Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by TomikCR on po 27. 05. 2019 at 20:09:26,70.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TomikCR\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
27. 5. 2019 20:13:50 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\Raptr deleted successfully
C:\Program Files\HP deleted successfully
C:\Users\TomikCR\AppData\Roaming\Opera Software deleted successfully
C:\Users\TomikCR\AppData\Local\Opera Software deleted successfully
C:\Users\TomikCR\AppData\Local\WMTools Downloaded Files deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\TomikCR\AppData\Roaming\Mozilla\Firefox\Profiles\d1xemxoz.default\prefs.js:
user_pref("keyword.URL", "https://duckduckgo.com/?q={searchTerms}");
Added to C:\Users\TomikCR\AppData\Roaming\Mozilla\Firefox\Profiles\d1xemxoz.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\TomikCR\AppData\Roaming\Mozilla\Firefox\Profiles\yf1ddynd.default-1512513727351\prefs.js:
Added to C:\Users\TomikCR\AppData\Roaming\Mozilla\Firefox\Profiles\yf1ddynd.default-1512513727351\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\TomikCR\AppData\Roaming\Mozilla\Firefox\Profiles\d1xemxoz.default
user.js not found
---- Lines surfing removed from prefs.js ----
user_pref("extensions.xpiState", "{\"app-profile\":{\"anttoolbar@ant.com\":{\"d\":\"C:\\\\Users\\\\TomikCR\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox
---- FireFox user.js and prefs.js backups ----
prefs_201927.05._2034_.backup
ProfilePath: C:\Users\TomikCR\AppData\Roaming\Mozilla\Firefox\Profiles\yf1ddynd.default-1512513727351
user.js not found
---- FireFox user.js and prefs.js backups ----
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Raptr not found
C:\Users\TomikCR\AppData\Roaming\brave deleted
C:\Users\TomikCR\.android deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
==== Orphaned Tasks deleted from Registry ======================
Opera N deleted
Opera N Saturday deleted
Opera N Sunday deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\TomikCR\AppData\Roaming\Mozilla\Firefox\Profiles\d1xemxoz.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\TomikCR\AppData\Roaming\Mozilla\Firefox\Profiles\yf1ddynd.default-1512513727351
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"firefox@bho.com"="C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt" [17. 06. 2015 20:35]
==== Firefox Extensions ======================
==== Firefox Plugins ======================
Profilepath: C:\Users\TomikCR\AppData\Roaming\Mozilla\Firefox\Profiles\yf1ddynd.default-1512513727351
- C:\Program Files x86\VideoLAN\VLC\npvlc.dll - [?]
0C0C5C207121C7A78414A8250E8E099A - C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll - Shockwave for Director / Shockwave for Director
- C:\Program Files x86\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll - [?]
- C:\Program Files x86\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll - [?]
- C:\Program Files x86\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll - [?]
==== Chromium Look ======================
Google Chrome Version: 74.0.3729.169
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - No path found[]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]
HraniÄŤnĂ porucha osobnosti | Doktorka.cz - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnaoencakbgljoiljlafbnknkmalbapk
Otto Kernberg – Wikipedie - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcknjhdldobocpoelbhnbeclifcmfjjc
HUMAN 3.0 - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\meefjekipolcgabfgaclcpdkbghhmoah
Deprese (psychologie) – Wikipedie - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nelenockjlakfgihjccmabmopimionmn
XTractor 2.0 - FB Emails and UIDs Scrapper - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\odnenajaeicndaeiapagpglohiklndhe
Chrome Media Router - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
HUMAN 3.0 - TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\meefjekipolcgabfgaclcpdkbghhmoah
Chrome Media Router - TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.cz/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.cz/"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=HPNTDFJS
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
==== Reset Google Chrome ======================
C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\System Profile\Preferences was reset successfully
C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\System Profile\Secure Preferences was reset successfully
C:\Users\TomikCR\AppData\Local\Mumps\User Data\Default\Preferences was reset successfully
C:\Users\TomikCR\AppData\Local\Mumps\User Data\Default\Secure Preferences was reset successfully
C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\System Profile\Web Data was reset successfully
C:\Users\TomikCR\AppData\Local\Mumps\User Data\Default\Web Data was reset successfully
C:\Users\TomikCR\AppData\Local\Mumps\User Data\Default\Web Data-journal was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Raptr deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TomikCR\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\TomikCR\Desktop\Vstup\Rozbočovač\převody z ostatních PC - NEMAZAT\Důležité\vše ze starých PC roztřídit\Tomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\TomikCR\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\System Profile\Cache emptied successfully
C:\Users\TomikCR\AppData\Local\Mumps\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=1349 folders=173 727482397 bytes)
==== Empty Temp Folders ======================
C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\TomikCR\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\TomikCR\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found
==== EOF on po 27. 05. 2019 at 20:43:34,72 ======================
Prosím o kontrolu logu - hučící větrák, zpomalený počítač, zamrzání stránek Vyřešeno
Re: Prosím o kontrolu logu - hučící větrák, zpomalený počítač, zamrzání stránek
Informace o kontroly
Název produktu : Zemana AntiMalware
Stav kontroly : Dokončena
Datum kontroly : 27. 5. 2019 21:31:43
Typ kontroly : Inteligentní kontrola
Čas trvání : 00:00:31
Zkontrolované objekty : 1289
Zjištěné objekty : 1
Vyloučené objekty : 0
Automatické odesílání : Ne
Operační systém : Windows 8.1 x64
Procesor : 4X AMD A10-5745M APU with Radeon(tm) HD Graphics
Režim systému BIOS : UEFI
Informace o doméně : WORKGROUP,False,NetSetupWorkgroupName
CUID : 12905A4B5FC3E374EB1E09
Odhalení
MD5 :
Stav : Zkontrolováno
Objekt : http://www.parlamentnilisty.cz/
Vydavatel :
Velikost : 0
Odhalení : Hijack:Browser/ChromeHomepage
Akce : -
-----------------------------------------------------------------------
Název produktu : Zemana AntiMalware
Stav kontroly : Dokončena
Datum kontroly : 27. 5. 2019 21:31:43
Typ kontroly : Inteligentní kontrola
Čas trvání : 00:00:31
Zkontrolované objekty : 1289
Zjištěné objekty : 1
Vyloučené objekty : 0
Automatické odesílání : Ne
Operační systém : Windows 8.1 x64
Procesor : 4X AMD A10-5745M APU with Radeon(tm) HD Graphics
Režim systému BIOS : UEFI
Informace o doméně : WORKGROUP,False,NetSetupWorkgroupName
CUID : 12905A4B5FC3E374EB1E09
Odhalení
MD5 :
Stav : Zkontrolováno
Objekt : http://www.parlamentnilisty.cz/
Vydavatel :
Velikost : 0
Odhalení : Hijack:Browser/ChromeHomepage
Akce : -
-----------------------------------------------------------------------
Re: Prosím o kontrolu logu - hučící větrák, zpomalený počítač, zamrzání stránek
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:41:22, on 27. 5. 2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Users\TomikCR\Downloads\HijackThis (1).exe
C:\Windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=69157
O1 - Hosts: ::1 localhost
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [Power2GoExpress8] "C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe"
O4 - HKCU\..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h
O4 - HKCU\..\Run: [GarminExpress] "C:\Program Files (x86)\Garmin\Express\express.exe" /minimized
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: @oem46.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: MRAC Service (mracsvc) - Unknown owner - C:\Windows\System32\mracsvc.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8295 bytes
Scan saved at 21:41:22, on 27. 5. 2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Users\TomikCR\Downloads\HijackThis (1).exe
C:\Windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=69157
O1 - Hosts: ::1 localhost
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [Power2GoExpress8] "C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe"
O4 - HKCU\..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h
O4 - HKCU\..\Run: [GarminExpress] "C:\Program Files (x86)\Garmin\Express\express.exe" /minimized
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: @oem46.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: MRAC Service (mracsvc) - Unknown owner - C:\Windows\System32\mracsvc.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8295 bytes
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - hučící větrák, zpomalený počítač, zamrzání stránek
Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu - hučící větrák, zpomalený počítač, zamrzání stránek
Ahoj,
ventilátor se naprosto uklidnil takže OK. Jen ještě stránky se načítají trochu pomaleji....v podstatě písmo naskočí ihned ale nějaké dvě tři vteřiny se načítají obrázky. Nebo když je stránka dlouhá a rychle roluju dolů tak je třeba půlka dvě vteřiny šedá a vykresluje se dost pomalu takže je to dost nepříjemné. Jinak je to všechno v pohodě.
ventilátor se naprosto uklidnil takže OK. Jen ještě stránky se načítají trochu pomaleji....v podstatě písmo naskočí ihned ale nějaké dvě tři vteřiny se načítají obrázky. Nebo když je stránka dlouhá a rychle roluju dolů tak je třeba půlka dvě vteřiny šedá a vykresluje se dost pomalu takže je to dost nepříjemné. Jinak je to všechno v pohodě.
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - hučící větrák, zpomalený počítač, zamrzání stránek
Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu - hučící větrák, zpomalený počítač, zamrzání stránek
----------------------------------------------------------------------------
CrystalDiskInfo 8.0.0 (C) 2008-2018 hiyohiyo
Crystal Dew World : https://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2019/05/29 22:21:58
-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Řadič SATA AMD [ATA]
- ST1000LM014-1EJ1 SATA Disk Device
- hp DVDRAM GU90N SATA CdRom Device
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(1) ST1000LM014-1EJ164-SSHD : 1000,2 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST1000LM014-1EJ164-SSHD
----------------------------------------------------------------------------
Model : ST1000LM014-1EJ164-SSHD
Firmware : HPM6
Serial Number : W382GMEJ
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ACS-3 Revision 3b
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 13053 hod.
Power On Count : 3115 krát
Temperature : 40 C (104 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
Drive Letter : C: D:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 119 _99 __6 00000D799320 Počet chyb čtení
03 _98 _97 __0 000000000000 Čas na roztočení ploten
04 _97 _97 __0 000000000C28 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 _83 _60 _30 00010DC727CF Počet chybných hledání
09 _86 _86 __0 0000000032FD Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _97 _97 __0 000000000C2B Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 _97 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _60 _44 _45 000228190028 Teplota toku vzduchu
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000005D Počet vypnutí disku
C1 _66 _66 __0 000000010A3D Počet cyklů načítání/vymazání
C2 _40 _56 __0 001400000028 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
FE 100 100 __0 000000000000 Ochrana proti pádu
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5733 3832 474D 454A 2020 2020 2020 2020 2020 2020
020: 0000 0000 0004 4850 4D36 2020 2020 5354 3130 3030
030: 4C4D 3031 342D 3145 4A31 3634 2D53 5348 4420 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0010
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 8D0E 0006 004C 004C
080: 03F8 001F 306B 7C09 6123 3069 BC09 6123 203F 005D
090: 005D 8080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 C500
110: 7C4B 9049 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0108 5000 3C06 3C0A
140: 0000 0078 0000 0008 0000 0000 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 0001 0000 0000 7200 8806
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 10B5 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 1003 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 DEA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 2F 00 77 63 20 93 79 0D 00 00 00 03 23
010: 00 62 61 00 00 00 00 00 00 00 04 33 00 61 61 28
020: 0C 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 2F 00 53 3C CF 27 C7 0D 01 00 00 09 32
040: 00 56 56 FD 32 00 00 00 00 00 0A 33 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 61 61 2B 0C 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 33
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 64 64 00 00 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 3C 2C 28 00 19 28 02 00 00 BF 32 00 64 64 00
0B0: 00 00 00 00 00 00 C0 22 00 64 64 5D 00 00 00 00
0C0: 00 00 C1 32 00 42 42 3D 0A 01 00 00 00 00 C2 22
0D0: 00 28 38 28 00 00 00 14 00 00 C4 32 00 64 64 00
0E0: 00 00 00 00 00 00 C5 32 00 64 64 00 00 00 00 00
0F0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 32
100: 00 C8 C8 00 00 00 00 00 00 00 FE 32 00 64 64 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 8B 00 00 53
170: 03 00 01 00 02 C2 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 38 04 00 00 02 02 03 03 03 03 03 03
190: 03 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 90 DD 63 EE BC 2A 00 00
1B0: 00 00 00 00 01 00 AC 05 A0 D7 CE 89 05 00 00 00
1C0: 4F 79 09 86 07 00 00 00 00 00 00 00 00 00 00 00
1D0: 01 00 00 00 00 00 00 00 96 09 00 00 01 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9B
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 20 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 00 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 61
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0E0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0F0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 FE 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 19
CrystalDiskInfo 8.0.0 (C) 2008-2018 hiyohiyo
Crystal Dew World : https://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2019/05/29 22:21:58
-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Řadič SATA AMD [ATA]
- ST1000LM014-1EJ1 SATA Disk Device
- hp DVDRAM GU90N SATA CdRom Device
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(1) ST1000LM014-1EJ164-SSHD : 1000,2 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST1000LM014-1EJ164-SSHD
----------------------------------------------------------------------------
Model : ST1000LM014-1EJ164-SSHD
Firmware : HPM6
Serial Number : W382GMEJ
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ACS-3 Revision 3b
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 13053 hod.
