Spomalenie, kontrola logu, prosím.
Napsal: 13 led 2018 13:44
Prosím o pomoc.
Okrem celkového spomalenia sa občas objaví malé okno(á) BEZ hlavičky a oznámenia dole na lište:
a veľmi často mrzne software touchpadu - čiže celkové ovládanie touchpadom (je to vidieť aj na anim. ikonke v oblasti oznámení).
Prečistené AdwCleanerom, potom FRST.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018
Ran by Pedro (administrator) on LENPEDRO (12-01-2018 13:31:21)
Running from C:\Users\Pedro\Desktop
Loaded Profiles: Pedro (Available Profiles: Pedro)
Platform: Windows 8.1 (Update) (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.32\remoting_host.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.32\remoting_host.exe
(Firebird Project) C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.METREL\MSSQL\Binn\sqlservr.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
() C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(IntelliBreeze Software AB) C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe
(Thomas Ascher) C:\Program Files (x86)\ATnotes\ATnotes.exe
(GeB Development) C:\Program Files (x86)\aWARemote Server\aWARemote Server.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.8\bin\TrayPopupE\TrayTipAgentE.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicator.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-01-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2014-09-26] (Lenovo)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-09-26] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-09-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-09-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [5158144 2017-02-14] (Realtek semiconductor)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EPSON_UD_START] => C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe [329632 2009-01-21] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.8\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2017-12-21] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [41061856 2017-11-20] ()
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [GmailNotifierPro] => C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe [2882400 2017-05-18] (IntelliBreeze Software AB)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [ATnotes.exe] => C:\Program Files (x86)\ATnotes\ATnotes.exe [1015808 2005-01-05] (Thomas Ascher)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Epic Privacy Browser Installer] => C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2016-11-02] (Epic Privacy Browser)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27226072 2016-11-03] (Skype Technologies S.A.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [aWARemote 3.0] => C:\Program Files (x86)\aWARemote Server\aWARemote Server.exe [1733120 2014-11-02] (GeB Development)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [HP Photosmart 5510d series (NET)] => C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk [2017-06-14]
ShortcutTarget: Monitor Ink Alerts - .lnk -> C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5510d series (Network).lnk [2017-09-02]
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 5510d series (Network).lnk -> C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{77CB70A9-B7E7-4F09-AAF3-0C44EF06DD83}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> DefaultScope {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-11-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2017-12-31] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2017-12-31] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-15] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-11-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-15] (Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> is enabled.
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-14] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: esgz87fp.default
FF ProfilePath: C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default [2018-01-10]
FF Homepage: Mozilla\Firefox\Profiles\esgz87fp.default -> google.sk
FF Session Restore: Mozilla\Firefox\Profiles\esgz87fp.default -> is enabled.
FF Extension: (Flash Video Downloader) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\artur.dubovoy@gmail.com.xpi [2017-11-22]
FF Extension: (MEGA) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\firefox@mega.co.nz.xpi [2017-12-22]
FF Extension: (Magic Actions for YouTube™) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi [2017-01-09]
FF Extension: (Slovak (SK) Language Pack) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2017-11-23] [Legacy]
FF Extension: (Slovníky slovenského pravopisu) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\sk@dictionaries.addons.mozilla.org [2017-01-16] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-22]
FF Extension: (Simple YouTube MP3 Button) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{e33788ea-0bb9-4502-9c77-bdc551afc8ab}.xpi [2017-10-13]
FF Extension: (JavaScript Debugger) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2016-05-02] [Legacy]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-01-26] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-09] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2017-12-31] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2017-12-31] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-09] ()
FF Plugin-x32: @google.com/zxwebplugin -> C:\windows\system32\npzxwebplugin.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-11-20] (Nullsoft, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2013-03-04] ()
FF Plugin HKU\S-1-5-21-2121847970-1608828601-3914908799-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-11-02] (Epic Privacy Browser)
FF Plugin HKU\S-1-5-21-2121847970-1608828601-3914908799-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-11-02] (Epic Privacy Browser)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://user:password@192.168.1.1/cgi-bin/online3.cgi?ifno=3
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default [2018-01-12]
