F2D88BCE4363} - System32\Tasks\{06168F8C-F3B0-40D2-87EE-A2FD7B8EDDF8} => C:\Windows\system32\pcalua.exe -a H:\start.exe -d H:\ => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{111A27C6-D4C5-412E-9650-4C3ED8B55F7F}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{111A27C6-D4C5-412E-9650-4C3ED8B55F7F}" => removed successfully.
C:\Windows\System32\Tasks\{D87924E7-3AD2-427B-8392-0148ED919BE6} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D87924E7-3AD2-427B-8392-0148ED919BE6}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{126782EF-1B04-4401-88AA-8965B2C05A77}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{126782EF-1B04-4401-88AA-8965B2C05A77}" => removed successfully.
C:\Windows\System32\Tasks\{43DA2AE2-0829-4943-8A8C-127D53E17DDB} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{43DA2AE2-0829-4943-8A8C-127D53E17DDB}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{127DAF13-2633-4B1A-ACA5-AF340DFEE60D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{127DAF13-2633-4B1A-ACA5-AF340DFEE60D}" => removed successfully.
C:\Windows\System32\Tasks\{EF89E52D-7B16-4823-AF4A-6D75959E418A} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EF89E52D-7B16-4823-AF4A-6D75959E418A}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{189EED5E-1CEF-48A1-B3F5-6E8B736A07F8}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{189EED5E-1CEF-48A1-B3F5-6E8B736A07F8}" => removed successfully.
C:\Windows\System32\Tasks\{7773C2EA-9FF7-4610-A859-0FC9A6D5B179} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7773C2EA-9FF7-4610-A859-0FC9A6D5B179}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1BED3F63-6C01-4CE8-8861-5F94F4CFE1E2}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BED3F63-6C01-4CE8-8861-5F94F4CFE1E2}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{221593B6-64BA-4769-87ED-83A07ECF3071}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{221593B6-64BA-4769-87ED-83A07ECF3071}" => removed successfully.
C:\Windows\System32\Tasks\{7893F07A-0E28-457F-B0F7-52A3F3B42A84} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7893F07A-0E28-457F-B0F7-52A3F3B42A84}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22E5F691-7D91-4248-91FD-BD2A3E07F9BA}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22E5F691-7D91-4248-91FD-BD2A3E07F9BA}" => removed successfully.
C:\Windows\System32\Tasks\{C47DEF80-4E64-4D1F-A42F-494C4FCFF9FF} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C47DEF80-4E64-4D1F-A42F-494C4FCFF9FF}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{59C4810C-CB4D-4F79-8928-F4BAD0C94F40}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59C4810C-CB4D-4F79-8928-F4BAD0C94F40}" => removed successfully.
C:\Windows\System32\Tasks\{C1F2F6AE-673D-46A8-920D-463C4E5B1EDD} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C1F2F6AE-673D-46A8-920D-463C4E5B1EDD}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CDE696B-5C26-4575-890A-373D7B77D5D5}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CDE696B-5C26-4575-890A-373D7B77D5D5}" => removed successfully.
C:\Windows\System32\Tasks\{A8102A9C-D4BF-4C85-9A3E-0744B1B79E3C} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A8102A9C-D4BF-4C85-9A3E-0744B1B79E3C}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D31A2138-4536-478A-8F82-BAA22083170B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D31A2138-4536-478A-8F82-BAA22083170B}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000Core => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000Core" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC48B033-C744-41DB-BD49-D619877824AB}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC48B033-C744-41DB-BD49-D619877824AB}" => removed successfully.
C:\Windows\System32\Tasks\{57D6CE74-987F-429E-8C6A-8F883A6C5648} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{57D6CE74-987F-429E-8C6A-8F883A6C5648}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DCBE69B8-0D0B-4169-9490-D328F1AD0313}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCBE69B8-0D0B-4169-9490-D328F1AD0313}" => removed successfully.