Power On Count : 3115 krát
Temperature : 40 C (104 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
Drive Letter : C: D:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 119 _99 __6 00000D799320 Počet chyb čtení
03 _98 _97 __0 000000000000 Čas na roztočení ploten
04 _97 _97 __0 000000000C28 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 _83 _60 _30 00010DC727CF Počet chybných hledání
09 _86 _86 __0 0000000032FD Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _97 _97 __0 000000000C2B Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 _97 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _60 _44 _45 000228190028 Teplota toku vzduchu
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000005D Počet vypnutí disku
C1 _66 _66 __0 000000010A3D Počet cyklů načítání/vymazání
C2 _40 _56 __0 001400000028 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
FE 100 100 __0 000000000000 Ochrana proti pádu
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5733 3832 474D 454A 2020 2020 2020 2020 2020 2020
020: 0000 0000 0004 4850 4D36 2020 2020 5354 3130 3030
030: 4C4D 3031 342D 3145 4A31 3634 2D53 5348 4420 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0010
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 8D0E 0006 004C 004C
080: 03F8 001F 306B 7C09 6123 3069 BC09 6123 203F 005D
090: 005D 8080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 C500
110: 7C4B 9049 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0108 5000 3C06 3C0A
140: 0000 0078 0000 0008 0000 0000 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 0001 0000 0000 7200 8806
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 10B5 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 1003 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 DEA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 2F 00 77 63 20 93 79 0D 00 00 00 03 23
010: 00 62 61 00 00 00 00 00 00 00 04 33 00 61 61 28
020: 0C 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 2F 00 53 3C CF 27 C7 0D 01 00 00 09 32
040: 00 56 56 FD 32 00 00 00 00 00 0A 33 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 61 61 2B 0C 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 33
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 64 64 00 00 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 3C 2C 28 00 19 28 02 00 00 BF 32 00 64 64 00
0B0: 00 00 00 00 00 00 C0 22 00 64 64 5D 00 00 00 00
0C0: 00 00 C1 32 00 42 42 3D 0A 01 00 00 00 00 C2 22
0D0: 00 28 38 28 00 00 00 14 00 00 C4 32 00 64 64 00
0E0: 00 00 00 00 00 00 C5 32 00 64 64 00 00 00 00 00
0F0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 32
100: 00 C8 C8 00 00 00 00 00 00 00 FE 32 00 64 64 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 8B 00 00 53
170: 03 00 01 00 02 C2 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 38 04 00 00 02 02 03 03 03 03 03 03
190: 03 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 90 DD 63 EE BC 2A 00 00
1B0: 00 00 00 00 01 00 AC 05 A0 D7 CE 89 05 00 00 00
1C0: 4F 79 09 86 07 00 00 00 00 00 00 00 00 00 00 00
1D0: 01 00 00 00 00 00 00 00 96 09 00 00 01 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9B
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 20 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 00 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 61
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0E0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0F0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 FE 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 19
Re: Prosím o kontrolu logu - hučící větrák, zpomalený počítač, zamrzání stránek
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05.2019
Ran by TomikCR (29-05-2019 22:24:23)
Running from C:\Users\TomikCR\Desktop
Windows 8.1 (Update) (X64) (2014-10-27 13:40:42)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1268798374-1140181337-1142225549-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-1268798374-1140181337-1142225549-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1268798374-1140181337-1142225549-1004 - Limited - Enabled)
TomikCR (S-1-5-21-1268798374-1140181337-1142225549-1002 - Administrator - Enabled) => C:\Users\TomikCR
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.192 - Adobe)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1345, 26.03.2014 - AIMP DevTeam)
AMD Catalyst Install Manager (HKLM\...\{572C982F-95F5-0562-AE8F-8A9D7D024A88}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Asoftech Data Recovery (HKLM-x32\...\{1AED6EB7-8FEA-4021-B8FD-EBAA6B21679F}) (Version: 1.00 - )
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CamStudio (HKLM-x32\...\CamStudio) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CrystalDiskInfo 8.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.0.0 - Crystal Dew World)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.9.4928 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.4.6303 - Název společnosti:) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.4.6303 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.6.5104 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.9.5009 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.3.3812 - Název společnosti:) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.3.3812 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.6.5011 - CyberLink Corp.)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
DummyInstaller (HKLM-x32\...\{E2210743-20C9-48E3-BA03-B1E39772E662}) (Version: 1.0.0 - Microsoft)
Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
FormatFactory 3.9.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.9.5.0 - Free Time)
Foxit PhantomPDF (HKLM-x32\...\{89BF1D4D-1D62-451E-9496-B971BDE82720}) (Version: 6.0.33.715 - Foxit Corporation)
Free Video Cutter 1.3 (HKLM-x32\...\FreeVideoCutter) (Version: - Tomatosoft)
Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries)
Glary Duplicate Cleaner 5.0.1.20 (HKLM-x32\...\Glary Duplicate Cleaner) (Version: 5.0.1.20 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{9D7BFF2A-F810-4E35-BE2C-A6CB4B9202DB}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.39 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{1E14ACF0-1480-4467-A73D-67C4FD35A5F4}) (Version: 8.7.50.3 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{A0310A3B-73AB-4E81-ABB6-8D4CEF8C0AA6}) (Version: 12.10.49.21 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{E8F2076D-1885-4A0F-83D8-77B1F9D384CE}) (Version: 2.5.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.39 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.39 - Softex Inc.) Hidden
jwDuplFiles 2.0 (HKLM-x32\...\jwDuplFiles_is1) (Version: - jw)
LG United Mobile Drivers (HKLM-x32\...\{73EAAF2F-9A69-409B-832F-2DCD0371CD44}) (Version: 3.11.3.0 - LG Electronics)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Medal of Honor™ Warfighter (HKLM-x32\...\{1040143F-FEFB-4B90-8E51-E47D40E14C4E}) (Version: 1.0.0.3 - Electronic Arts)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Název společnosti:)
OEM Application Profile (HKLM-x32\...\{8F92E0CF-620B-5C20-F292-59C93567B06D}) (Version: 1.00.0000 - Název společnosti:) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{C560D6E7-E40A-435D-8B71-62CBCF1701B2}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.38.25027 - Electronic Arts, Inc.)
PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version: - )
Photo Story 3 for Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
PicosmosTools 1.3.0.0 (HKLM-x32\...\PicosmosTools) (Version: 1.3.0.0 - Free Time)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.0.2700 - Jan Fiala)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.24 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7231 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.38 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
RogueKiller version 13.2.1.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.2.1.0 - Adlice Software)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Splinter Cell Conviction (HKLM-x32\...\Uplay Install 2) (Version: - Ubisoft)
SRWare Iron verze 66.0.3450.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: 66.0.3450.0 - SRWare)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.03 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
XLS Reader (HKLM-x32\...\{30D6D257-BE4B-48F2-8D9E-E787A52A0738}_is1) (Version: 1.0 - )
Zemana AntiMalware verze 3.1.210 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.210 - Zemana)
Packages:
=========
Box for Windows 8 -> C:\Program Files\WindowsApps\134D4F5B.Box_2.1.4.4_neutral__2qk4zy5s3qmee [2017-12-07] (Box, Inc.)
HP Connected Music -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedMusic_1.5.0.253_x86__v10z8vjag6ke6 [2017-12-07] (Hewlett-Packard Company)
McAfee® Central for HP -> C:\Program Files\WindowsApps\2703103D.McAfeeCentral_5.0.177.1_x64__4ehj4w4frejdr [2018-04-03] (.-McAfee Inc-.)
Prima PLAY -> C:\Program Files\WindowsApps\PrimaOn-line.PrimaPLAY_1.0.0.11_x64__v0phzxb1wbfgp [2017-12-07] (Prima On-line)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_1.18.3.0_x64__8wekyb3d8bbwe [2017-12-07] (Microsoft Corporation)
Výběr prohlížeče -> C:\Windows\BrowserChoice [2014-10-29] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
CustomCLSID: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002_Classes\CLSID\{F09690BD-582D-4439-B6ED-5C2545D2F424}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Windows -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => -> No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-08-14] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2014-06-19] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-08-14] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-01-30 19:07 - 2015-01-30 19:07 - 002169344 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2015-01-30 19:09 - 2015-01-30 19:09 - 000065024 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2015-01-30 19:05 - 2015-01-30 19:05 - 000055296 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2015-01-30 19:05 - 2015-01-30 19:05 - 000035840 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2015-01-30 19:06 - 2015-01-30 19:06 - 000715264 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\storeng.dll
2010-11-18 21:08 - 2010-11-18 21:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2014-10-07 07:13 - 2014-10-07 07:13 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2014-10-07 07:04 - 2013-04-02 00:19 - 000574464 _____ (Realtek Semiconductor Corp. ) [File not signed] C:\Windows\system32\Rtlihvs.dll
2019-05-16 23:27 - 2017-12-22 00:15 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-05-16 23:27 - 2017-12-22 00:15 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-05-16 23:27 - 2018-04-10 16:01 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-05-16 23:27 - 2018-04-10 16:02 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-05-16 23:27 - 2018-04-10 16:02 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-05-16 23:27 - 2018-04-10 16:02 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-05-16 23:27 - 2018-04-10 16:02 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-05-16 23:27 - 2018-04-10 16:02 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\TomikCR:Heroes & Generals [38]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\101hotteens.com -> 101hotteens.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\101lottery.com -> 101lottery.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\123expressview.com -> 123expressview.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\123found.com -> 123found.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\123keno.com -> 123keno.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\12don.info -> 12don.info
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\143fuck.com -> 143fuck.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\17gamo.com -> 17gamo.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\17webplace.com -> 17webplace.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\180solutions.com -> 180solutions.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1autocity.com -> 1autocity.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1ive.net -> 1ive.net
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1se.ru -> 1se.ru
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1sexparty.com -> 1sexparty.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1stfind.com -> 1stfind.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1stpagehere.com -> 1stpagehere.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1traff.us -> 1traff.us
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1ze.net -> 1ze.net
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\2-antispyware.com -> 2-antispyware.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\2004search.cc -> 2004search.cc
There are 4768 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-05-27 20:14 - 2019-05-27 20:14 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
2019-02-20 19:50 - 2019-05-29 18:08 - 000000402 _____ C:\Windows\system32\drivers\etc\hosts.ics
188.175.77.153 Notebook-Tom�
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img3.jpg
DNS Servers: 94.74.192.252 - 94.74.192.244
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "CCleaner Monitoring"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "CCleaner Monitoring"
HKLM\...\StartupApproved\Run32: => "Steam"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\StartupApproved\Run: => "Power2GoExpress8"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\StartupApproved\Run: => "AppEx Accelerator UI"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\StartupApproved\Run: => "GarminExpress"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1CC34E28-E6C3-4711-9B47-D8EAD2CBCEA5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{9BA61F3C-C2C8-4054-9168-35ECE97EE20C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{6D885129-B6D9-4ECB-91D4-AD966BD89099}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{8C7B268B-3BFF-494F-B644-B2099B5B2E59}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{B36222F1-0222-4BFD-A2F0-2F33A0C21900}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{E68BA144-7CD2-4E62-8A1E-546787B35C64}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7614C90A-4AFA-4ADA-8636-46988E56B843}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\Blacklist_Launcher.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{73465108-B366-494D-9CE4-E1790F6DB230}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\Blacklist_Launcher.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{46D02ECA-7F70-4628-B481-1559B37FEAF5}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_game.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{53F70477-B064-4A71-AFC4-D258D3D2B9C5}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_game.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{073C541A-8F21-4128-97EE-5B4D2AAECD9F}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_DX11_game.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{5F0FE4F5-3BEB-428F-9242-2A3D9E8F28DD}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_DX11_game.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{60BDCEBA-C904-4645-A721-D73955C84B83}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\gu.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{C1FA443D-BEA6-4910-9541-179C82298979}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\gu.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{47AA6F04-B56C-4E51-A30E-518C1BF30A32}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{692EBF71-F9F4-4C8B-8EEB-9FDED0E20070}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F84D609A-0B14-4C13-AC73-7905CBF27163}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{0959806F-1C68-4E6A-B41E-7D0F3173E088}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{5E7846A6-6E66-4CE2-99DD-7EC34415A395}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{9FC260E1-61E6-49DB-84C6-D6545E69FC41}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{627D54CE-5120-4BAD-AB02-176DC8A5309A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe (MachineGames) [File not signed]
FirewallRules: [{BF6D9EB9-E902-4061-94D5-31A205C25313}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe (MachineGames) [File not signed]
FirewallRules: [{86A4BDC1-8387-49B0-BC5B-E1BC7C939C3C}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{266C9AFE-147A-4B45-9FC4-890F6ED2B69B}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{4E74BF82-92A6-4B11-9E9D-8E6FD22E5325}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe (City Interactive S.A.) [File not signed]
FirewallRules: [{D6680FE9-B4AB-4E18-B458-28C0C7012DB1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe (City Interactive S.A.) [File not signed]
FirewallRules: [{FDED86D2-584F-428E-97CD-73709B9D0FB9}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{7A19DD6E-504C-42A6-AFDC-ECB485EBEB54}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{9C27559B-2275-4197-BDE8-43220765AAD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe (MachineGames) [File not signed]
FirewallRules: [{BB4BF445-99C3-49DB-8B69-9474AF762A1F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe (MachineGames) [File not signed]
FirewallRules: [{4F1BA0D9-0A72-4D32-AE5D-AF47A05F4911}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{37A2BC21-31AB-43F6-9491-99F2D939EEA9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{69EC0605-925B-417D-A499-DBD6510B606C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe (Activision Publishing Inc -> )
FirewallRules: [{9061CD86-F8DB-4B68-B3C7-5D81D7D9D72A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe (Activision Publishing Inc -> )
FirewallRules: [{7CE032A4-61F1-416F-9B95-BEEF73471C2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe (Valve Corp. -> ) [File not signed]
FirewallRules: [{DF5CC741-2046-4D0B-851D-6C223D8AB330}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe (Valve Corp. -> ) [File not signed]
FirewallRules: [TCP Query User{05309AE3-DC54-400C-9928-FCDF471FEE0A}C:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\src\system\blacklist_game.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\src\system\blacklist_game.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [UDP Query User{115DDC04-8D88-4A68-ACC4-5DDBE5888403}C:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\src\system\blacklist_game.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\src\system\blacklist_game.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{186EC5C2-0784-4BC6-AFAE-BBB8675B6E5F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{AE9FF3DB-0E1D-4E28-A5C3-0FE42067EBD8}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{9F3AD359-2093-4F9E-80CC-8E7783A32B9D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{ACDF59EE-BFE4-484F-9191-90DDBB2502D2}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{E9D01CC9-666C-49D2-A12B-637C4F95BF7F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{1D4B9D9F-EA76-44B7-99EC-337AF4F1D137}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{DF622A73-8EBF-4756-A660-097AAC1B4635}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warface\WarfaceMycomSteamLoader.exe (my.com .BV -> MY.COM B.V.)
FirewallRules: [{4536DBB5-B147-45B2-A2F0-EBBDDE8013C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warface\WarfaceMycomSteamLoader.exe (my.com .BV -> MY.COM B.V.)