CHR Extension: (QR kód) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaephdgbinagkeepamlbkhkfbiaedabm [2015-04-08]
CHR Extension: (Prezentácie) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-24]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2018-01-10]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-04-08]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2017-07-26]
CHR Extension: (Angry Birds) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-04-08]
CHR Extension: (Magio GO) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\anoiechkjklgabdfompidjolhpfdpjdd [2017-05-09]
CHR Extension: (Dokumenty) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-24]
CHR Extension: (Disk Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (Browser To Phone) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgmhcfmipjjciolmfonkjnhpbnfniahh [2015-04-08]
CHR Extension: (YouTube) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (uBlock) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2016-10-22]
CHR Extension: (Tabuľky) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-24]
CHR Extension: (Marlies Dekkers) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepnljgdbelppefncogilfbjikmnbhjm [2015-04-08]
CHR Extension: (Web Components) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\filcobblndaenakhejinpjdblekilpgn [2016-03-02]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-11-08]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (The Great Suspender) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2017-06-13]
CHR Extension: (Google Play) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-04-08]
CHR Extension: (Save as PDF) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2017-11-12]
CHR Extension: (Push2Droid) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgneokpcgdgkphbfhcjgindnaembamlf [2017-09-13]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2015-04-08]
CHR Extension: (Plants vs Zombies) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2015-04-08]
CHR Extension: (Video Downloader GetThemAll) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2017-07-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Psykopaint) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-04-08]
CHR Extension: (Gmail) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-13]
CHR Extension: (FullRip.net YT Mp3 Downloader) - C:\Program Files (x86)\Google\Chrome\Application\addon [2016-11-13]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128944 2017-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [492560 2018-01-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [492560 2018-01-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1526832 2017-12-15] (Avira Operations GmbH & Co. KG)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [444600 2017-12-21] (Avira Operations GmbH & Co. KG)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.32\remoting_host.exe [71512 2017-11-02] (Spoločnosť Google Inc.)
R2 EMP_UDSA; C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [98304 2009-03-10] (SEIKO EPSON CORPORATION) [File not signed]
R2 FirebirdServerKROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [3764224 2011-10-11] (Firebird Project) [File not signed]
R2 FoxitReaderService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe [1659456 2017-08-25] (Foxit Software Inc.)
R2 hasplms; C:\windows\system32\hasplms.exe [4683144 2014-07-17] (SafeNet Inc.)
R2 ibtsiva; C:\windows\system32\ibtsiva.exe [184064 2017-04-15] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282072 2014-03-10] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-26] (Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-09-26] (Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 MSSQL$METREL; C:\Program Files\Microsoft SQL Server\MSSQL11.METREL\MSSQL\Binn\sqlservr.exe [192000 2012-12-29] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-18] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2016-06-15] (HP Inc.) [File not signed]
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-25] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-25] (PointGrab LTD)
S3 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [285712 2014-09-26] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [304144 2014-09-26] (Lenovo)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2016-06-15] (HP Inc.) [File not signed]
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [745664 2016-01-11] (@ByELDI) [File not signed]
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
S4 SQLAgent$METREL; C:\Program Files\Microsoft SQL Server\MSSQL11.METREL\MSSQL\Binn\SQLAGENT.EXE [612864 2012-12-29] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-09-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2014-09-26] (Lenovo)
R2 YogaPicks.AppService; C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe [19440 2014-01-06] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-18] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [60920 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [178840 2017-12-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\system32\DRIVERS\avipbb.sys [169376 2017-12-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-02] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\windows\System32\Drivers\avusbflt.sys [38048 2017-06-14] (Avira Operations GmbH & Co. KG)
S3 AX88772; C:\windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [24056 2016-01-14] ()
R0 EPMVolFlt; C:\windows\System32\drivers\EPMVolFlt.sys [20936 2017-11-23] (Windows (R) Codename Longhorn DDK provider)
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [10848 2016-07-11] () [File not signed]
S3 FTDIBUS; C:\windows\system32\drivers\ftdibus.sys [129448 2017-09-19] (Future Technology Devices International Ltd.)
S3 FTSER2K; C:\windows\system32\drivers\ftser2k.sys [89800 2017-08-24] (Future Technology Devices International Ltd.)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331608 2014-07-17] (SafeNet Inc.)