C:\Windows\System32\Tasks\{32355ADF-D330-48C7-985C-D24D6DAE8351} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{32355ADF-D330-48C7-985C-D24D6DAE8351}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E9F302E3-E775-4F4F-8F17-D4AB0F032B5D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9F302E3-E775-4F4F-8F17-D4AB0F032B5D}" => removed successfully.
C:\Windows\System32\Tasks\{C6A505E6-58EE-4196-9BB8-7841E32C122B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C6A505E6-58EE-4196-9BB8-7841E32C122B}" => removed successfully.
C:\Windows\Tasks\Google Software Updater.job => moved successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000007 => removed successfully.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\ihenkjeihefokohmemphikjnjbmegdik => removed successfully.
HKLM\System\CurrentControlSet\Services\DfSdkS => removed successfully.
DfSdkS => service removed successfully.
HKLM\System\CurrentControlSet\Services\HWiNFO => removed successfully.
HWiNFO => service removed successfully.
C:\Windows\system32\Tasks\{E0BFEEE6-5026-4542-9F88-F5098DF7B3B5} => moved successfully
C:\Windows\system32\Tasks\{5416AA1A-98FB-4F2D-A462-8372F2B3CA74} => moved successfully
C:\Windows\system32\Tasks\{524466C9-6B0A-43D7-8F9A-4B10679A0FF0} => moved successfully
"C:\Windows\system32\Tasks\Google Software Updater" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"C:\Users\Public\Documents\pre_fileassoc.tmp" => not found
"C:\ProgramData\Documents\pre_fileassoc.tmp" => not found
C:\Users\ASRock\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235} => removed successfully.
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco1 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco2 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco3 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\Software\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => removed successfully.
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSCONFIG\startupreg: NeroFilterCheck =>" => not found
"C:\Program Files\Settings Manager\smdmf\Helper.dll" => not found
"C:\Users\ASRock\AppData\Local\Temp" folder move:
Could not move "C:\Users\ASRock\AppData\Local\Temp" => Scheduled to move on reboot.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27072592 B
Java, Flash, Steam htmlcache => 1155 B
Windows/system/drivers => 5678677 B
Edge => 0 B
Chrome => 411111383 B
Firefox => 62864514 B
Opera => 1048278 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 42195 B
Public => 42195 B
ProgramData => 42195 B
systemprofile => 2228122128 B
LocalService => 2228254372 B
NetworkService => 2228320600 B
ASRock => 2415559621 B
DefaultAppPool => 2415592679 B
RecycleBin => 11388520 B
EmptyTemp: => 11.2 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 11-11-2020 23:19:59)
"C:\Users\ASRock\AppData\Local\Temp" => Could not move.
==== End of Fixlog 23:20:18 ====
Díky za Vaši trpělivost.