FirewallRules: [TCP Query User{574D986B-805E-4B81-9D0F-552CBF5A7A90}C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe (Mail.Ru, LLC -> )
FirewallRules: [UDP Query User{7D5EEF70-0C79-4BDD-857F-331494E4580C}C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe (Mail.Ru, LLC -> )
FirewallRules: [{9A33CA2F-5E1F-43EA-862F-1178CF153423}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{DAC7188F-784F-4FF1-BCC1-32BD3CD55AA0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [TCP Query User{D2A7E6F5-66BF-4A06-8434-523326665DBF}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [UDP Query User{D423CBAE-33E1-4963-A346-FCAB90330724}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [{D84C10A5-12FA-496B-8B99-7FA0D1ECD198}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Psi Project Legacy\PSI PROJECT LEGACY.exe () [File not signed]
FirewallRules: [{F8063F35-3F26-45DF-BF77-F80A719024A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Psi Project Legacy\PSI PROJECT LEGACY.exe () [File not signed]
FirewallRules: [{09AA2C6F-5F4D-4D86-9D51-F0F447915758}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mumps\nw.exe (The NWJS Community) [File not signed]
FirewallRules: [{5754CA55-9824-44D3-A4A5-24E0BC05502D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mumps\nw.exe (The NWJS Community) [File not signed]
FirewallRules: [{D0C32D11-A332-4E4D-84B3-A49FE199F9B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops\BlackOpsMP.exe (Valve Corp. -> )
FirewallRules: [{C9FAB298-AFB1-4A6F-A6BA-CD6C74D705E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops\BlackOpsMP.exe (Valve Corp. -> )
FirewallRules: [{FA5158E2-A14C-4C82-AC2A-E81671B4903D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops\BlackOps.exe (Valve Corp. -> )
FirewallRules: [{25B03860-6CE9-4497-9499-E912A867042B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops\BlackOps.exe (Valve Corp. -> )
FirewallRules: [TCP Query User{2EAB1902-2E54-46F4-9CCB-5CD84CD94D1E}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe] => (Block) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [UDP Query User{94C8B6F6-AAD4-4136-8158-B5B375BBC870}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe] => (Block) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [{DBAE770F-BEF2-4A12-9AE9-FA126A012267}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Conviction\src\system\Conviction_game.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{DB858070-7DC0-4CFF-A4AB-ABED4811BEF6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Conviction\src\system\Conviction_game.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{1B274286-DC7C-494E-8B4F-228156F7A182}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe (City Interactive S.A.) [File not signed]
FirewallRules: [{0968915E-C9E2-4356-BF4C-23F4FA2995C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe (City Interactive S.A.) [File not signed]
FirewallRules: [{92CC7308-332C-4A85-9415-FE3ACE9095C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Turing Test\TheTuringTest\Binaries\Win64\TheTuringTest.exe (Bulkhead Interactive) [File not signed]
FirewallRules: [{35311A43-F6F4-41BA-8A03-C543C8EA8A5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Turing Test\TheTuringTest\Binaries\Win64\TheTuringTest.exe (Bulkhead Interactive) [File not signed]
FirewallRules: [{6174B5C2-ECEC-4F53-B605-9C940B0AB125}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{3C6B07A5-0FFA-47DF-BD4C-C4A25D70A70D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{88E36055-0441-42CF-9D08-E2E8684F05C1}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{2D7215B7-3424-418C-A4C7-71F08CA459DE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{E2AFC978-F0CB-42AB-9563-CD0FC7DA5466}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{40AB49F5-FD91-4342-81B3-AF3623379577}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{EC7E9684-746E-4D6E-A740-ECCFBCB9E32F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{A23CF9B2-8D66-4131-B59D-211EBBDF0FDD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{69A0B5C9-932E-41BA-B8E6-D02621048179}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{2C7BE513-7021-4504-B358-EB5B6266A6F3}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Warfighter\MOHW.exe (Electronic Arts -> Danger Close Games)
FirewallRules: [{1DA81555-8574-4F05-852B-892A891B41AF}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Warfighter\MOHW.exe (Electronic Arts -> Danger Close Games)
FirewallRules: [{5662E037-4296-465D-88F9-97C9051853B0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
==================== Restore Points =========================
12-05-2019 14:25:42 Naplánovaný kontrolní bod
15-05-2019 18:57:48 Windows Update
18-05-2019 20:50:39 Installed Samsung Kies
20-05-2019 22:27:43 Installed HP Support Assistant
26-05-2019 18:42:35 JRT Pre-Junkware Removal
27-05-2019 20:13:20 zoek.exe restore point
Ran by TomikCR (29-05-2019 22:24:23)
Running from C:\Users\TomikCR\Desktop
Windows 8.1 (Update) (X64) (2014-10-27 13:40:42)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1268798374-1140181337-1142225549-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-1268798374-1140181337-1142225549-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1268798374-1140181337-1142225549-1004 - Limited - Enabled)
TomikCR (S-1-5-21-1268798374-1140181337-1142225549-1002 - Administrator - Enabled) => C:\Users\TomikCR
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.192 - Adobe)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1345, 26.03.2014 - AIMP DevTeam)
AMD Catalyst Install Manager (HKLM\...\{572C982F-95F5-0562-AE8F-8A9D7D024A88}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Asoftech Data Recovery (HKLM-x32\...\{1AED6EB7-8FEA-4021-B8FD-EBAA6B21679F}) (Version: 1.00 - )
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CamStudio (HKLM-x32\...\CamStudio) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CrystalDiskInfo 8.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.0.0 - Crystal Dew World)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.9.4928 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.4.6303 - Název společnosti:) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.4.6303 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.6.5104 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.9.5009 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.3.3812 - Název společnosti:) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.3.3812 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.6.5011 - CyberLink Corp.)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
DummyInstaller (HKLM-x32\...\{E2210743-20C9-48E3-BA03-B1E39772E662}) (Version: 1.0.0 - Microsoft)
Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
FormatFactory 3.9.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.9.5.0 - Free Time)
Foxit PhantomPDF (HKLM-x32\...\{89BF1D4D-1D62-451E-9496-B971BDE82720}) (Version: 6.0.33.715 - Foxit Corporation)
Free Video Cutter 1.3 (HKLM-x32\...\FreeVideoCutter) (Version: - Tomatosoft)
Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries)
Glary Duplicate Cleaner 5.0.1.20 (HKLM-x32\...\Glary Duplicate Cleaner) (Version: 5.0.1.20 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{9D7BFF2A-F810-4E35-BE2C-A6CB4B9202DB}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.39 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{1E14ACF0-1480-4467-A73D-67C4FD35A5F4}) (Version: 8.7.50.3 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{A0310A3B-73AB-4E81-ABB6-8D4CEF8C0AA6}) (Version: 12.10.49.21 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{E8F2076D-1885-4A0F-83D8-77B1F9D384CE}) (Version: 2.5.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.39 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.39 - Softex Inc.) Hidden
jwDuplFiles 2.0 (HKLM-x32\...\jwDuplFiles_is1) (Version: - jw)
LG United Mobile Drivers (HKLM-x32\...\{73EAAF2F-9A69-409B-832F-2DCD0371CD44}) (Version: 3.11.3.0 - LG Electronics)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Medal of Honor™ Warfighter (HKLM-x32\...\{1040143F-FEFB-4B90-8E51-E47D40E14C4E}) (Version: 1.0.0.3 - Electronic Arts)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Název společnosti:)
OEM Application Profile (HKLM-x32\...\{8F92E0CF-620B-5C20-F292-59C93567B06D}) (Version: 1.00.0000 - Název společnosti:) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{C560D6E7-E40A-435D-8B71-62CBCF1701B2}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.38.25027 - Electronic Arts, Inc.)
PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version: - )
Photo Story 3 for Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
PicosmosTools 1.3.0.0 (HKLM-x32\...\PicosmosTools) (Version: 1.3.0.0 - Free Time)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.0.2700 - Jan Fiala)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.24 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7231 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.38 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
RogueKiller version 13.2.1.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.2.1.0 - Adlice Software)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Splinter Cell Conviction (HKLM-x32\...\Uplay Install 2) (Version: - Ubisoft)
SRWare Iron verze 66.0.3450.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: 66.0.3450.0 - SRWare)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.03 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
XLS Reader (HKLM-x32\...\{30D6D257-BE4B-48F2-8D9E-E787A52A0738}_is1) (Version: 1.0 - )
Zemana AntiMalware verze 3.1.210 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.210 - Zemana)
Packages:
=========
Box for Windows 8 -> C:\Program Files\WindowsApps\134D4F5B.Box_2.1.4.4_neutral__2qk4zy5s3qmee [2017-12-07] (Box, Inc.)
HP Connected Music -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedMusic_1.5.0.253_x86__v10z8vjag6ke6 [2017-12-07] (Hewlett-Packard Company)
McAfee® Central for HP -> C:\Program Files\WindowsApps\2703103D.McAfeeCentral_5.0.177.1_x64__4ehj4w4frejdr [2018-04-03] (.-McAfee Inc-.)
Prima PLAY -> C:\Program Files\WindowsApps\PrimaOn-line.PrimaPLAY_1.0.0.11_x64__v0phzxb1wbfgp [2017-12-07] (Prima On-line)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_1.18.3.0_x64__8wekyb3d8bbwe [2017-12-07] (Microsoft Corporation)
Výběr prohlížeče -> C:\Windows\BrowserChoice [2014-10-29] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
CustomCLSID: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002_Classes\CLSID\{F09690BD-582D-4439-B6ED-5C2545D2F424}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Windows -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => -> No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-08-14] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2014-06-19] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-08-14] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-01-30 19:07 - 2015-01-30 19:07 - 002169344 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2015-01-30 19:09 - 2015-01-30 19:09 - 000065024 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2015-01-30 19:05 - 2015-01-30 19:05 - 000055296 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2015-01-30 19:05 - 2015-01-30 19:05 - 000035840 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2015-01-30 19:06 - 2015-01-30 19:06 - 000715264 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\storeng.dll
2010-11-18 21:08 - 2010-11-18 21:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2014-10-07 07:13 - 2014-10-07 07:13 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2014-10-07 07:04 - 2013-04-02 00:19 - 000574464 _____ (Realtek Semiconductor Corp. ) [File not signed] C:\Windows\system32\Rtlihvs.dll
2019-05-16 23:27 - 2017-12-22 00:15 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-05-16 23:27 - 2017-12-22 00:15 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-05-16 23:27 - 2018-04-10 16:01 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-05-16 23:27 - 2018-04-10 16:02 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-05-16 23:27 - 2018-04-10 16:02 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-05-16 23:27 - 2018-04-10 16:02 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-05-16 23:27 - 2018-04-10 16:02 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-05-16 23:27 - 2018-04-10 16:02 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\TomikCR:Heroes & Generals [38]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\101hotteens.com -> 101hotteens.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\101lottery.com -> 101lottery.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\123expressview.com -> 123expressview.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\123found.com -> 123found.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\123keno.com -> 123keno.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\12don.info -> 12don.info
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\143fuck.com -> 143fuck.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\17gamo.com -> 17gamo.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\17webplace.com -> 17webplace.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\180solutions.com -> 180solutions.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1autocity.com -> 1autocity.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1ive.net -> 1ive.net
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1se.ru -> 1se.ru
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1sexparty.com -> 1sexparty.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1stfind.com -> 1stfind.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1stpagehere.com -> 1stpagehere.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1traff.us -> 1traff.us
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1ze.net -> 1ze.net
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\2-antispyware.com -> 2-antispyware.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\2004search.cc -> 2004search.cc
There are 4768 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-05-27 20:14 - 2019-05-27 20:14 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
2019-02-20 19:50 - 2019-05-29 18:08 - 000000402 _____ C:\Windows\system32\drivers\etc\hosts.ics
188.175.77.153 Notebook-Tom�
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img3.jpg
DNS Servers: 94.74.192.252 - 94.74.192.244
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "CCleaner Monitoring"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "CCleaner Monitoring"
HKLM\...\StartupApproved\Run32: => "Steam"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\StartupApproved\Run: => "Power2GoExpress8"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\StartupApproved\Run: => "AppEx Accelerator UI"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\StartupApproved\Run: => "GarminExpress"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1CC34E28-E6C3-4711-9B47-D8EAD2CBCEA5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{9BA61F3C-C2C8-4054-9168-35ECE97EE20C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{6D885129-B6D9-4ECB-91D4-AD966BD89099}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{8C7B268B-3BFF-494F-B644-B2099B5B2E59}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{B36222F1-0222-4BFD-A2F0-2F33A0C21900}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{E68BA144-7CD2-4E62-8A1E-546787B35C64}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7614C90A-4AFA-4ADA-8636-46988E56B843}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\Blacklist_Launcher.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{73465108-B366-494D-9CE4-E1790F6DB230}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\Blacklist_Launcher.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{46D02ECA-7F70-4628-B481-1559B37FEAF5}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_game.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{53F70477-B064-4A71-AFC4-D258D3D2B9C5}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_game.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{073C541A-8F21-4128-97EE-5B4D2AAECD9F}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_DX11_game.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{5F0FE4F5-3BEB-428F-9242-2A3D9E8F28DD}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_DX11_game.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{60BDCEBA-C904-4645-A721-D73955C84B83}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\gu.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{C1FA443D-BEA6-4910-9541-179C82298979}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\gu.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{47AA6F04-B56C-4E51-A30E-518C1BF30A32}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{692EBF71-F9F4-4C8B-8EEB-9FDED0E20070}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F84D609A-0B14-4C13-AC73-7905CBF27163}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{0959806F-1C68-4E6A-B41E-7D0F3173E088}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{5E7846A6-6E66-4CE2-99DD-7EC34415A395}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{9FC260E1-61E6-49DB-84C6-D6545E69FC41}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{627D54CE-5120-4BAD-AB02-176DC8A5309A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe (MachineGames) [File not signed]
FirewallRules: [{BF6D9EB9-E902-4061-94D5-31A205C25313}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe (MachineGames) [File not signed]
FirewallRules: [{86A4BDC1-8387-49B0-BC5B-E1BC7C939C3C}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{266C9AFE-147A-4B45-9FC4-890F6ED2B69B}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{4E74BF82-92A6-4B11-9E9D-8E6FD22E5325}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe (City Interactive S.A.) [File not signed]
FirewallRules: [{D6680FE9-B4AB-4E18-B458-28C0C7012DB1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe (City Interactive S.A.) [File not signed]
FirewallRules: [{FDED86D2-584F-428E-97CD-73709B9D0FB9}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{7A19DD6E-504C-42A6-AFDC-ECB485EBEB54}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{9C27559B-2275-4197-BDE8-43220765AAD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe (MachineGames) [File not signed]
FirewallRules: [{BB4BF445-99C3-49DB-8B69-9474AF762A1F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe (MachineGames) [File not signed]
FirewallRules: [{4F1BA0D9-0A72-4D32-AE5D-AF47A05F4911}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{37A2BC21-31AB-43F6-9491-99F2D939EEA9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{69EC0605-925B-417D-A499-DBD6510B606C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe (Activision Publishing Inc -> )
FirewallRules: [{9061CD86-F8DB-4B68-B3C7-5D81D7D9D72A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe (Activision Publishing Inc -> )
FirewallRules: [{7CE032A4-61F1-416F-9B95-BEEF73471C2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe (Valve Corp. -> ) [File not signed]
FirewallRules: [{DF5CC741-2046-4D0B-851D-6C223D8AB330}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe (Valve Corp. -> ) [File not signed]
FirewallRules: [TCP Query User{05309AE3-DC54-400C-9928-FCDF471FEE0A}C:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\src\system\blacklist_game.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\src\system\blacklist_game.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [UDP Query User{115DDC04-8D88-4A68-ACC4-5DDBE5888403}C:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\src\system\blacklist_game.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\src\system\blacklist_game.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{186EC5C2-0784-4BC6-AFAE-BBB8675B6E5F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{AE9FF3DB-0E1D-4E28-A5C3-0FE42067EBD8}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{9F3AD359-2093-4F9E-80CC-8E7783A32B9D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{ACDF59EE-BFE4-484F-9191-90DDBB2502D2}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{E9D01CC9-666C-49D2-A12B-637C4F95BF7F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{1D4B9D9F-EA76-44B7-99EC-337AF4F1D137}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{DF622A73-8EBF-4756-A660-097AAC1B4635}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warface\WarfaceMycomSteamLoader.exe (my.com .BV -> MY.COM B.V.)
FirewallRules: [{4536DBB5-B147-45B2-A2F0-EBBDDE8013C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warface\WarfaceMycomSteamLoader.exe (my.com .BV -> MY.COM B.V.)