S3 HPEWSFXBULK; C:\windows\system32\drivers\hpfx64bulk.sys [29200 2017-03-06] (Hewlett Packard)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-02-11] (REALiX(tm))
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [229632 2017-04-15] (Intel Corporation)
S3 IT9135BDA; C:\windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [253880 2018-01-12] (Malwarebytes)
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3517200 2017-02-14] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R2 NPF; C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\npf64.sys [36600 2016-08-17] (Riverbed Technology, Inc.)
S4 RsFx0201; C:\windows\System32\DRIVERS\RsFx0201.sys [336880 2012-10-20] (Microsoft Corporation)
S3 RTL2832UBDA; C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys [237968 2013-11-18] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\SysWOW64\Drivers\RTL2832UUSB.sys [39056 2013-11-18] (REALTEK SEMICONDUCTOR Corp.)
R3 RTSUER; C:\windows\system32\Drivers\RtsUer.sys [418784 2017-02-14] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [3127552 2017-02-14] (Realtek Semiconductor Corp.)
R3 SensorsServiceDriver; C:\windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2017-03-12] (Synaptics Incorporated)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 usbrndis6; C:\windows\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2014-12-31] (Basil Projects)
R3 WinDriver6; C:\windows\system32\drivers\windrvr6.sys [268800 2014-01-28] (Jungo Connectivity)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-01-12 13:31 - 2018-01-12 13:36 - 000034760 _____ C:\Users\Pedro\Desktop\FRST.txt
2018-01-12 09:27 - 2018-01-12 09:28 - 000043307 _____ C:\Users\Pedro\Desktop\Addition.txt
2018-01-12 09:06 - 2018-01-12 09:06 - 000112640 _____ (forum.viry.cz) C:\Users\Pedro\Desktop\FRSTLauncher.exe
2018-01-12 09:01 - 2018-01-12 09:01 - 002393088 _____ (Farbar) C:\Users\Pedro\Desktop\FRST64.exe
2018-01-11 18:29 - 2018-01-11 18:29 - 000000354 _____ C:\Users\Pedro\Desktop\materiál fara dec2017
2018-01-10 22:39 - 2018-01-12 13:12 - 000253880 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2018-01-10 18:33 - 2018-01-12 08:40 - 000000000 ____D C:\AdwCleaner
2018-01-10 17:47 - 2018-01-10 17:47 - 008198432 _____ (Malwarebytes) C:\Users\Pedro\Desktop\AdwCleaner.exe
2018-01-06 12:34 - 2018-01-06 12:50 - 000000458 _____ C:\Users\Pedro\Desktop\Sescom januar 2018.txt
2018-01-01 19:26 - 2018-01-01 19:26 - 000001365 _____ C:\Users\Public\Desktop\EaseUS Partition Master 12.8.lnk
2018-01-01 19:26 - 2018-01-01 19:26 - 000000000 ____D C:\ProgramData\SystemAcCrux
2018-01-01 19:26 - 2018-01-01 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 12.8
2018-01-01 19:25 - 2018-01-01 19:25 - 000000000 ____D C:\Program Files (x86)\EaseUS
2018-01-01 19:25 - 2017-12-06 12:47 - 004094608 _____ C:\windows\system32\BootMan.exe
2018-01-01 19:25 - 2017-12-06 12:47 - 003076240 _____ C:\windows\SysWOW64\BootMan.exe
2018-01-01 19:25 - 2017-12-01 16:32 - 000131728 _____ C:\windows\system32\setupempdrvx64.exe
2018-01-01 19:25 - 2017-11-23 11:47 - 000020936 _____ (Windows (R) Codename Longhorn DDK provider) C:\windows\system32\EPMVolFlt.sys
2018-01-01 19:25 - 2017-11-23 11:47 - 000020936 _____ (Windows (R) Codename Longhorn DDK provider) C:\windows\system32\Drivers\EPMVolFlt.sys
2018-01-01 19:25 - 2016-07-11 10:01 - 000010848 _____ C:\windows\system32\EuGdiDrv.sys
2018-01-01 19:25 - 2016-01-14 10:05 - 000024056 _____ C:\windows\system32\epmntdrv.sys
2018-01-01 19:25 - 2014-11-18 14:46 - 000021088 _____ C:\windows\SysWOW64\EuEpmGdi.dll
2018-01-01 19:25 - 2014-11-18 14:46 - 000017504 _____ C:\windows\system32\EuEpmGdi.dll
2017-12-31 22:55 - 2017-12-31 22:56 - 000001398 _____ C:\Users\Pedro\Desktop\rufus-2.12.lnk
2017-12-31 11:00 - 2017-12-31 11:00 - 000000000 ____D C:\windows\SysWOW64\rufus_files
2017-12-31 10:41 - 2017-12-31 10:40 - 000111016 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2017-12-31 10:29 - 2017-12-31 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-12-30 17:13 - 2017-12-30 17:14 - 000000000 ___HD C:\$SysReset