Fix result of Farbar Recovery Scan Tool (x86) Version: 11-11-2020
Ran by ASRock (11-11-2020 22:13:29) Run:1
Running from C:\Users\ASRock\Downloads
Loaded Profiles: ASRock
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\...\MountPoints2: {b367d44f-541b-11e2-b3af-002522739666} - I:\wubi.exe --cdmenu
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {02ACA505-55B8-4FB5-8006-FA9D0AF5124A} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [194104 2011-10-04] (Google Inc -> Google) <==== ATTENTION
Task: {04DD91AE-BEDE-4E47-BDAD-FAE5932F63EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
ask: {07405305-1F0A-44BD-B770-F2D88BCE4363} - System32\Tasks\{06168F8C-F3B0-40D2-87EE-A2FD7B8EDDF8} => C:\Windows\system32\pcalua.exe -a H:\start.exe -d H:\
Task: {111A27C6-D4C5-412E-9650-4C3ED8B55F7F} - System32\Tasks\{D87924E7-3AD2-427B-8392-0148ED919BE6} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\startuplite-setup-1.07.exe -d C:\Users\ASRock\Downloads
Task: {126782EF-1B04-4401-88AA-8965B2C05A77} - System32\Tasks\{43DA2AE2-0829-4943-8A8C-127D53E17DDB} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Desktop\OpenOffice.org 3.3 (cs) Installation Files\java\jre-windows-i586.exe" -d "C:\Users\ASRock\Desktop\OpenOffice.org 3.3 (cs) Installation Files\java"
Task: {127DAF13-2633-4B1A-ACA5-AF340DFEE60D} - System32\Tasks\{EF89E52D-7B16-4823-AF4A-6D75959E418A} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\Install-winMd5Sum.exe -d C:\Users\ASRock\Downloads
Task: {189EED5E-1CEF-48A1-B3F5-6E8B736A07F8} - System32\Tasks\{7773C2EA-9FF7-4610-A859-0FC9A6D5B179} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\smwin143en.exe -d "C:\Program Files\Mozilla Firefox"
Task: {1BED3F63-6C01-4CE8-8861-5F94F4CFE1E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {221593B6-64BA-4769-87ED-83A07ECF3071} - System32\Tasks\{7893F07A-0E28-457F-B0F7-52A3F3B42A84} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Downloads\RosettaStoneAudioOptimizerInstaller (1).exe" -d C:\Users\ASRock\Downloads
Task: {22E5F691-7D91-4248-91FD-BD2A3E07F9BA} - System32\Tasks\{C47DEF80-4E64-4D1F-A42F-494C4FCFF9FF} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller Pro"
Task: {59C4810C-CB4D-4F79-8928-F4BAD0C94F40} - System32\Tasks\{C1F2F6AE-673D-46A8-920D-463C4E5B1EDD} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\VMHybrid_1.39.100_WLH.exe -d "C:\Program Files\Mozilla Firefox"
Task: {9CDE696B-5C26-4575-890A-373D7B77D5D5} - System32\Tasks\{A8102A9C-D4BF-4C85-9A3E-0744B1B79E3C} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\sp43155.exe -d "C:\Program Files\Mozilla Firefox"
Task: {D31A2138-4536-478A-8F82-BAA22083170B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000Core => C:\Users\ASRock\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc -> Google Inc.)
Task: {DC48B033-C744-41DB-BD49-D619877824AB} - System32\Tasks\{57D6CE74-987F-429E-8C6A-8F883A6C5648} => C:\Windows\system32\pcalua.exe -a H:\setup.exe -d H:\
Task: {DCBE69B8-0D0B-4169-9490-D328F1AD0313} - System32\Tasks\{32355ADF-D330-48C7-985C-D24D6DAE8351} => C:\Windows\system32\pcalua.exe -a "C:\Users\ASRock\Downloads\Instaluj.cz - 9354.exe" -d C:\Users\ASRock\Downloads
Task: {E9F302E3-E775-4F4F-8F17-D4AB0F032B5D} - System32\Tasks\{C6A505E6-58EE-4196-9BB8-7841E32C122B} => C:\Windows\system32\pcalua.exe -a C:\Users\ASRock\Downloads\VirtualBox-4.2.20-90983-Win.exe -d C:\Users\ASRock\Downloads
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe <==== ATTENTION
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files\Sony\Media Go\MediaGoDetector.crx" <not found>
U3 DfSdkS; no ImagePath
S1 HWiNFO; \??\C:\Users\ASRock\AppData\Local\Temp\HWiNFO32.SYS [X] <==== ATTENTION
C:\Windows\system32\Tasks\{E0BFEEE6-5026-4542-9F88-F5098DF7B3B5}
C:\Windows\system32\Tasks\{5416AA1A-98FB-4F2D-A462-8372F2B3CA74}
C:\Windows\system32\Tasks\{524466C9-6B0A-43D7-8F9A-4B10679A0FF0}
C:\Windows\system32\Tasks\Google Software Updater
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Public\Documents\pre_fileassoc.tmp
C:\ProgramData\Documents\pre_fileassoc.tmp
C:\Users\ASRock\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => -> No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2661226761-2934294044-4021329715-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
MSCONFIG\startupreg: NeroFilterCheck =>
C:\Program Files\Settings Manager\smdmf\Helper.dll
C:\Users\ASRock\AppData\Local\Temp
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b367d44f-541b-11e2-b3af-002522739666} => removed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
HKLM\SOFTWARE\Policies\Google => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{02ACA505-55B8-4FB5-8006-FA9D0AF5124A}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02ACA505-55B8-4FB5-8006-FA9D0AF5124A}" => removed successfully.