FirewallRules: [TCP Query User{574D986B-805E-4B81-9D0F-552CBF5A7A90}C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe (Mail.Ru, LLC -> )
FirewallRules: [UDP Query User{7D5EEF70-0C79-4BDD-857F-331494E4580C}C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe (Mail.Ru, LLC -> )
FirewallRules: [{9A33CA2F-5E1F-43EA-862F-1178CF153423}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{DAC7188F-784F-4FF1-BCC1-32BD3CD55AA0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [TCP Query User{D2A7E6F5-66BF-4A06-8434-523326665DBF}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [UDP Query User{D423CBAE-33E1-4963-A346-FCAB90330724}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [{D84C10A5-12FA-496B-8B99-7FA0D1ECD198}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Psi Project Legacy\PSI PROJECT LEGACY.exe () [File not signed]
FirewallRules: [{F8063F35-3F26-45DF-BF77-F80A719024A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Psi Project Legacy\PSI PROJECT LEGACY.exe () [File not signed]
FirewallRules: [{09AA2C6F-5F4D-4D86-9D51-F0F447915758}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mumps\nw.exe (The NWJS Community) [File not signed]
FirewallRules: [{5754CA55-9824-44D3-A4A5-24E0BC05502D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mumps\nw.exe (The NWJS Community) [File not signed]
FirewallRules: [{D0C32D11-A332-4E4D-84B3-A49FE199F9B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops\BlackOpsMP.exe (Valve Corp. -> )
FirewallRules: [{C9FAB298-AFB1-4A6F-A6BA-CD6C74D705E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops\BlackOpsMP.exe (Valve Corp. -> )
FirewallRules: [{FA5158E2-A14C-4C82-AC2A-E81671B4903D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops\BlackOps.exe (Valve Corp. -> )
FirewallRules: [{25B03860-6CE9-4497-9499-E912A867042B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops\BlackOps.exe (Valve Corp. -> )
FirewallRules: [TCP Query User{2EAB1902-2E54-46F4-9CCB-5CD84CD94D1E}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe] => (Block) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [UDP Query User{94C8B6F6-AAD4-4136-8158-B5B375BBC870}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe] => (Block) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [{DBAE770F-BEF2-4A12-9AE9-FA126A012267}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Conviction\src\system\Conviction_game.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{DB858070-7DC0-4CFF-A4AB-ABED4811BEF6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Conviction\src\system\Conviction_game.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{1B274286-DC7C-494E-8B4F-228156F7A182}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe (City Interactive S.A.) [File not signed]
FirewallRules: [{0968915E-C9E2-4356-BF4C-23F4FA2995C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe (City Interactive S.A.) [File not signed]
FirewallRules: [{92CC7308-332C-4A85-9415-FE3ACE9095C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Turing Test\TheTuringTest\Binaries\Win64\TheTuringTest.exe (Bulkhead Interactive) [File not signed]
FirewallRules: [{35311A43-F6F4-41BA-8A03-C543C8EA8A5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Turing Test\TheTuringTest\Binaries\Win64\TheTuringTest.exe (Bulkhead Interactive) [File not signed]
FirewallRules: [{6174B5C2-ECEC-4F53-B605-9C940B0AB125}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{3C6B07A5-0FFA-47DF-BD4C-C4A25D70A70D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{88E36055-0441-42CF-9D08-E2E8684F05C1}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{2D7215B7-3424-418C-A4C7-71F08CA459DE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{E2AFC978-F0CB-42AB-9563-CD0FC7DA5466}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{40AB49F5-FD91-4342-81B3-AF3623379577}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{EC7E9684-746E-4D6E-A740-ECCFBCB9E32F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{A23CF9B2-8D66-4131-B59D-211EBBDF0FDD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{69A0B5C9-932E-41BA-B8E6-D02621048179}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{2C7BE513-7021-4504-B358-EB5B6266A6F3}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Warfighter\MOHW.exe (Electronic Arts -> Danger Close Games)
FirewallRules: [{1DA81555-8574-4F05-852B-892A891B41AF}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Warfighter\MOHW.exe (Electronic Arts -> Danger Close Games)
FirewallRules: [{5662E037-4296-465D-88F9-97C9051853B0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
==================== Restore Points =========================
12-05-2019 14:25:42 Naplánovaný kontrolní bod
15-05-2019 18:57:48 Windows Update
18-05-2019 20:50:39 Installed Samsung Kies
20-05-2019 22:27:43 Installed HP Support Assistant
26-05-2019 18:42:35 JRT Pre-Junkware Removal
27-05-2019 20:13:20 zoek.exe restore point
Re: Prosím o kontrolu logu - hučící větrák, zpomalený počítač, zamrzání stránek
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/27/2019 08:45:53 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (05/27/2019 08:13:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DaS_21.exe, verze: 2.1.0.4, časové razítko: 0x540c90b2
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.19358, časové razítko: 0x5ccfa112
Kód výjimky: 0xe0434352
Posun chyby: 0x00000000000085bc
ID chybujícího procesu: 0xc74
Čas spuštění chybující aplikace: 0x01d514b7f0f1a45e
Cesta k chybující aplikaci: C:\Users\TomikCR\AppData\Local\Temp\DaS_21.exe
Cesta k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll
ID zprávy: 2fabe491-80ab-11e9-8337-8cdcd48d65de
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/27/2019 08:13:54 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: DaS_21.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ArgumentOutOfRangeException
na System.Console.SetWindowSize(Int32, Int32)
na DriverAndServicesOut.Program.Main(System.String[])
Error: (05/20/2019 11:45:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HPPerformanceTuneup.exe, verze: 1.0.5.1, časové razítko: 0x5ad0d16c
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.19358, časové razítko: 0x5ccf981a
Kód výjimky: 0xe0434352
Posun chyby: 0x00013ce8
ID chybujícího procesu: 0x1364
Čas spuštění chybující aplikace: 0x01d50f4c1e205e9b
Cesta k chybující aplikaci: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPerformanceTuneup\HPPerformanceTuneup.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\KERNELBASE.dll
ID zprávy: 92e286d2-7b48-11e9-8336-8cdcd48d65de
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/20/2019 11:45:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: HPPerformanceTuneup.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.DirectoryNotFoundException
na System.IO.__Error.WinIOError(Int32, System.String)
na System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)
na System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32)
na System.Xml.XmlDownloadManager.GetStream(System.Uri, System.Net.ICredentials, System.Net.IWebProxy, System.Net.Cache.RequestCachePolicy)
na System.Xml.XmlUrlResolver.GetEntity(System.Uri, System.String, System.Type)
na System.Xml.XmlTextReaderImpl.OpenUrlDelegate(System.Object)
na System.Threading.CompressedStack.runTryCode(System.Object)
na System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode, CleanupCode, System.Object)
na System.Threading.CompressedStack.Run(System.Threading.CompressedStack, System.Threading.ContextCallback, System.Object)
na System.Xml.XmlTextReaderImpl.OpenUrl()
na System.Xml.XmlTextReaderImpl.Read()
na System.Xml.XmlTextReader.Read()
na HPPTU.Model.HPPTUXMLLogging.ReadXML(Int32)
na HPPTU.ViewModel.MainWindowVM.OnPerformanceActionsComplete()
na HPPTU.ViewModel.MainWindowVM.ExecutePerformanceActions(System.Collections.Generic.List`1<Int32>)
na HPPTU.ViewModel.MainWindowVM+<>c__DisplayClass243_0.<ExecuteOptimization>b__0()
na System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()
Error: (05/20/2019 10:29:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.19358_none_6244092fecba36f7.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.19358_none_a9f1400701365ffd.manifest.
Error: (05/20/2019 10:09:29 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.19358_none_6244092fecba36f7.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.19358_none_a9f1400701365ffd.manifest.
Error: (05/18/2019 10:42:03 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.19358_none_6244092fecba36f7.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.19358_none_a9f1400701365ffd.manifest.
System errors:
=============
Error: (05/29/2019 10:03:14 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Hlavní prohledávač přijal oznámení serveru od počítače ROUTER,
který se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{CA7B9554-2C11-424B-BDEE-2333473482ED}.
Hlavní prohledávač bude ukončen nebo bude vyvolána volba.
Error: (05/29/2019 09:54:00 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 188.175.77.153.
Počítač s IP adresou 188.175.77.190 nepovolil získání názvu
tímto počítačem.
Error: (05/29/2019 06:26:48 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Tomáš)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/29/2019 06:26:18 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Tomáš)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/29/2019 06:20:27 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Hlavní prohledávač přijal oznámení serveru od počítače ROUTER,
který se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{CA7B9554-2C11-424B-BDEE-2333473482ED}.
Hlavní prohledávač bude ukončen nebo bude vyvolána volba.
Error: (05/29/2019 06:08:58 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: Přidělování DHCP bylo automaticky vypnuto u IP adresy 188.175.77.153, protože tato adresa nepatří do oboru 192.168.137.0/255.255.255.0, ze kterého jsou přidělovány adresy klientům DHCP. Chcete-li přidělování DHCP u této IP adresy zapnout, změňte obor tak, aby tuto IP adresu zahrnoval, nebo změňte IP adresu tak, aby patřila do oboru.
Error: (05/29/2019 06:08:58 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: Službě ICS_IPV6 se nepodařilo nakonfigurovat zásobník IPv6.
Error: (05/29/2019 09:33:15 AM) (Source: DCOM) (EventID: 10010) (User: Notebook-Tomáš)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2019-05-29 22:15:58.232
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: Trojan:Win32/Detplock
ID: 2147680291
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\TomikCR\Downloads\CrystalDiskInfo8_0_0.exe;webfile:_C:\Users\TomikCR\Downloads\CrystalDiskInfo8_0_0.exe|https://ftp.stahuj.cz/dl/4310c2add379edefb9cfd5264afe9736/5ceee875/stahuj/download/software/secured/lista/c/crystaldiskinfo/800/instalace/CrystalDiskInfo8_0_0.exe|chrome.exe
Původ zjišťování: Internet
Typ zjišťování: FastPath
Zdroj zjišťování: Soubory ke stažení a přílohy
Uživatel: Notebook-Tomáš\TomikCR
Název procesu: Unknown
Verze podpisu: AV: 1.293.2505.0, AS: 1.293.2505.0, NIS: 119.0.0.0
Verze modulu: AM: 1.1.15900.4, NIS: 2.1.14600.4
Date: 2019-05-29 22:14:25.528
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: Trojan:Win32/Detplock
ID: 2147680291
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\TomikCR\Downloads\CrystalDiskInfo8_0_0.exe;webfile:_C:\Users\TomikCR\Downloads\CrystalDiskInfo8_0_0.exe|https://ftp.stahuj.cz/dl/398eb95da4a4f28e4cf5ebe86db33554/5ceee7f4/stahuj/download/software/secured/lista/c/crystaldiskinfo/800/instalace/CrystalDiskInfo8_0_0.exe|chrome.exe
Původ zjišťování: Internet
Typ zjišťování: FastPath
Zdroj zjišťování: Soubory ke stažení a přílohy
Uživatel: Notebook-Tomáš\TomikCR
Název procesu: Unknown
Verze podpisu: AV: 1.293.2505.0, AS: 1.293.2505.0, NIS: 119.0.0.0
Verze modulu: AM: 1.1.15900.4, NIS: 2.1.14600.4
Date: 2019-05-29 18:28:09.154
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A5E3527A-83BC-45AF-83EE-9634E11BAAB0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-05-28 18:06:20.631
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CDF0CD02-4AD0-4986-B6C3-6F43EED81A0B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-05-26 12:03:04.135
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D6EAC0FF-92F7-4365-898B-BE0C2694EBD3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-05-18 18:22:37.248
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.293.1804.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.
Date: 2019-05-18 18:22:37.247
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.293.1804.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.
Date: 2019-05-18 18:22:36.372
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.
Date: 2019-05-18 18:22:36.371
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.
Date: 2019-05-18 18:22:24.875
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.293.1804.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x80240016
Popis chyby ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2019-05-29 22:15:58.227
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-05-29 22:15:57.654
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-05-29 22:14:42.566
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-05-29 22:14:41.787
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-05-29 22:14:25.047
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-05-29 22:14:24.345
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-05-27 21:29:16.356
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-05-27 21:29:15.807
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F.43 08/19/2015
Motherboard: Hewlett-Packard 22C8
Processor: AMD A10-5745M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 33%
Total physical RAM: 7364.65 MB
Available physical RAM: 4921.93 MB
Total Virtual: 8516.65 MB
Available Virtual: 5568.98 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:911.85 GB) (Free:475.86 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:18.64 GB) (Free:2.03 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{ad6ee12d-bb7d-4b6d-93b7-c712da00adee}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.36 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9EF76B68)
Partition: GPT.
==================== End of Addition.txt ============================
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/27/2019 08:45:53 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (05/27/2019 08:13:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DaS_21.exe, verze: 2.1.0.4, časové razítko: 0x540c90b2
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.19358, časové razítko: 0x5ccfa112
Kód výjimky: 0xe0434352
Posun chyby: 0x00000000000085bc
ID chybujícího procesu: 0xc74
Čas spuštění chybující aplikace: 0x01d514b7f0f1a45e
Cesta k chybující aplikaci: C:\Users\TomikCR\AppData\Local\Temp\DaS_21.exe
Cesta k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll
ID zprávy: 2fabe491-80ab-11e9-8337-8cdcd48d65de
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/27/2019 08:13:54 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: DaS_21.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ArgumentOutOfRangeException
na System.Console.SetWindowSize(Int32, Int32)
na DriverAndServicesOut.Program.Main(System.String[])
Error: (05/20/2019 11:45:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HPPerformanceTuneup.exe, verze: 1.0.5.1, časové razítko: 0x5ad0d16c
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.19358, časové razítko: 0x5ccf981a
Kód výjimky: 0xe0434352
Posun chyby: 0x00013ce8
ID chybujícího procesu: 0x1364
Čas spuštění chybující aplikace: 0x01d50f4c1e205e9b
Cesta k chybující aplikaci: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPerformanceTuneup\HPPerformanceTuneup.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\KERNELBASE.dll
ID zprávy: 92e286d2-7b48-11e9-8336-8cdcd48d65de
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/20/2019 11:45:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: HPPerformanceTuneup.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.DirectoryNotFoundException
na System.IO.__Error.WinIOError(Int32, System.String)
na System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)
na System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32)
na System.Xml.XmlDownloadManager.GetStream(System.Uri, System.Net.ICredentials, System.Net.IWebProxy, System.Net.Cache.RequestCachePolicy)
na System.Xml.XmlUrlResolver.GetEntity(System.Uri, System.String, System.Type)
na System.Xml.XmlTextReaderImpl.OpenUrlDelegate(System.Object)
na System.Threading.CompressedStack.runTryCode(System.Object)
na System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode, CleanupCode, System.Object)
na System.Threading.CompressedStack.Run(System.Threading.CompressedStack, System.Threading.ContextCallback, System.Object)
na System.Xml.XmlTextReaderImpl.OpenUrl()
na System.Xml.XmlTextReaderImpl.Read()
na System.Xml.XmlTextReader.Read()
na HPPTU.Model.HPPTUXMLLogging.ReadXML(Int32)
na HPPTU.ViewModel.MainWindowVM.OnPerformanceActionsComplete()
na HPPTU.ViewModel.MainWindowVM.ExecutePerformanceActions(System.Collections.Generic.List`1<Int32>)
na HPPTU.ViewModel.MainWindowVM+<>c__DisplayClass243_0.<ExecuteOptimization>b__0()
na System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()
Error: (05/20/2019 10:29:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.19358_none_6244092fecba36f7.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.19358_none_a9f1400701365ffd.manifest.
Error: (05/20/2019 10:09:29 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.19358_none_6244092fecba36f7.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.19358_none_a9f1400701365ffd.manifest.
Error: (05/18/2019 10:42:03 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.19358_none_6244092fecba36f7.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.19358_none_a9f1400701365ffd.manifest.
System errors:
=============
Error: (05/29/2019 10:03:14 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Hlavní prohledávač přijal oznámení serveru od počítače ROUTER,
který se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{CA7B9554-2C11-424B-BDEE-2333473482ED}.
Hlavní prohledávač bude ukončen nebo bude vyvolána volba.
Error: (05/29/2019 09:54:00 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 188.175.77.153.
Počítač s IP adresou 188.175.77.190 nepovolil získání názvu
tímto počítačem.
Error: (05/29/2019 06:26:48 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Tomáš)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/29/2019 06:26:18 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Tomáš)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/29/2019 06:20:27 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Hlavní prohledávač přijal oznámení serveru od počítače ROUTER,
který se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{CA7B9554-2C11-424B-BDEE-2333473482ED}.
Hlavní prohledávač bude ukončen nebo bude vyvolána volba.
Error: (05/29/2019 06:08:58 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: Přidělování DHCP bylo automaticky vypnuto u IP adresy 188.175.77.153, protože tato adresa nepatří do oboru 192.168.137.0/255.255.255.0, ze kterého jsou přidělovány adresy klientům DHCP. Chcete-li přidělování DHCP u této IP adresy zapnout, změňte obor tak, aby tuto IP adresu zahrnoval, nebo změňte IP adresu tak, aby patřila do oboru.
Error: (05/29/2019 06:08:58 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: Službě ICS_IPV6 se nepodařilo nakonfigurovat zásobník IPv6.