2017-12-29 20:02 - 2017-12-29 18:12 - 000014060 ____N C:\Users\Pedro\Desktop\aa_skin_values.night.lua
2017-12-29 19:58 - 2017-12-29 18:12 - 000013970 ____N C:\Users\Pedro\Desktop\aa_skin_values.day.lua
2017-12-23 18:13 - 2017-12-23 18:13 - 000000000 ____D C:\windows\LastGood.Tmp
2017-12-23 18:03 - 2017-12-23 18:03 - 000000000 ____D C:\Users\Pedro\AppData\Local\Metrel_d.d
2017-12-23 17:56 - 2017-12-23 17:57 - 000000000 ____D C:\Program Files (x86)\Metrel
2017-12-23 17:56 - 2017-12-23 17:56 - 000001952 _____ C:\Users\Public\Desktop\Metrel PATLink PRO.lnk
2017-12-23 17:56 - 2017-12-23 17:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metrel
2017-12-23 17:43 - 2012-02-11 19:02 - 000045656 _____ (Microsoft Corporation) C:\windows\SysWOW64\perf-MSSQL11.METREL-sqlagtctr.dll
2017-12-23 17:43 - 2012-02-11 17:44 - 000054360 _____ (Microsoft Corporation) C:\windows\system32\perf-MSSQL11.METREL-sqlagtctr.dll
2017-12-23 17:42 - 2012-02-11 19:03 - 000082520 _____ (Microsoft Corporation) C:\windows\SysWOW64\perf-MSSQL$METREL-sqlctr11.1.3000.0.dll
2017-12-23 17:42 - 2012-02-11 17:46 - 000180312 _____ (Microsoft Corporation) C:\windows\system32\hadrres.dll
2017-12-23 17:42 - 2012-02-11 17:46 - 000082520 _____ (Microsoft Corporation) C:\windows\system32\fssres.dll
2017-12-23 17:42 - 2012-02-11 17:44 - 000095832 _____ (Microsoft Corporation) C:\windows\system32\perf-MSSQL$METREL-sqlctr11.1.3000.0.dll
2017-12-23 17:39 - 2017-12-23 17:39 - 000000000 ____D C:\windows\system32\RsFx
2017-12-23 17:38 - 2017-12-23 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
2017-12-23 17:37 - 2017-12-23 17:37 - 000000000 ____D C:\windows\system32\1033
2017-12-23 17:28 - 2017-12-23 17:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012
2017-12-19 09:24 - 2017-12-19 09:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-12-19 09:24 - 2017-11-29 09:11 - 000077432 _____ C:\windows\system32\Drivers\mbae64.sys
2017-12-19 09:22 - 2017-12-19 09:22 - 000000000 ____D C:\ProgramData\MB3CoreBackup
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-01-12 13:35 - 2014-12-31 15:04 - 000000000 ___RD C:\gd
2018-01-12 13:32 - 2017-01-09 21:46 - 000000000 ____D C:\Users\Pedro\AppData\LocalLow\Mozilla
2018-01-12 13:30 - 2015-01-24 14:13 - 000024800 _____ C:\Users\Pedro\AppData\Roaming\Notepad2.ini
2018-01-12 13:30 - 2015-01-02 09:50 - 000000000 ____D C:\Users\Pedro\AppData\Local\GmailNotifierPro
2018-01-12 13:11 - 2013-08-22 15:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-01-12 13:10 - 2014-09-26 21:37 - 000006656 _____ C:\windows\system32\VfService.trf
2018-01-12 12:48 - 2015-01-02 09:50 - 000000000 ____D C:\Users\Pedro\AppData\Roaming\GmailNotifierPro
2018-01-12 11:55 - 2017-04-18 21:40 - 000000416 _____ C:\windows\Tasks\update-sys.job
2018-01-12 09:38 - 2017-04-18 20:46 - 000000406 _____ C:\windows\Tasks\update-S-1-5-21-2121847970-1608828601-3914908799-1001.job
2018-01-12 09:24 - 2016-06-17 14:34 - 000000000 ____D C:\FRST
2018-01-12 09:08 - 2015-01-02 17:57 - 000000000 ____D C:\=DOWNLOADS=
2018-01-12 08:58 - 2014-03-18 10:53 - 000987220 _____ C:\windows\system32\PerfStringBackup.INI
2018-01-12 08:58 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2018-01-11 00:09 - 2017-03-03 19:35 - 000000000 ____D C:\Users\Pedro\AppData\Roaming\aWARemote Server
2018-01-10 23:21 - 2015-01-07 23:51 - 000000000 ____D C:\Users\Pedro\AppData\Roaming\MPC-HC
2018-01-10 22:19 - 2015-01-02 17:53 - 000000000 ____D C:\Users\Pedro\AppData\Roaming\uTorrent
2018-01-10 22:16 - 2017-08-13 17:46 - 000000000 ____D C:\ProgramData\firebird
2018-01-10 17:14 - 2017-05-31 16:03 - 000004992 _____ C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Lenpedro-Pedro Lenpedro
2018-01-10 16:46 - 2014-12-30 22:24 - 000003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2121847970-1608828601-3914908799-1001
2018-01-10 11:08 - 2016-12-18 13:11 - 000000000 ____D C:\Users\Pedro\AppData\LocalLow\uTorrent