C:\Windows\System32\Tasks\Google Software Updater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Google Software Updater" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{04DD91AE-BEDE-4E47-BDAD-FAE5932F63EC}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04DD91AE-BEDE-4E47-BDAD-FAE5932F63EC}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
ask: {07405305-1F0A-44BD-B770-F2D88BCE4363} - System32\Tasks\{06168F8C-F3B0-40D2-87EE-A2FD7B8EDDF8} => C:\Windows\system32\pcalua.exe -a H:\start.exe -d H:\ => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{111A27C6-D4C5-412E-9650-4C3ED8B55F7F}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{111A27C6-D4C5-412E-9650-4C3ED8B55F7F}" => removed successfully.
C:\Windows\System32\Tasks\{D87924E7-3AD2-427B-8392-0148ED919BE6} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D87924E7-3AD2-427B-8392-0148ED919BE6}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{126782EF-1B04-4401-88AA-8965B2C05A77}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{126782EF-1B04-4401-88AA-8965B2C05A77}" => removed successfully.
C:\Windows\System32\Tasks\{43DA2AE2-0829-4943-8A8C-127D53E17DDB} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{43DA2AE2-0829-4943-8A8C-127D53E17DDB}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{127DAF13-2633-4B1A-ACA5-AF340DFEE60D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{127DAF13-2633-4B1A-ACA5-AF340DFEE60D}" => removed successfully.
C:\Windows\System32\Tasks\{EF89E52D-7B16-4823-AF4A-6D75959E418A} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EF89E52D-7B16-4823-AF4A-6D75959E418A}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{189EED5E-1CEF-48A1-B3F5-6E8B736A07F8}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{189EED5E-1CEF-48A1-B3F5-6E8B736A07F8}" => removed successfully.
C:\Windows\System32\Tasks\{7773C2EA-9FF7-4610-A859-0FC9A6D5B179} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7773C2EA-9FF7-4610-A859-0FC9A6D5B179}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1BED3F63-6C01-4CE8-8861-5F94F4CFE1E2}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BED3F63-6C01-4CE8-8861-5F94F4CFE1E2}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{221593B6-64BA-4769-87ED-83A07ECF3071}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{221593B6-64BA-4769-87ED-83A07ECF3071}" => removed successfully.
C:\Windows\System32\Tasks\{7893F07A-0E28-457F-B0F7-52A3F3B42A84} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7893F07A-0E28-457F-B0F7-52A3F3B42A84}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22E5F691-7D91-4248-91FD-BD2A3E07F9BA}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22E5F691-7D91-4248-91FD-BD2A3E07F9BA}" => removed successfully.
C:\Windows\System32\Tasks\{C47DEF80-4E64-4D1F-A42F-494C4FCFF9FF} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C47DEF80-4E64-4D1F-A42F-494C4FCFF9FF}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{59C4810C-CB4D-4F79-8928-F4BAD0C94F40}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59C4810C-CB4D-4F79-8928-F4BAD0C94F40}" => removed successfully.
C:\Windows\System32\Tasks\{C1F2F6AE-673D-46A8-920D-463C4E5B1EDD} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C1F2F6AE-673D-46A8-920D-463C4E5B1EDD}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CDE696B-5C26-4575-890A-373D7B77D5D5}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CDE696B-5C26-4575-890A-373D7B77D5D5}" => removed successfully.