Error: (05/29/2019 09:33:15 AM) (Source: DCOM) (EventID: 10010) (User: Notebook-Tomáš)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2019-05-29 22:15:58.232
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: Trojan:Win32/Detplock
ID: 2147680291
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\TomikCR\Downloads\CrystalDiskInfo8_0_0.exe;webfile:_C:\Users\TomikCR\Downloads\CrystalDiskInfo8_0_0.exe|https://ftp.stahuj.cz/dl/4310c2add379edefb9cfd5264afe9736/5ceee875/stahuj/download/software/secured/lista/c/crystaldiskinfo/800/instalace/CrystalDiskInfo8_0_0.exe|chrome.exe
Původ zjišťování: Internet
Typ zjišťování: FastPath
Zdroj zjišťování: Soubory ke stažení a přílohy
Uživatel: Notebook-Tomáš\TomikCR
Název procesu: Unknown
Verze podpisu: AV: 1.293.2505.0, AS: 1.293.2505.0, NIS: 119.0.0.0
Verze modulu: AM: 1.1.15900.4, NIS: 2.1.14600.4
Date: 2019-05-29 22:14:25.528
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: Trojan:Win32/Detplock
ID: 2147680291
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\TomikCR\Downloads\CrystalDiskInfo8_0_0.exe;webfile:_C:\Users\TomikCR\Downloads\CrystalDiskInfo8_0_0.exe|https://ftp.stahuj.cz/dl/398eb95da4a4f28e4cf5ebe86db33554/5ceee7f4/stahuj/download/software/secured/lista/c/crystaldiskinfo/800/instalace/CrystalDiskInfo8_0_0.exe|chrome.exe
Původ zjišťování: Internet
Typ zjišťování: FastPath
Zdroj zjišťování: Soubory ke stažení a přílohy
Uživatel: Notebook-Tomáš\TomikCR
Název procesu: Unknown
Verze podpisu: AV: 1.293.2505.0, AS: 1.293.2505.0, NIS: 119.0.0.0
Verze modulu: AM: 1.1.15900.4, NIS: 2.1.14600.4
Date: 2019-05-29 18:28:09.154
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A5E3527A-83BC-45AF-83EE-9634E11BAAB0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-05-28 18:06:20.631
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CDF0CD02-4AD0-4986-B6C3-6F43EED81A0B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-05-26 12:03:04.135
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D6EAC0FF-92F7-4365-898B-BE0C2694EBD3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-05-18 18:22:37.248
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.293.1804.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.
Date: 2019-05-18 18:22:37.247
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.293.1804.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.
Date: 2019-05-18 18:22:36.372
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.
Date: 2019-05-18 18:22:36.371
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.
Date: 2019-05-18 18:22:24.875
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.293.1804.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x80240016
Popis chyby ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2019-05-29 22:15:58.227
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-05-29 22:15:57.654
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-05-29 22:14:42.566
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-05-29 22:14:41.787
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-05-29 22:14:25.047
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-05-29 22:14:24.345
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-05-27 21:29:16.356
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-05-27 21:29:15.807
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F.43 08/19/2015
Motherboard: Hewlett-Packard 22C8
Processor: AMD A10-5745M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 33%
Total physical RAM: 7364.65 MB
Available physical RAM: 4921.93 MB
Total Virtual: 8516.65 MB
Available Virtual: 5568.98 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:911.85 GB) (Free:475.86 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:18.64 GB) (Free:2.03 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{ad6ee12d-bb7d-4b6d-93b7-c712da00adee}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.36 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9EF76B68)
Partition: GPT.
==================== End of Addition.txt ============================
Re: Prosím o kontrolu logu - hučící větrák, zpomalený počítač, zamrzání stránek
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05.2019
Ran by TomikCR (administrator) on NOTEBOOK-TOMÁŠ (Hewlett-Packard HP Pavilion 17 Notebook PC) (29-05-2019 22:23:14)
Running from C:\Users\TomikCR\Desktop
Loaded Profiles: TomikCR (Available Profiles: TomikCR & Administrator)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2017-05-30] (Raptr, Inc -> Raptr, Inc)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318112 2017-11-15] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1720584 2015-02-09] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation -> AppEx Networks Corporation)
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30796352 2018-10-24] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\MountPoints2: {24684548-5eda-11e9-8332-8cdcd48d65de} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\MountPoints2: {32cface4-3fdb-11e7-82ef-8cdcd48d65de} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\MountPoints2: {3b3586ed-7537-11e6-82d9-8cdcd48d65de} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\MountPoints2: {54023be7-c9cd-11e6-82e6-8cdcd48d65de} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\MountPoints2: {95276210-179b-11e6-82bc-1008b1bf986d} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\MountPoints2: {9762049a-c2a9-11e8-8322-8cdcd48d65de} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\MountPoints2: {a8a90f1d-db81-11e7-8304-8cdcd48d65de} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\MountPoints2: {cbf5fe95-cc84-11e7-82fa-8cdcd48d65de} - "F:\Lenovo_Suite.exe"
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [8704 2015-01-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-22] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2015-02-11] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2015-06-17] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2015-06-17] (Softex Inc..) [File not signed]
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {15476C8F-7F03-472E-A71A-CD0472D08335} - System32\Tasks\HPCeeScheduleForTomikCR => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-10] (HP Inc. -> HP Inc.)
Task: {283D2A9A-F89F-4E92-ADC2-DD989A25ED52} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-14] (Adobe Inc. -> Adobe)
Task: {2B02CD5C-3E02-46E2-A2C9-05B510153E9D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {2DBBD6CD-5DC3-4FCE-A02E-33C8076224C0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [237432 2019-04-29] (HP Inc. -> HP Inc.)
Task: {30281118-E353-486D-8A52-256D2D27BACF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {573A7084-0EB5-4DD5-9621-6819C057C1F2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {57C0E038-3E34-409D-8A13-2F3EA779B1A8} - System32\Tasks\{E6743BB5-36A4-49E9-B760-267A588ADE9E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\gu.exe" -d "C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM"
Task: {682CB63B-D981-4355-93D4-3B00D19227EF} - System32\Tasks\RogueKiller Anti-Malware => C:\Program Files\RogueKiller\RogueKiller64.exe [33971256 2019-05-22] (Adlice -> )
Task: {727362ED-C4BE-4A70-A7B7-65646D17FFE2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1488248 2018-12-10] (HP Inc. -> HP Inc.)
Task: {7F7C49BD-261C-478D-AE8D-6F808681C640} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {83BBB0E6-4DF9-497B-97D6-ADA6813D075A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2018-12-10] (HP Inc. -> HP Inc.)
Task: {8688CCB1-F1FD-4C81-A9AC-77699DA76766} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_pepper.exe [1452600 2019-05-14] (Adobe Inc. -> Adobe)
Task: {90731782-F4C9-44C9-BFD5-F4E43B7A7A8D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [652664 2019-04-17] (HP Inc. -> HP Inc.)
Task: {91DEED0C-445C-45B8-B9BA-CBBB13D1E226} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39920 2018-10-24] (Garmin International, Inc. -> )
Task: {9CB5519C-3D43-4D66-BC67-E1A5D5686675} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [644672 2019-05-23] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {AA9477E9-1BCA-490D-9548-90EB2699C957} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [652664 2019-04-17] (HP Inc. -> HP Inc.)
Task: {C34ED864-A768-4973-BB3A-49E31D39BD4A} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2018-12-10] (HP Inc. -> HP Inc.)
Task: {CDA0672E-50FC-413D-B032-F0039DCD3E69} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1354552 2014-05-19] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
Task: {CECE2209-52EB-4108-9D31-D0AAD9E48FE1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1488248 2018-12-10] (HP Inc. -> HP Inc.)
Task: {CF0ECF08-88FD-4197-A3B1-07E66876D06B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd -> Piriform Ltd)
Task: {E0C030CA-93E1-4787-BF2E-4A5EA2F5D6F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-01-21] (Google Inc -> Google Inc.)
Task: {E46C7B2C-F629-493C-A1AC-2D71D30FF4E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-01-21] (Google Inc -> Google Inc.)
Task: {EF7DE7F1-7EB9-44E9-9993-A6B635E2AD1C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F25B6E50-6977-4B69-8E4D-7514E713EE4F} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2015-02-11] (CyberLink Corp. -> CyberLink Corp.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\HPCeeScheduleForTomikCR.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 94.74.192.252 94.74.192.244
Tcpip\..\Interfaces\{3B776279-A1B9-454D-B794-1DA754DDAFAC}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{CA7B9554-2C11-424B-BDEE-2333473482ED}: [DhcpNameServer] 94.74.192.252 94.74.192.244
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.cz/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2018-12-10] (HP Inc. -> HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2018-12-10] (HP Inc. -> HP Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF DefaultProfile: d1xemxoz.default
FF ProfilePath: C:\Users\TomikCR\AppData\Roaming\Mozilla\Firefox\Profiles\d1xemxoz.default [2019-05-27]
FF Homepage: Mozilla\Firefox\Profiles\d1xemxoz.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\d1xemxoz.default -> about:newtab
FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [not found]
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt
FF Extension: (HP SimplePass) - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2015-06-17] [Legacy] [not signed]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-1268798374-1140181337-1142225549-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2019-01-28] (Ubisoft Entertainment Sweden AB -> )
Chrome:
=======
CHR HomePage: Default -> hxxp://www.parlamentnilisty.cz/
CHR Profile: C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default [2019-05-29]
CHR Extension: (Prezentace) - C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-27]
CHR Extension: (Dokumenty) - C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-27]
CHR Extension: (Disk Google) - C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-27]
CHR Extension: (YouTube) - C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-27]
CHR Extension: (Tabulky) - C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-27]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-05-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-05-27]
CHR Extension: (Gmail) - C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-27]
CHR Extension: (Chrome Media Router) - C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-27]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [246784 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S3 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6076936 2018-05-04] (BattlEye Innovations e.K. -> )
S3 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [98816 2014-10-11] () [File not signed]
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
S3 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [8010968 2018-02-10] (Mail.Ru Games LLC -> LLC Mail.Ru)
S3 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [103424 2015-01-30] (Softex Inc.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2303792 2019-04-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3175216 2019-04-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2019-02-24] (Even Balance, Inc. -> )
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
S3 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [53424 2015-06-29] (Hewlett-Packard Company -> Hewlett-Packard)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [21622784 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [665088 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2019-05-27] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2014-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Google Inc)
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus.sys [20992 2016-07-12] (Shenzhen Wondershare Information Technology Co., Ltd. -> LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2014-03-28] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2014-03-28] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 cdrombus; C:\Windows\System32\Drivers\cdrombus.sys [25088 2012-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Scan; C:\Windows\system32\DRIVERS\Dot4Scan.sys [19872 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
S3 dot4usb; C:\Windows\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation -> EldoS Corporation)
R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [40624 2015-06-29] (Hewlett-Packard Company -> Hewlett-Packard)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-13] (Martin Malik - REALiX -> REALiX(tm))
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-05-29] (Malwarebytes Corporation -> Malwarebytes)
S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [7238880 2018-02-10] (Mail.Ru Games LLC -> LLC Mail.Ru)
S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [243712 2014-08-08] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [580824 2014-09-10] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [6393856 2016-12-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11973 2017-12-19] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2019-05-27] (Adlice -> )
R3 usbfilter; C:\Windows\system32\DRIVERS\usbfilter.sys [60640 2014-02-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-23] (Hewlett-Packard Company -> HP)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-23] (Hewlett-Packard Company -> HP)
S3 cpuz138; \??\C:\Users\TomikCR\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
S0 SmartDefragDriver; System32\Drivers\SmartDefragDriver.sys [X]
S3 SmbDrv; \SystemRoot\system32\DRIVERS\Smb_driver_AMDASF.sys [X]
S3 SmbDrvI; \SystemRoot\System32\drivers\Smb_driver_Intel.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-29 22:23 - 2019-05-29 22:23 - 000028713 _____ C:\Users\TomikCR\Desktop\FRST.txt
2019-05-29 22:23 - 2019-05-29 22:23 - 000000000 ____D C:\FRST
2019-05-29 22:20 - 2019-05-29 22:20 - 000001231 _____ C:\Users\TomikCR\Desktop\CrystalDiskInfo.lnk
2019-05-29 22:20 - 2019-05-29 22:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2019-05-29 22:19 - 2019-05-29 22:19 - 015347688 _____ C:\Users\TomikCR\Desktop\CRYSTALDISKINFO8_0_0.EXE
2019-05-29 22:18 - 2019-05-29 22:18 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-05-29 22:14 - 2019-05-29 22:14 - 002435584 _____ (Farbar) C:\Users\TomikCR\Desktop\FRST64.exe
2019-05-27 21:28 - 2019-05-29 22:23 - 001876800 _____ C:\Windows\ZAM.krnl.trace
2019-05-27 21:28 - 2019-05-27 21:36 - 000000000 ____D C:\Users\TomikCR\AppData\Local\AMSDK
2019-05-27 21:28 - 2019-05-27 21:28 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2019-05-27 21:28 - 2019-05-27 21:28 - 000003478 _____ C:\Windows\System32\Tasks\AMHelper
2019-05-27 21:28 - 2019-05-27 21:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2019-05-27 21:28 - 2019-05-27 21:28 - 000000000 ____D C:\Program Files (x86)\Zemana
2019-05-27 20:41 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2019-05-27 20:09 - 2019-05-27 20:35 - 000000000 ____D C:\zoek_backup
2019-05-27 19:37 - 2019-05-27 19:37 - 000028272 _____ C:\Windows\system32\Drivers\truesight.sys
2019-05-27 00:39 - 2019-05-27 20:43 - 000003028 _____ C:\Windows\System32\Tasks\RogueKiller Anti-Malware
2019-05-27 00:39 - 2019-05-27 00:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2019-05-27 00:39 - 2019-05-27 00:39 - 000000000 ____D C:\Program Files\RogueKiller
2019-05-26 18:48 - 2017-12-03 20:58 - 000002841 _____ C:\Users\TomikCR\Documents\Sophos Virus Removal Tool.lnk
2019-05-26 01:08 - 2019-05-26 01:08 - 000129770 _____ C:\Users\TomikCR\Desktop\Fantasia, EM953.pdf
2019-05-24 23:42 - 2019-05-24 23:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-05-24 23:42 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-05-24 23:41 - 2019-05-24 23:41 - 000000000 ____D C:\Program Files\Malwarebytes
2019-05-21 23:18 - 2019-05-21 23:27 - 000000000 ____D C:\Users\TomikCR\Desktop\rozpisy
2019-05-21 22:28 - 2019-05-21 22:28 - 000000000 ____D C:\Users\TomikCR\AppData\Local\CEF
2019-05-21 18:52 - 2019-05-21 18:52 - 000000000 ____D C:\Windows\LastGood.Tmp
2019-05-21 00:55 - 2019-05-21 00:55 - 000080516 _____ C:\Users\TomikCR\Desktop\BarriosPreludeCminor.pdf
2019-05-20 23:45 - 2019-05-27 20:13 - 000000000 ____D C:\Users\TomikCR\AppData\Local\CrashDumps
2019-05-20 23:44 - 2019-05-24 23:44 - 000003188 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTomikCR
2019-05-20 23:44 - 2019-05-24 23:44 - 000000370 _____ C:\Windows\Tasks\HPCeeScheduleForTomikCR.job
2019-05-20 23:44 - 2019-05-20 23:44 - 000000000 ____D C:\Users\TomikCR\AppData\Local\HP_Inc
2019-05-20 22:29 - 2019-05-20 22:29 - 000002254 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2019-05-20 22:12 - 2019-05-20 22:12 - 007025360 _____ (Malwarebytes) C:\Users\TomikCR\Desktop\adwcleaner_7.3.exe
2019-05-20 22:11 - 2019-05-20 22:11 - 000000000 ____D C:\Users\TomikCR\AppData\Local\CyberLink