2018-01-09 20:47 - 2015-03-22 14:18 - 000004288 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-01-09 20:47 - 2013-08-22 16:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-01-09 20:47 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\Macromed
2018-01-08 23:13 - 2014-09-26 20:53 - 000000000 ____D C:\ProgramData\Package Cache
2018-01-08 23:08 - 2013-08-22 14:25 - 000524288 ___SH C:\windows\system32\config\BBI
2018-01-08 16:15 - 2017-11-19 20:18 - 000003872 _____ C:\windows\System32\Tasks\CCleaner Update
2018-01-08 16:15 - 2017-02-07 20:54 - 000000845 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-01-08 12:22 - 2014-12-31 00:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-01-06 11:30 - 2015-04-06 00:28 - 000002238 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-04 23:54 - 2015-01-26 12:59 - 000000000 ____D C:\Users\Pedro\AppData\Roaming\Mp3tag
2018-01-03 18:00 - 2017-03-14 22:18 - 000000290 __RSH C:\ProgramData\ntuser.pol
2018-01-03 00:23 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\NDF
2018-01-01 18:52 - 2014-12-31 19:33 - 000000000 ____D C:\+SHARE+
2018-01-01 17:54 - 2015-03-08 17:46 - 000000132 _____ C:\Users\Pedro\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2017-12-31 10:57 - 2013-08-22 16:36 - 000000000 ___HD C:\windows\system32\GroupPolicy
2017-12-31 10:57 - 2013-08-22 16:36 - 000000000 ____D C:\windows\SysWOW64\GroupPolicy
2017-12-31 10:32 - 2014-12-30 22:18 - 000000000 ____D C:\Users\Pedro\AppData\Local\Packages
2017-12-31 10:28 - 2015-01-24 18:50 - 000000000 ____D C:\Program Files\Java
2017-12-23 17:41 - 2014-12-31 22:29 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2017-12-23 17:40 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-12-23 17:38 - 2014-12-31 22:29 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2017-12-23 17:37 - 2015-01-08 18:52 - 000000000 ____D C:\windows\SysWOW64\1033
2017-12-22 17:51 - 2015-08-19 19:33 - 000000000 ____D C:\Users\Pedro\Documents\Fax
2017-12-22 17:51 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\FxsTmp
2017-12-15 08:14 - 2015-01-08 19:09 - 000000000 ____D C:\Users\Pedro\AppData\Local\ElevatedDiagnostics
2017-12-15 00:15 - 2014-12-31 00:26 - 000178840 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2017-12-15 00:15 - 2014-12-31 00:26 - 000169376 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2017-12-14 10:49 - 2017-12-12 20:22 - 000000000 ____D C:\Users\Pedro\AppData\Roaming\Foxit Scanner Images
==================== Files in the root of some directories =======
2015-01-21 16:05 - 2000-06-08 14:46 - 000003638 _____ () C:\Program Files (x86)\Common Files\Config.ico
2015-01-21 16:05 - 2008-07-25 11:17 - 000558080 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCP80.dll
2015-01-21 16:05 - 2008-07-25 11:17 - 000635904 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCR80.dll
2015-02-12 18:16 - 2015-04-21 12:03 - 000000132 _____ () C:\Users\Pedro\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2015-03-08 17:46 - 2018-01-01 17:54 - 000000132 _____ () C:\Users\Pedro\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-01-24 14:13 - 2018-01-12 13:30 - 000024800 _____ () C:\Users\Pedro\AppData\Roaming\Notepad2.ini
2017-08-07 23:12 - 2017-11-17 21:02 - 000003584 _____ () C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-11-18 20:02 - 2017-11-18 20:02 - 000000218 _____ () C:\Users\Pedro\AppData\Local\recently-used.xbel
2015-01-02 12:47 - 2015-01-02 12:47 - 000000017 _____ () C:\Users\Pedro\AppData\Local\resmon.resmoncfg
2016-05-19 08:08 - 2016-05-19 08:08 - 000000003 _____ () C:\Users\Pedro\AppData\Local\updater.log
2016-05-19 08:08 - 2017-05-08 08:26 - 000000425 _____ () C:\Users\Pedro\AppData\Local\UserProducts.xml
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-01-07 12:43
==================== End of FRST.txt ============================
Okrem celkového spomalenia sa občas objaví malé okno(á) BEZ hlavičky a oznámenia dole na lište:
a veľmi často mrzne software touchpadu - čiže celkové ovládanie touchpadom (je to vidieť aj na anim. ikonke v oblasti oznámení).
Prečistené AdwCleanerom, potom FRST.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018
Ran by Pedro (administrator) on LENPEDRO (12-01-2018 13:31:21)
Running from C:\Users\Pedro\Desktop
Loaded Profiles: Pedro (Available Profiles: Pedro)
Platform: Windows 8.1 (Update) (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.32\remoting_host.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.32\remoting_host.exe
(Firebird Project) C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.METREL\MSSQL\Binn\sqlservr.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
() C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(IntelliBreeze Software AB) C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe
(Thomas Ascher) C:\Program Files (x86)\ATnotes\ATnotes.exe
(GeB Development) C:\Program Files (x86)\aWARemote Server\aWARemote Server.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.8\bin\TrayPopupE\TrayTipAgentE.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicator.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-01-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2014-09-26] (Lenovo)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-09-26] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-09-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-09-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [5158144 2017-02-14] (Realtek semiconductor)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EPSON_UD_START] => C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe [329632 2009-01-21] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.8\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2017-12-21] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [41061856 2017-11-20] ()
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [GmailNotifierPro] => C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe [2882400 2017-05-18] (IntelliBreeze Software AB)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [ATnotes.exe] => C:\Program Files (x86)\ATnotes\ATnotes.exe [1015808 2005-01-05] (Thomas Ascher)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Epic Privacy Browser Installer] => C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2016-11-02] (Epic Privacy Browser)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27226072 2016-11-03] (Skype Technologies S.A.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [aWARemote 3.0] => C:\Program Files (x86)\aWARemote Server\aWARemote Server.exe [1733120 2014-11-02] (GeB Development)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [HP Photosmart 5510d series (NET)] => C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk [2017-06-14]
ShortcutTarget: Monitor Ink Alerts - .lnk -> C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5510d series (Network).lnk [2017-09-02]
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 5510d series (Network).lnk -> C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{77CB70A9-B7E7-4F09-AAF3-0C44EF06DD83}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> DefaultScope {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-11-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2017-12-31] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2017-12-31] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-15] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-11-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-15] (Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> is enabled.
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-14] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: esgz87fp.default
FF ProfilePath: C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default [2018-01-10]
FF Homepage: Mozilla\Firefox\Profiles\esgz87fp.default -> google.sk
FF Session Restore: Mozilla\Firefox\Profiles\esgz87fp.default -> is enabled.