C:\Windows\System32\Tasks\{A8102A9C-D4BF-4C85-9A3E-0744B1B79E3C} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A8102A9C-D4BF-4C85-9A3E-0744B1B79E3C}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D31A2138-4536-478A-8F82-BAA22083170B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D31A2138-4536-478A-8F82-BAA22083170B}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000Core => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2661226761-2934294044-4021329715-1000Core" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC48B033-C744-41DB-BD49-D619877824AB}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC48B033-C744-41DB-BD49-D619877824AB}" => removed successfully.
C:\Windows\System32\Tasks\{57D6CE74-987F-429E-8C6A-8F883A6C5648} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{57D6CE74-987F-429E-8C6A-8F883A6C5648}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DCBE69B8-0D0B-4169-9490-D328F1AD0313}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCBE69B8-0D0B-4169-9490-D328F1AD0313}" => removed successfully.
C:\Windows\System32\Tasks\{32355ADF-D330-48C7-985C-D24D6DAE8351} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{32355ADF-D330-48C7-985C-D24D6DAE8351}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E9F302E3-E775-4F4F-8F17-D4AB0F032B5D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9F302E3-E775-4F4F-8F17-D4AB0F032B5D}" => removed successfully.
C:\Windows\System32\Tasks\{C6A505E6-58EE-4196-9BB8-7841E32C122B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C6A505E6-58EE-4196-9BB8-7841E32C122B}" => removed successfully.
C:\Windows\Tasks\Google Software Updater.job => moved successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000007 => removed successfully.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\ihenkjeihefokohmemphikjnjbmegdik => removed successfully.
HKLM\System\CurrentControlSet\Services\DfSdkS => removed successfully.
DfSdkS => service removed successfully.
HKLM\System\CurrentControlSet\Services\HWiNFO => removed successfully.
HWiNFO => service removed successfully.
C:\Windows\system32\Tasks\{E0BFEEE6-5026-4542-9F88-F5098DF7B3B5} => moved successfully
C:\Windows\system32\Tasks\{5416AA1A-98FB-4F2D-A462-8372F2B3CA74} => moved successfully
C:\Windows\system32\Tasks\{524466C9-6B0A-43D7-8F9A-4B10679A0FF0} => moved successfully
"C:\Windows\system32\Tasks\Google Software Updater" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"C:\Users\Public\Documents\pre_fileassoc.tmp" => not found
"C:\ProgramData\Documents\pre_fileassoc.tmp" => not found
C:\Users\ASRock\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235} => removed successfully.
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco1 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco2 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco3 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\Software\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
HKU\S-1-5-21-2661226761-2934294044-4021329715-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => removed successfully.
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSCONFIG\startupreg: NeroFilterCheck =>" => not found
"C:\Program Files\Settings Manager\smdmf\Helper.dll" => not found
"C:\Users\ASRock\AppData\Local\Temp" folder move:
Could not move "C:\Users\ASRock\AppData\Local\Temp" => Scheduled to move on reboot.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27072592 B
Java, Flash, Steam htmlcache => 1155 B
Windows/system/drivers => 5678677 B
Edge => 0 B
Chrome => 411111383 B
Firefox => 62864514 B
Opera => 1048278 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 42195 B
Public => 42195 B
ProgramData => 42195 B
systemprofile => 2228122128 B
LocalService => 2228254372 B
NetworkService => 2228320600 B
ASRock => 2415559621 B
DefaultAppPool => 2415592679 B
RecycleBin => 11388520 B
EmptyTemp: => 11.2 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 11-11-2020 23:19:59)
"C:\Users\ASRock\AppData\Local\Temp" => Could not move.
==== End of Fixlog 23:20:18 ====
Díky za Vaši trpělivost.
Přispějete na provoz fóra?