2019-05-18 22:39 - 2019-05-18 22:39 - 000000000 ____D C:\Users\TomikCR\Documents\SideSync
2019-05-18 22:19 - 2019-05-18 22:19 - 000000000 ____D C:\Program Files\Samsung
2019-05-18 21:46 - 2019-05-18 21:46 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2019-05-18 21:10 - 2019-05-18 21:13 - 000000000 ____D C:\Users\TomikCR\Desktop\Mamka - Samsung
2019-05-18 20:58 - 2016-07-22 09:21 - 000015872 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ss_wh.sys
2019-05-18 20:58 - 2016-07-22 09:21 - 000015360 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ss_cm.sys
2019-05-18 20:55 - 2019-05-18 20:55 - 000002029 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2019-05-18 20:55 - 2019-05-18 20:55 - 000002019 _____ C:\Users\Public\Desktop\Samsung Kies.lnk
2019-05-18 20:55 - 2019-05-18 20:55 - 000000000 ____D C:\Users\TomikCR\Documents\samsung
2019-05-18 20:55 - 2019-05-18 20:55 - 000000000 ____D C:\Users\TomikCR\AppData\Local\Samsung
2019-05-18 20:55 - 2019-05-18 20:55 - 000000000 ____D C:\Users\Public\Documents\NativeFus_Log
2019-05-18 20:54 - 2019-05-20 23:58 - 000000000 ____D C:\Users\TomikCR\AppData\Roaming\Samsung
2019-05-18 20:52 - 2019-05-20 23:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2019-05-18 20:51 - 2019-05-21 00:01 - 000000000 ____D C:\Program Files (x86)\Samsung
2019-05-18 20:51 - 2019-05-18 20:51 - 000000000 ____D C:\ProgramData\Samsung
2019-05-18 20:51 - 2016-05-17 23:49 - 004659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2019-05-18 20:51 - 2016-05-17 23:49 - 000144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2019-05-18 10:38 - 2019-05-18 10:38 - 000072170 _____ C:\Users\TomikCR\Downloads\priloha_669312496_0_00806424_dne_0582_1900971454_qr (1).pdf
2019-05-17 08:50 - 2019-05-02 23:59 - 000835688 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-17 08:50 - 2019-05-02 23:59 - 000179816 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-16 23:34 - 2019-05-16 23:34 - 000280600 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2019-05-16 18:48 - 2019-05-16 18:48 - 012305431 _____ C:\Users\TomikCR\Downloads\Produktovy-letak-kocky.pdf
2019-05-15 18:28 - 2019-05-06 05:47 - 001311768 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-05-15 18:28 - 2019-05-06 05:36 - 001677024 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-05-15 18:28 - 2019-05-06 05:36 - 001537776 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-05-15 18:28 - 2019-05-06 05:35 - 007363320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-05-15 18:28 - 2019-05-06 05:34 - 000805384 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-05-15 18:28 - 2019-05-06 05:33 - 001136208 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-05-15 18:28 - 2019-05-06 04:12 - 000861184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-05-15 18:28 - 2019-05-06 04:08 - 001040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-05-15 18:28 - 2019-05-06 03:41 - 001197056 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2019-05-15 18:28 - 2019-04-30 02:51 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-05-15 18:28 - 2019-04-30 02:51 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-05-15 18:28 - 2019-04-25 06:01 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-05-15 18:28 - 2019-04-25 05:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-05-15 18:28 - 2019-04-25 05:31 - 020279296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-05-15 18:28 - 2019-04-25 05:28 - 005775360 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-05-15 18:28 - 2019-04-25 05:26 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-05-15 18:28 - 2019-04-25 05:09 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-05-15 18:28 - 2019-04-25 05:03 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-05-15 18:28 - 2019-04-25 04:46 - 015285248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-05-15 18:28 - 2019-04-25 04:40 - 004493312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-05-15 18:28 - 2019-04-25 04:35 - 005303808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-05-15 18:28 - 2019-04-25 04:24 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-05-15 18:28 - 2019-04-25 04:18 - 004831232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-05-15 18:28 - 2019-04-25 04:14 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-05-15 18:28 - 2019-04-17 02:45 - 022373296 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-05-15 18:28 - 2019-04-17 02:41 - 019790872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-05-15 18:28 - 2019-04-16 15:45 - 001756160 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-05-15 18:28 - 2019-04-16 15:40 - 001493504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-05-15 18:28 - 2019-04-14 18:37 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-05-15 18:28 - 2019-04-14 18:35 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-05-15 18:28 - 2019-04-14 18:09 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-05-15 18:28 - 2019-04-14 18:07 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-05-15 18:28 - 2019-04-09 00:17 - 000537096 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-05-15 18:28 - 2019-04-09 00:17 - 000139912 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-05-15 18:28 - 2019-04-09 00:13 - 000449744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-05-15 18:28 - 2019-04-09 00:12 - 000136736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-05-15 18:28 - 2019-04-08 23:40 - 000136432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2019-05-15 18:28 - 2019-04-07 02:57 - 001214720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-05-15 18:28 - 2019-04-06 22:31 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-05-15 18:28 - 2019-04-06 22:31 - 000376320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2019-05-15 18:28 - 2019-04-06 22:31 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-05-15 18:28 - 2019-04-06 22:31 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-05-15 18:28 - 2019-04-06 22:31 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-05-15 18:28 - 2019-04-06 20:39 - 002172832 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2019-05-15 18:28 - 2019-04-06 20:39 - 001662512 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-05-15 18:28 - 2019-04-06 17:42 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-05-15 18:28 - 2019-04-06 00:47 - 000096208 _____ (Microsoft Corporation) C:\Windows\system32\cryptdll.dll
2019-05-15 18:28 - 2019-04-06 00:46 - 000177608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-05-15 18:28 - 2019-04-06 00:44 - 000073248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdll.dll
2019-05-15 18:28 - 2019-04-05 16:07 - 003324928 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-05-15 18:28 - 2019-04-05 16:06 - 001253888 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-05-15 18:28 - 2019-04-05 16:06 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-05-15 18:28 - 2019-04-05 16:06 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-05-15 18:28 - 2019-04-05 16:01 - 003618304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-05-15 18:28 - 2019-04-05 16:01 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-05-15 18:28 - 2019-04-05 01:58 - 000863232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2019-05-15 18:28 - 2019-04-05 00:15 - 000513416 _____ C:\Windows\SysWOW64\locale.nls
2019-05-15 18:28 - 2019-04-05 00:15 - 000513416 _____ C:\Windows\system32\locale.nls
2019-05-15 18:28 - 2019-04-04 20:01 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-05-15 18:28 - 2019-04-04 18:48 - 000713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2019-05-15 18:28 - 2019-04-04 18:44 - 002779648 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-05-15 18:28 - 2019-04-04 18:15 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2019-05-15 18:28 - 2019-04-04 18:10 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-05-15 18:27 - 2019-04-25 04:58 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2019-05-15 18:27 - 2019-04-25 04:50 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-05-15 18:27 - 2019-04-25 04:42 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2019-05-15 18:27 - 2019-04-25 04:37 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-05-15 18:27 - 2019-04-25 04:35 - 013682176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-05-15 18:27 - 2019-04-25 04:14 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-05-15 18:27 - 2019-04-25 04:12 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-05-15 18:27 - 2019-04-20 18:41 - 000081920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2019-05-15 18:27 - 2019-04-04 19:41 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-05-15 18:27 - 2019-04-04 19:10 - 001080320 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2019-05-15 18:27 - 2019-04-04 18:49 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-05-13 19:08 - 2019-05-13 19:08 - 000118370 _____ C:\Users\TomikCR\Downloads\13uchextrakceosmaterialu (1).pdf
2019-04-30 21:00 - 2019-04-30 21:00 - 000273517 _____ C:\Users\TomikCR\Downloads\Rámcová smlouva.pdf
2019-04-30 20:59 - 2019-04-30 20:59 - 000389287 _____ C:\Users\TomikCR\Downloads\Návrh smlouvy úvěru.pdf
2019-04-29 18:38 - 2019-04-29 18:38 - 000280600 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2019-04-29 18:13 - 2019-04-29 18:13 - 000557362 _____ C:\Users\TomikCR\Downloads\cpp.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-29 22:20 - 2017-12-05 23:43 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2019-05-29 22:17 - 2018-03-09 23:17 - 000000000 ____D C:\Users\TomikCR\Desktop\Čističe
2019-05-29 18:12 - 2014-10-27 18:12 - 000004002 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{901E4CFD-6533-4966-B96F-CB91F4CEC206}
2019-05-29 18:08 - 2019-02-20 19:50 - 000000402 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2019-05-27 21:28 - 2017-12-04 21:47 - 000000000 ____D C:\Users\TomikCR\AppData\Local\Zemana
2019-05-27 20:48 - 2014-07-15 03:25 - 000762978 _____ C:\Windows\system32\perfh005.dat
2019-05-27 20:48 - 2014-07-15 03:25 - 000163700 _____ C:\Windows\system32\perfc005.dat
2019-05-27 20:48 - 2014-03-18 11:53 - 001876148 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-27 20:48 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2019-05-27 20:44 - 2018-10-10 17:37 - 000000000 ____D C:\Users\TomikCR\Documents\Youcam
2019-05-27 20:42 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-27 20:41 - 2014-10-07 07:08 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-05-27 20:41 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-05-27 20:35 - 2014-10-27 15:40 - 000000000 ____D C:\Users\TomikCR
2019-05-27 20:35 - 2013-08-22 17:36 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-05-27 08:22 - 2014-10-27 15:46 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1268798374-1140181337-1142225549-1002
2019-05-27 00:41 - 2017-12-03 22:42 - 000000000 ____D C:\ProgramData\RogueKiller
2019-05-26 18:40 - 2014-07-14 19:17 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-05-26 01:11 - 2014-11-02 22:08 - 007947776 ___SH C:\Users\TomikCR\Downloads\Thumbs.db
2019-05-24 23:41 - 2015-01-15 21:46 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-05-22 22:26 - 2014-11-20 20:57 - 010003968 ___SH C:\Users\TomikCR\Desktop\Thumbs.db
2019-05-22 01:20 - 2016-09-10 23:24 - 000000000 ____D C:\Users\TomikCR\AppData\Roaming\vlc
2019-05-22 00:26 - 2018-01-21 01:50 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-21 23:25 - 2016-10-28 21:05 - 000000000 ____D C:\Users\TomikCR\Desktop\Vstup
2019-05-21 22:33 - 2015-03-07 00:29 - 000000000 ____D C:\Program Files (x86)\Steam
2019-05-21 00:02 - 2018-10-10 00:52 - 000000000 ____D C:\Users\TomikCR\Documents\CCleaner-zálohy
2019-05-21 00:01 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\ModemLogs
2019-05-20 23:58 - 2014-07-14 18:53 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-05-20 23:22 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2019-05-20 22:29 - 2018-04-01 00:06 - 000000000 ____D C:\Users\TomikCR\AppData\Local\Hewlett-Packard
2019-05-20 22:29 - 2016-02-18 08:30 - 000000000 ____D C:\Users\Administrator\AppData\Local\Hewlett-Packard
2019-05-20 22:29 - 2014-10-27 15:43 - 000000000 ____D C:\Users\TomikCR\AppData\Roaming\hpqlog
2019-05-20 22:29 - 2014-07-14 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2019-05-20 22:29 - 2014-07-14 18:47 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2019-05-20 22:28 - 2015-08-15 22:10 - 000000000 ____D C:\Program Files (x86)\HP
2019-05-20 22:25 - 2014-04-05 01:55 - 000000000 ____D C:\SWSetup
2019-05-20 17:39 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2019-05-18 22:27 - 2013-08-22 16:44 - 000386288 _____ C:\Windows\system32\FNTCACHE.DAT
2019-05-18 18:57 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2019-05-17 00:23 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2019-05-16 23:34 - 2014-10-28 18:10 - 000280600 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2019-05-16 23:33 - 2017-12-22 00:17 - 000000000 ____D C:\Users\TomikCR\AppData\Roaming\Origin
2019-05-16 23:32 - 2017-12-22 00:35 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-05-16 23:32 - 2017-12-22 00:13 - 000000000 ____D C:\ProgramData\Origin
2019-05-16 23:27 - 2017-12-22 00:15 - 000000000 ____D C:\Program Files (x86)\Origin
2019-05-15 23:19 - 2018-01-21 01:50 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-15 23:19 - 2018-01-21 01:50 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-15 19:06 - 2014-10-28 18:34 - 000000000 ____D C:\Windows\system32\MRT
2019-05-15 19:01 - 2014-10-28 18:34 - 132445408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-05-14 21:04 - 2017-12-19 00:12 - 000004556 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-05-14 21:04 - 2017-12-19 00:12 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-05-14 21:04 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-05-14 21:04 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-12 15:42 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
==================== Files in the root of some directories =======
2016-08-29 14:27 - 2016-08-29 14:27 - 000004040 _____ () C:\Users\TomikCR\dht.dat
2016-08-29 14:27 - 2016-08-29 14:27 - 000001020 _____ () C:\Users\TomikCR\resume.dat
2016-08-29 14:27 - 2016-08-29 14:27 - 000000099 _____ () C:\Users\TomikCR\rss.dat
2016-08-29 14:27 - 2016-08-29 14:27 - 000006769 _____ () C:\Users\TomikCR\settings.dat
2016-08-31 18:56 - 2016-08-31 18:56 - 000007604 _____ () C:\Users\TomikCR\AppData\Local\Resmon.ResmonCfg
2016-07-13 19:40 - 2016-07-13 19:40 - 000000173 _____ () C:\Users\TomikCR\AppData\Local\uts.ini
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-05-27 18:43
==================== End of FRST.txt ============================
Ran by TomikCR (administrator) on NOTEBOOK-TOMÁŠ (Hewlett-Packard HP Pavilion 17 Notebook PC) (29-05-2019 22:23:14)
Running from C:\Users\TomikCR\Desktop
Loaded Profiles: TomikCR (Available Profiles: TomikCR & Administrator)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2017-05-30] (Raptr, Inc -> Raptr, Inc)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318112 2017-11-15] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1720584 2015-02-09] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation -> AppEx Networks Corporation)
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30796352 2018-10-24] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\MountPoints2: {24684548-5eda-11e9-8332-8cdcd48d65de} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\MountPoints2: {32cface4-3fdb-11e7-82ef-8cdcd48d65de} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\MountPoints2: {3b3586ed-7537-11e6-82d9-8cdcd48d65de} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\MountPoints2: {54023be7-c9cd-11e6-82e6-8cdcd48d65de} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\MountPoints2: {95276210-179b-11e6-82bc-1008b1bf986d} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\MountPoints2: {9762049a-c2a9-11e8-8322-8cdcd48d65de} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\MountPoints2: {a8a90f1d-db81-11e7-8304-8cdcd48d65de} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\MountPoints2: {cbf5fe95-cc84-11e7-82fa-8cdcd48d65de} - "F:\Lenovo_Suite.exe"
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [8704 2015-01-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-22] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2015-02-11] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2015-06-17] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2015-06-17] (Softex Inc..) [File not signed]
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {15476C8F-7F03-472E-A71A-CD0472D08335} - System32\Tasks\HPCeeScheduleForTomikCR => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-10] (HP Inc. -> HP Inc.)
Task: {283D2A9A-F89F-4E92-ADC2-DD989A25ED52} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-14] (Adobe Inc. -> Adobe)
Task: {2B02CD5C-3E02-46E2-A2C9-05B510153E9D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {2DBBD6CD-5DC3-4FCE-A02E-33C8076224C0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [237432 2019-04-29] (HP Inc. -> HP Inc.)
Task: {30281118-E353-486D-8A52-256D2D27BACF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {573A7084-0EB5-4DD5-9621-6819C057C1F2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {57C0E038-3E34-409D-8A13-2F3EA779B1A8} - System32\Tasks\{E6743BB5-36A4-49E9-B760-267A588ADE9E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\gu.exe" -d "C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM"
Task: {682CB63B-D981-4355-93D4-3B00D19227EF} - System32\Tasks\RogueKiller Anti-Malware => C:\Program Files\RogueKiller\RogueKiller64.exe [33971256 2019-05-22] (Adlice -> )
Task: {727362ED-C4BE-4A70-A7B7-65646D17FFE2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1488248 2018-12-10] (HP Inc. -> HP Inc.)
Task: {7F7C49BD-261C-478D-AE8D-6F808681C640} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {83BBB0E6-4DF9-497B-97D6-ADA6813D075A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2018-12-10] (HP Inc. -> HP Inc.)
Task: {8688CCB1-F1FD-4C81-A9AC-77699DA76766} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_pepper.exe [1452600 2019-05-14] (Adobe Inc. -> Adobe)
Task: {90731782-F4C9-44C9-BFD5-F4E43B7A7A8D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [652664 2019-04-17] (HP Inc. -> HP Inc.)
Task: {91DEED0C-445C-45B8-B9BA-CBBB13D1E226} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39920 2018-10-24] (Garmin International, Inc. -> )
Task: {9CB5519C-3D43-4D66-BC67-E1A5D5686675} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [644672 2019-05-23] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {AA9477E9-1BCA-490D-9548-90EB2699C957} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [652664 2019-04-17] (HP Inc. -> HP Inc.)
Task: {C34ED864-A768-4973-BB3A-49E31D39BD4A} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2018-12-10] (HP Inc. -> HP Inc.)
Task: {CDA0672E-50FC-413D-B032-F0039DCD3E69} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1354552 2014-05-19] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
Task: {CECE2209-52EB-4108-9D31-D0AAD9E48FE1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1488248 2018-12-10] (HP Inc. -> HP Inc.)
Task: {CF0ECF08-88FD-4197-A3B1-07E66876D06B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd -> Piriform Ltd)
Task: {E0C030CA-93E1-4787-BF2E-4A5EA2F5D6F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-01-21] (Google Inc -> Google Inc.)
Task: {E46C7B2C-F629-493C-A1AC-2D71D30FF4E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-01-21] (Google Inc -> Google Inc.)
Task: {EF7DE7F1-7EB9-44E9-9993-A6B635E2AD1C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F25B6E50-6977-4B69-8E4D-7514E713EE4F} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2015-02-11] (CyberLink Corp. -> CyberLink Corp.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\HPCeeScheduleForTomikCR.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 94.74.192.252 94.74.192.244
Tcpip\..\Interfaces\{3B776279-A1B9-454D-B794-1DA754DDAFAC}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{CA7B9554-2C11-424B-BDEE-2333473482ED}: [DhcpNameServer] 94.74.192.252 94.74.192.244
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.cz/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2018-12-10] (HP Inc. -> HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2018-12-10] (HP Inc. -> HP Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF DefaultProfile: d1xemxoz.default
FF ProfilePath: C:\Users\TomikCR\AppData\Roaming\Mozilla\Firefox\Profiles\d1xemxoz.default [2019-05-27]
FF Homepage: Mozilla\Firefox\Profiles\d1xemxoz.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\d1xemxoz.default -> about:newtab
FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [not found]
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt
FF Extension: (HP SimplePass) - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2015-06-17] [Legacy] [not signed]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-1268798374-1140181337-1142225549-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2019-01-28] (Ubisoft Entertainment Sweden AB -> )
Chrome:
=======
CHR HomePage: Default -> hxxp://www.parlamentnilisty.cz/
CHR Profile: C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default [2019-05-29]
CHR Extension: (Prezentace) - C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-27]
CHR Extension: (Dokumenty) - C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-27]
CHR Extension: (Disk Google) - C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-27]
CHR Extension: (YouTube) - C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-27]
CHR Extension: (Tabulky) - C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-27]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-05-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-05-27]
CHR Extension: (Gmail) - C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-27]
CHR Extension: (Chrome Media Router) - C:\Users\TomikCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-27]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [246784 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S3 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6076936 2018-05-04] (BattlEye Innovations e.K. -> )
S3 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [98816 2014-10-11] () [File not signed]
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
S3 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [8010968 2018-02-10] (Mail.Ru Games LLC -> LLC Mail.Ru)
S3 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [103424 2015-01-30] (Softex Inc.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2303792 2019-04-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3175216 2019-04-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2019-02-24] (Even Balance, Inc. -> )
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
S3 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [53424 2015-06-29] (Hewlett-Packard Company -> Hewlett-Packard)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [21622784 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [665088 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2019-05-27] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2014-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Google Inc)
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus.sys [20992 2016-07-12] (Shenzhen Wondershare Information Technology Co., Ltd. -> LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2014-03-28] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2014-03-28] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 cdrombus; C:\Windows\System32\Drivers\cdrombus.sys [25088 2012-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Scan; C:\Windows\system32\DRIVERS\Dot4Scan.sys [19872 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
S3 dot4usb; C:\Windows\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation -> EldoS Corporation)
R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [40624 2015-06-29] (Hewlett-Packard Company -> Hewlett-Packard)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-13] (Martin Malik - REALiX -> REALiX(tm))
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-05-29] (Malwarebytes Corporation -> Malwarebytes)
S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [7238880 2018-02-10] (Mail.Ru Games LLC -> LLC Mail.Ru)
S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [243712 2014-08-08] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [580824 2014-09-10] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [6393856 2016-12-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11973 2017-12-19] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2019-05-27] (Adlice -> )
R3 usbfilter; C:\Windows\system32\DRIVERS\usbfilter.sys [60640 2014-02-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-23] (Hewlett-Packard Company -> HP)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-23] (Hewlett-Packard Company -> HP)
S3 cpuz138; \??\C:\Users\TomikCR\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
S0 SmartDefragDriver; System32\Drivers\SmartDefragDriver.sys [X]
S3 SmbDrv; \SystemRoot\system32\DRIVERS\Smb_driver_AMDASF.sys [X]
S3 SmbDrvI; \SystemRoot\System32\drivers\Smb_driver_Intel.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-29 22:23 - 2019-05-29 22:23 - 000028713 _____ C:\Users\TomikCR\Desktop\FRST.txt
2019-05-29 22:23 - 2019-05-29 22:23 - 000000000 ____D C:\FRST
2019-05-29 22:20 - 2019-05-29 22:20 - 000001231 _____ C:\Users\TomikCR\Desktop\CrystalDiskInfo.lnk
2019-05-29 22:20 - 2019-05-29 22:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2019-05-29 22:19 - 2019-05-29 22:19 - 015347688 _____ C:\Users\TomikCR\Desktop\CRYSTALDISKINFO8_0_0.EXE
2019-05-29 22:18 - 2019-05-29 22:18 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-05-29 22:14 - 2019-05-29 22:14 - 002435584 _____ (Farbar) C:\Users\TomikCR\Desktop\FRST64.exe
2019-05-27 21:28 - 2019-05-29 22:23 - 001876800 _____ C:\Windows\ZAM.krnl.trace
2019-05-27 21:28 - 2019-05-27 21:36 - 000000000 ____D C:\Users\TomikCR\AppData\Local\AMSDK
2019-05-27 21:28 - 2019-05-27 21:28 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2019-05-27 21:28 - 2019-05-27 21:28 - 000003478 _____ C:\Windows\System32\Tasks\AMHelper
2019-05-27 21:28 - 2019-05-27 21:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2019-05-27 21:28 - 2019-05-27 21:28 - 000000000 ____D C:\Program Files (x86)\Zemana
2019-05-27 20:41 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2019-05-27 20:09 - 2019-05-27 20:35 - 000000000 ____D C:\zoek_backup
2019-05-27 19:37 - 2019-05-27 19:37 - 000028272 _____ C:\Windows\system32\Drivers\truesight.sys
2019-05-27 00:39 - 2019-05-27 20:43 - 000003028 _____ C:\Windows\System32\Tasks\RogueKiller Anti-Malware
2019-05-27 00:39 - 2019-05-27 00:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2019-05-27 00:39 - 2019-05-27 00:39 - 000000000 ____D C:\Program Files\RogueKiller
2019-05-26 18:48 - 2017-12-03 20:58 - 000002841 _____ C:\Users\TomikCR\Documents\Sophos Virus Removal Tool.lnk
2019-05-26 01:08 - 2019-05-26 01:08 - 000129770 _____ C:\Users\TomikCR\Desktop\Fantasia, EM953.pdf
2019-05-24 23:42 - 2019-05-24 23:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-05-24 23:42 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-05-24 23:41 - 2019-05-24 23:41 - 000000000 ____D C:\Program Files\Malwarebytes
2019-05-21 23:18 - 2019-05-21 23:27 - 000000000 ____D C:\Users\TomikCR\Desktop\rozpisy
2019-05-21 22:28 - 2019-05-21 22:28 - 000000000 ____D C:\Users\TomikCR\AppData\Local\CEF
2019-05-21 18:52 - 2019-05-21 18:52 - 000000000 ____D C:\Windows\LastGood.Tmp
2019-05-21 00:55 - 2019-05-21 00:55 - 000080516 _____ C:\Users\TomikCR\Desktop\BarriosPreludeCminor.pdf
2019-05-20 23:45 - 2019-05-27 20:13 - 000000000 ____D C:\Users\TomikCR\AppData\Local\CrashDumps
2019-05-20 23:44 - 2019-05-24 23:44 - 000003188 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTomikCR
2019-05-20 23:44 - 2019-05-24 23:44 - 000000370 _____ C:\Windows\Tasks\HPCeeScheduleForTomikCR.job
2019-05-20 23:44 - 2019-05-20 23:44 - 000000000 ____D C:\Users\TomikCR\AppData\Local\HP_Inc
2019-05-20 22:29 - 2019-05-20 22:29 - 000002254 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2019-05-20 22:12 - 2019-05-20 22:12 - 007025360 _____ (Malwarebytes) C:\Users\TomikCR\Desktop\adwcleaner_7.3.exe
2019-05-20 22:11 - 2019-05-20 22:11 - 000000000 ____D C:\Users\TomikCR\AppData\Local\CyberLink
2019-05-18 22:39 - 2019-05-18 22:39 - 000000000 ____D C:\Users\TomikCR\Documents\SideSync
2019-05-18 22:19 - 2019-05-18 22:19 - 000000000 ____D C:\Program Files\Samsung
2019-05-18 21:46 - 2019-05-18 21:46 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2019-05-18 21:10 - 2019-05-18 21:13 - 000000000 ____D C:\Users\TomikCR\Desktop\Mamka - Samsung
2019-05-18 20:58 - 2016-07-22 09:21 - 000015872 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ss_wh.sys
2019-05-18 20:58 - 2016-07-22 09:21 - 000015360 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ss_cm.sys
2019-05-18 20:55 - 2019-05-18 20:55 - 000002029 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2019-05-18 20:55 - 2019-05-18 20:55 - 000002019 _____ C:\Users\Public\Desktop\Samsung Kies.lnk
2019-05-18 20:55 - 2019-05-18 20:55 - 000000000 ____D C:\Users\TomikCR\Documents\samsung
2019-05-18 20:55 - 2019-05-18 20:55 - 000000000 ____D C:\Users\TomikCR\AppData\Local\Samsung
2019-05-18 20:55 - 2019-05-18 20:55 - 000000000 ____D C:\Users\Public\Documents\NativeFus_Log
2019-05-18 20:54 - 2019-05-20 23:58 - 000000000 ____D C:\Users\TomikCR\AppData\Roaming\Samsung
2019-05-18 20:52 - 2019-05-20 23:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2019-05-18 20:51 - 2019-05-21 00:01 - 000000000 ____D C:\Program Files (x86)\Samsung
2019-05-18 20:51 - 2019-05-18 20:51 - 000000000 ____D C:\ProgramData\Samsung
2019-05-18 20:51 - 2016-05-17 23:49 - 004659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2019-05-18 20:51 - 2016-05-17 23:49 - 000144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2019-05-18 10:38 - 2019-05-18 10:38 - 000072170 _____ C:\Users\TomikCR\Downloads\priloha_669312496_0_00806424_dne_0582_1900971454_qr (1).pdf
2019-05-17 08:50 - 2019-05-02 23:59 - 000835688 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-17 08:50 - 2019-05-02 23:59 - 000179816 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-16 23:34 - 2019-05-16 23:34 - 000280600 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2019-05-16 18:48 - 2019-05-16 18:48 - 012305431 _____ C:\Users\TomikCR\Downloads\Produktovy-letak-kocky.pdf
2019-05-15 18:28 - 2019-05-06 05:47 - 001311768 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-05-15 18:28 - 2019-05-06 05:36 - 001677024 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-05-15 18:28 - 2019-05-06 05:36 - 001537776 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-05-15 18:28 - 2019-05-06 05:35 - 007363320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-05-15 18:28 - 2019-05-06 05:34 - 000805384 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-05-15 18:28 - 2019-05-06 05:33 - 001136208 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-05-15 18:28 - 2019-05-06 04:12 - 000861184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-05-15 18:28 - 2019-05-06 04:08 - 001040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-05-15 18:28 - 2019-05-06 03:41 - 001197056 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2019-05-15 18:28 - 2019-04-30 02:51 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-05-15 18:28 - 2019-04-30 02:51 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-05-15 18:28 - 2019-04-25 06:01 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-05-15 18:28 - 2019-04-25 05:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-05-15 18:28 - 2019-04-25 05:31 - 020279296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-05-15 18:28 - 2019-04-25 05:28 - 005775360 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-05-15 18:28 - 2019-04-25 05:26 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-05-15 18:28 - 2019-04-25 05:09 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-05-15 18:28 - 2019-04-25 05:03 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-05-15 18:28 - 2019-04-25 04:46 - 015285248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-05-15 18:28 - 2019-04-25 04:40 - 004493312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-05-15 18:28 - 2019-04-25 04:35 - 005303808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-05-15 18:28 - 2019-04-25 04:24 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-05-15 18:28 - 2019-04-25 04:18 - 004831232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-05-15 18:28 - 2019-04-25 04:14 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-05-15 18:28 - 2019-04-17 02:45 - 022373296 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-05-15 18:28 - 2019-04-17 02:41 - 019790872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-05-15 18:28 - 2019-04-16 15:45 - 001756160 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-05-15 18:28 - 2019-04-16 15:40 - 001493504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-05-15 18:28 - 2019-04-14 18:37 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-05-15 18:28 - 2019-04-14 18:35 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-05-15 18:28 - 2019-04-14 18:09 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-05-15 18:28 - 2019-04-14 18:07 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-05-15 18:28 - 2019-04-09 00:17 - 000537096 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-05-15 18:28 - 2019-04-09 00:17 - 000139912 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-05-15 18:28 - 2019-04-09 00:13 - 000449744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-05-15 18:28 - 2019-04-09 00:12 - 000136736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-05-15 18:28 - 2019-04-08 23:40 - 000136432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2019-05-15 18:28 - 2019-04-07 02:57 - 001214720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-05-15 18:28 - 2019-04-06 22:31 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-05-15 18:28 - 2019-04-06 22:31 - 000376320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2019-05-15 18:28 - 2019-04-06 22:31 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-05-15 18:28 - 2019-04-06 22:31 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-05-15 18:28 - 2019-04-06 22:31 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-05-15 18:28 - 2019-04-06 20:39 - 002172832 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2019-05-15 18:28 - 2019-04-06 20:39 - 001662512 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-05-15 18:28 - 2019-04-06 17:42 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-05-15 18:28 - 2019-04-06 00:47 - 000096208 _____ (Microsoft Corporation) C:\Windows\system32\cryptdll.dll
2019-05-15 18:28 - 2019-04-06 00:46 - 000177608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-05-15 18:28 - 2019-04-06 00:44 - 000073248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdll.dll
2019-05-15 18:28 - 2019-04-05 16:07 - 003324928 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-05-15 18:28 - 2019-04-05 16:06 - 001253888 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-05-15 18:28 - 2019-04-05 16:06 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-05-15 18:28 - 2019-04-05 16:06 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-05-15 18:28 - 2019-04-05 16:01 - 003618304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-05-15 18:28 - 2019-04-05 16:01 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-05-15 18:28 - 2019-04-05 01:58 - 000863232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2019-05-15 18:28 - 2019-04-05 00:15 - 000513416 _____ C:\Windows\SysWOW64\locale.nls
2019-05-15 18:28 - 2019-04-05 00:15 - 000513416 _____ C:\Windows\system32\locale.nls
2019-05-15 18:28 - 2019-04-04 20:01 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-05-15 18:28 - 2019-04-04 18:48 - 000713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2019-05-15 18:28 - 2019-04-04 18:44 - 002779648 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-05-15 18:28 - 2019-04-04 18:15 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2019-05-15 18:28 - 2019-04-04 18:10 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-05-15 18:27 - 2019-04-25 04:58 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2019-05-15 18:27 - 2019-04-25 04:50 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-05-15 18:27 - 2019-04-25 04:42 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2019-05-15 18:27 - 2019-04-25 04:37 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-05-15 18:27 - 2019-04-25 04:35 - 013682176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-05-15 18:27 - 2019-04-25 04:14 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-05-15 18:27 - 2019-04-25 04:12 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-05-15 18:27 - 2019-04-20 18:41 - 000081920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2019-05-15 18:27 - 2019-04-04 19:41 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-05-15 18:27 - 2019-04-04 19:10 - 001080320 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2019-05-15 18:27 - 2019-04-04 18:49 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-05-13 19:08 - 2019-05-13 19:08 - 000118370 _____ C:\Users\TomikCR\Downloads\13uchextrakceosmaterialu (1).pdf
2019-04-30 21:00 - 2019-04-30 21:00 - 000273517 _____ C:\Users\TomikCR\Downloads\Rámcová smlouva.pdf
2019-04-30 20:59 - 2019-04-30 20:59 - 000389287 _____ C:\Users\TomikCR\Downloads\Návrh smlouvy úvěru.pdf
2019-04-29 18:38 - 2019-04-29 18:38 - 000280600 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2019-04-29 18:13 - 2019-04-29 18:13 - 000557362 _____ C:\Users\TomikCR\Downloads\cpp.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-29 22:20 - 2017-12-05 23:43 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2019-05-29 22:17 - 2018-03-09 23:17 - 000000000 ____D C:\Users\TomikCR\Desktop\Čističe
2019-05-29 18:12 - 2014-10-27 18:12 - 000004002 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{901E4CFD-6533-4966-B96F-CB91F4CEC206}
2019-05-29 18:08 - 2019-02-20 19:50 - 000000402 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2019-05-27 21:28 - 2017-12-04 21:47 - 000000000 ____D C:\Users\TomikCR\AppData\Local\Zemana
2019-05-27 20:48 - 2014-07-15 03:25 - 000762978 _____ C:\Windows\system32\perfh005.dat
2019-05-27 20:48 - 2014-07-15 03:25 - 000163700 _____ C:\Windows\system32\perfc005.dat
2019-05-27 20:48 - 2014-03-18 11:53 - 001876148 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-27 20:48 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2019-05-27 20:44 - 2018-10-10 17:37 - 000000000 ____D C:\Users\TomikCR\Documents\Youcam
2019-05-27 20:42 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-27 20:41 - 2014-10-07 07:08 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-05-27 20:41 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-05-27 20:35 - 2014-10-27 15:40 - 000000000 ____D C:\Users\TomikCR
2019-05-27 20:35 - 2013-08-22 17:36 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-05-27 08:22 - 2014-10-27 15:46 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1268798374-1140181337-1142225549-1002
2019-05-27 00:41 - 2017-12-03 22:42 - 000000000 ____D C:\ProgramData\RogueKiller
2019-05-26 18:40 - 2014-07-14 19:17 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-05-26 01:11 - 2014-11-02 22:08 - 007947776 ___SH C:\Users\TomikCR\Downloads\Thumbs.db
2019-05-24 23:41 - 2015-01-15 21:46 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-05-22 22:26 - 2014-11-20 20:57 - 010003968 ___SH C:\Users\TomikCR\Desktop\Thumbs.db
2019-05-22 01:20 - 2016-09-10 23:24 - 000000000 ____D C:\Users\TomikCR\AppData\Roaming\vlc
2019-05-22 00:26 - 2018-01-21 01:50 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-21 23:25 - 2016-10-28 21:05 - 000000000 ____D C:\Users\TomikCR\Desktop\Vstup
2019-05-21 22:33 - 2015-03-07 00:29 - 000000000 ____D C:\Program Files (x86)\Steam
2019-05-21 00:02 - 2018-10-10 00:52 - 000000000 ____D C:\Users\TomikCR\Documents\CCleaner-zálohy
2019-05-21 00:01 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\ModemLogs
2019-05-20 23:58 - 2014-07-14 18:53 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-05-20 23:22 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2019-05-20 22:29 - 2018-04-01 00:06 - 000000000 ____D C:\Users\TomikCR\AppData\Local\Hewlett-Packard
2019-05-20 22:29 - 2016-02-18 08:30 - 000000000 ____D C:\Users\Administrator\AppData\Local\Hewlett-Packard
2019-05-20 22:29 - 2014-10-27 15:43 - 000000000 ____D C:\Users\TomikCR\AppData\Roaming\hpqlog
2019-05-20 22:29 - 2014-07-14 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2019-05-20 22:29 - 2014-07-14 18:47 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2019-05-20 22:28 - 2015-08-15 22:10 - 000000000 ____D C:\Program Files (x86)\HP
2019-05-20 22:25 - 2014-04-05 01:55 - 000000000 ____D C:\SWSetup
2019-05-20 17:39 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2019-05-18 22:27 - 2013-08-22 16:44 - 000386288 _____ C:\Windows\system32\FNTCACHE.DAT
2019-05-18 18:57 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2019-05-17 00:23 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2019-05-16 23:34 - 2014-10-28 18:10 - 000280600 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2019-05-16 23:33 - 2017-12-22 00:17 - 000000000 ____D C:\Users\TomikCR\AppData\Roaming\Origin
2019-05-16 23:32 - 2017-12-22 00:35 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-05-16 23:32 - 2017-12-22 00:13 - 000000000 ____D C:\ProgramData\Origin
2019-05-16 23:27 - 2017-12-22 00:15 - 000000000 ____D C:\Program Files (x86)\Origin
2019-05-15 23:19 - 2018-01-21 01:50 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-15 23:19 - 2018-01-21 01:50 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-15 19:06 - 2014-10-28 18:34 - 000000000 ____D C:\Windows\system32\MRT
2019-05-15 19:01 - 2014-10-28 18:34 - 132445408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-05-14 21:04 - 2017-12-19 00:12 - 000004556 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-05-14 21:04 - 2017-12-19 00:12 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-05-14 21:04 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-05-14 21:04 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-12 15:42 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
==================== Files in the root of some directories =======
2016-08-29 14:27 - 2016-08-29 14:27 - 000004040 _____ () C:\Users\TomikCR\dht.dat
2016-08-29 14:27 - 2016-08-29 14:27 - 000001020 _____ () C:\Users\TomikCR\resume.dat
2016-08-29 14:27 - 2016-08-29 14:27 - 000000099 _____ () C:\Users\TomikCR\rss.dat
2016-08-29 14:27 - 2016-08-29 14:27 - 000006769 _____ () C:\Users\TomikCR\settings.dat
2016-08-31 18:56 - 2016-08-31 18:56 - 000007604 _____ () C:\Users\TomikCR\AppData\Local\Resmon.ResmonCfg
2016-07-13 19:40 - 2016-07-13 19:40 - 000000173 _____ () C:\Users\TomikCR\AppData\Local\uts.ini
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-05-27 18:43
==================== End of FRST.txt ============================
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - hučící větrák, zpomalený počítač, zamrzání stránek
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
Kód: Vybrat vše
Start
CreateRestorePoint:
CloseProcesses:
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => -> No File
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\101hotteens.com -> 101hotteens.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\101lottery.com -> 101lottery.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\123expressview.com -> 123expressview.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\123found.com -> 123found.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\123keno.com -> 123keno.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\12don.info -> 12don.info
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\143fuck.com -> 143fuck.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\17gamo.com -> 17gamo.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\17webplace.com -> 17webplace.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\180solutions.com -> 180solutions.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1autocity.com -> 1autocity.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1ive.net -> 1ive.net
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1se.ru -> 1se.ru
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1sexparty.com -> 1sexparty.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1stfind.com -> 1stfind.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1stpagehere.com -> 1stpagehere.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1traff.us -> 1traff.us
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1ze.net -> 1ze.net
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\2-antispyware.com -> 2-antispyware.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\2004search.cc -> 2004search.cc
There are 4768 more sites.
Task: {E0C030CA-93E1-4787-BF2E-4A5EA2F5D6F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-01-21] (Google Inc -> Google Inc.)
Task: {E46C7B2C-F629-493C-A1AC-2D71D30FF4E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-01-21] (Google Inc -> Google Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [not found]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
S3 cpuz138; \??\C:\Users\TomikCR\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
HOSTS:
EmptyTemp:
End
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu - hučící větrák, zpomalený počítač, zamrzání stránek
Fix result of Farbar Recovery Scan Tool (x64) Version: 29-05.2019
Ran by TomikCR (30-05-2019 18:23:52) Run:1
Running from C:\Users\TomikCR\Desktop
Loaded Profiles: TomikCR (Available Profiles: TomikCR & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => -> No File
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\101hotteens.com -> 101hotteens.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\101lottery.com -> 101lottery.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\123expressview.com -> 123expressview.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\123found.com -> 123found.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\123keno.com -> 123keno.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\12don.info -> 12don.info
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\143fuck.com -> 143fuck.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\17gamo.com -> 17gamo.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\17webplace.com -> 17webplace.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\180solutions.com -> 180solutions.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1autocity.com -> 1autocity.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1ive.net -> 1ive.net
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1se.ru -> 1se.ru
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1sexparty.com -> 1sexparty.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1stfind.com -> 1stfind.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1stpagehere.com -> 1stpagehere.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1traff.us -> 1traff.us
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1ze.net -> 1ze.net
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\2-antispyware.com -> 2-antispyware.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\2004search.cc -> 2004search.cc
There are 4768 more sites.
Task: {E0C030CA-93E1-4787-BF2E-4A5EA2F5D6F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-01-21] (Google Inc -> Google Inc.)
Task: {E46C7B2C-F629-493C-A1AC-2D71D30FF4E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-01-21] (Google Inc -> Google Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [not found]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
S3 cpuz138; \??\C:\Users\TomikCR\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
HOSTS:
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BtSendToMenuEx => removed successfully
HKLM\Software\Classes\CLSID\{CF24E6B8-F148-4BCB-9108-ADF313966E80} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully
HKLM\Software\Classes\CLSID\{189F1E63-33A7-404B-B2F6-8C76A452CC54} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully
HKLM\Software\Classes\CLSID\{189F1E63-33A7-404B-B2F6-8C76A452CC54} => not found
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\101hotteens.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\101lottery.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123expressview.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123found.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123keno.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\12don.info => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\143fuck.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\17gamo.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\17webplace.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\180solutions.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1autocity.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1ive.net => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1se.ru => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1sexparty.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1stfind.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1stpagehere.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1traff.us => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1ze.net => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2-antispyware.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2004search.cc => removed successfully
There are 4768 more sites. => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E0C030CA-93E1-4787-BF2E-4A5EA2F5D6F2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0C030CA-93E1-4787-BF2E-4A5EA2F5D6F2}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E46C7B2C-F629-493C-A1AC-2D71D30FF4E1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E46C7B2C-F629-493C-A1AC-2D71D30FF4E1}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully
HKLM\Software\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => not found
C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => path removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => removed successfully
HKLM\System\CurrentControlSet\Services\cpuz138 => removed successfully
cpuz138 => service removed successfully
HKLM\System\CurrentControlSet\Services\xhunter1 => removed successfully
xhunter1 => service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10851205 B
Java, Flash, Steam htmlcache => 408609098 B
Windows/system/drivers => 4412 B
Edge => 0 B
Chrome => 392723658 B
Firefox => 229376 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 7310 B
TomikCR => 4129208 B
Administrator => 3504 B
RecycleBin => 0 B
EmptyTemp: => 786.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:25:59 ====
Ran by TomikCR (30-05-2019 18:23:52) Run:1
Running from C:\Users\TomikCR\Desktop
Loaded Profiles: TomikCR (Available Profiles: TomikCR & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => -> No File
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\101hotteens.com -> 101hotteens.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\101lottery.com -> 101lottery.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\123expressview.com -> 123expressview.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\123found.com -> 123found.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\123keno.com -> 123keno.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\12don.info -> 12don.info
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\143fuck.com -> 143fuck.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\17gamo.com -> 17gamo.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\17webplace.com -> 17webplace.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\180solutions.com -> 180solutions.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1autocity.com -> 1autocity.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1ive.net -> 1ive.net
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1se.ru -> 1se.ru
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1sexparty.com -> 1sexparty.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1stfind.com -> 1stfind.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1stpagehere.com -> 1stpagehere.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1traff.us -> 1traff.us
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\1ze.net -> 1ze.net
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\2-antispyware.com -> 2-antispyware.com
IE restricted site: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\...\2004search.cc -> 2004search.cc
There are 4768 more sites.
Task: {E0C030CA-93E1-4787-BF2E-4A5EA2F5D6F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-01-21] (Google Inc -> Google Inc.)
Task: {E46C7B2C-F629-493C-A1AC-2D71D30FF4E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-01-21] (Google Inc -> Google Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1268798374-1140181337-1142225549-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [not found]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
S3 cpuz138; \??\C:\Users\TomikCR\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
HOSTS:
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BtSendToMenuEx => removed successfully
HKLM\Software\Classes\CLSID\{CF24E6B8-F148-4BCB-9108-ADF313966E80} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully
HKLM\Software\Classes\CLSID\{189F1E63-33A7-404B-B2F6-8C76A452CC54} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully
HKLM\Software\Classes\CLSID\{189F1E63-33A7-404B-B2F6-8C76A452CC54} => not found
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\101hotteens.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\101lottery.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123expressview.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123found.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123keno.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\12don.info => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\143fuck.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\17gamo.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\17webplace.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\180solutions.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1autocity.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1ive.net => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1se.ru => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1sexparty.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1stfind.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1stpagehere.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1traff.us => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1ze.net => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2-antispyware.com => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2004search.cc => removed successfully
There are 4768 more sites. => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E0C030CA-93E1-4787-BF2E-4A5EA2F5D6F2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0C030CA-93E1-4787-BF2E-4A5EA2F5D6F2}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E46C7B2C-F629-493C-A1AC-2D71D30FF4E1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E46C7B2C-F629-493C-A1AC-2D71D30FF4E1}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully
HKLM\Software\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => not found
C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => path removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => removed successfully
HKU\S-1-5-21-1268798374-1140181337-1142225549-1002\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => removed successfully
HKLM\System\CurrentControlSet\Services\cpuz138 => removed successfully
cpuz138 => service removed successfully
HKLM\System\CurrentControlSet\Services\xhunter1 => removed successfully
xhunter1 => service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10851205 B
Java, Flash, Steam htmlcache => 408609098 B
Windows/system/drivers => 4412 B
Edge => 0 B
Chrome => 392723658 B
Firefox => 229376 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 7310 B
TomikCR => 4129208 B
Administrator => 3504 B
RecycleBin => 0 B
EmptyTemp: => 786.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:25:59 ====
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 6 hostů