FF Extension: (Flash Video Downloader) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\artur.dubovoy@gmail.com.xpi [2017-11-22]
FF Extension: (MEGA) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\firefox@mega.co.nz.xpi [2017-12-22]
FF Extension: (Magic Actions for YouTube™) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi [2017-01-09]
FF Extension: (Slovak (SK) Language Pack) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2017-11-23] [Legacy]
FF Extension: (Slovníky slovenského pravopisu) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\sk@dictionaries.addons.mozilla.org [2017-01-16] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-22]
FF Extension: (Simple YouTube MP3 Button) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{e33788ea-0bb9-4502-9c77-bdc551afc8ab}.xpi [2017-10-13]
FF Extension: (JavaScript Debugger) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2016-05-02] [Legacy]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-01-26] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-09] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2017-12-31] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2017-12-31] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-09] ()
FF Plugin-x32: @google.com/zxwebplugin -> C:\windows\system32\npzxwebplugin.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-11-20] (Nullsoft, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2013-03-04] ()
FF Plugin HKU\S-1-5-21-2121847970-1608828601-3914908799-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-11-02] (Epic Privacy Browser)
FF Plugin HKU\S-1-5-21-2121847970-1608828601-3914908799-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-11-02] (Epic Privacy Browser)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://user:password@192.168.1.1/cgi-bin/online3.cgi?ifno=3
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default [2018-01-12]
CHR Extension: (QR kód) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaephdgbinagkeepamlbkhkfbiaedabm [2015-04-08]
CHR Extension: (Prezentácie) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-24]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2018-01-10]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-04-08]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2017-07-26]
CHR Extension: (Angry Birds) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-04-08]
CHR Extension: (Magio GO) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\anoiechkjklgabdfompidjolhpfdpjdd [2017-05-09]
CHR Extension: (Dokumenty) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-24]
CHR Extension: (Disk Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (Browser To Phone) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgmhcfmipjjciolmfonkjnhpbnfniahh [2015-04-08]
CHR Extension: (YouTube) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (uBlock) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2016-10-22]
CHR Extension: (Tabuľky) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-24]
CHR Extension: (Marlies Dekkers) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepnljgdbelppefncogilfbjikmnbhjm [2015-04-08]
CHR Extension: (Web Components) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\filcobblndaenakhejinpjdblekilpgn [2016-03-02]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-11-08]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (The Great Suspender) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2017-06-13]
CHR Extension: (Google Play) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-04-08]
CHR Extension: (Save as PDF) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2017-11-12]
CHR Extension: (Push2Droid) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgneokpcgdgkphbfhcjgindnaembamlf [2017-09-13]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2015-04-08]
CHR Extension: (Plants vs Zombies) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2015-04-08]
CHR Extension: (Video Downloader GetThemAll) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2017-07-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Psykopaint) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-04-08]
CHR Extension: (Gmail) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-13]
CHR Extension: (FullRip.net YT Mp3 Downloader) - C:\Program Files (x86)\Google\Chrome\Application\addon [2016-11-13]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128944 2017-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [492560 2018-01-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [492560 2018-01-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1526832 2017-12-15] (Avira Operations GmbH & Co. KG)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [444600 2017-12-21] (Avira Operations GmbH & Co. KG)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.32\remoting_host.exe [71512 2017-11-02] (Spoločnosť Google Inc.)
R2 EMP_UDSA; C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [98304 2009-03-10] (SEIKO EPSON CORPORATION) [File not signed]
R2 FirebirdServerKROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [3764224 2011-10-11] (Firebird Project) [File not signed]
R2 FoxitReaderService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe [1659456 2017-08-25] (Foxit Software Inc.)
R2 hasplms; C:\windows\system32\hasplms.exe [4683144 2014-07-17] (SafeNet Inc.)
R2 ibtsiva; C:\windows\system32\ibtsiva.exe [184064 2017-04-15] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282072 2014-03-10] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-26] (Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-09-26] (Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 MSSQL$METREL; C:\Program Files\Microsoft SQL Server\MSSQL11.METREL\MSSQL\Binn\sqlservr.exe [192000 2012-12-29] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-18] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2016-06-15] (HP Inc.) [File not signed]
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-25] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-25] (PointGrab LTD)
S3 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [285712 2014-09-26] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [304144 2014-09-26] (Lenovo)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2016-06-15] (HP Inc.) [File not signed]
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [745664 2016-01-11] (@ByELDI) [File not signed]
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
S4 SQLAgent$METREL; C:\Program Files\Microsoft SQL Server\MSSQL11.METREL\MSSQL\Binn\SQLAGENT.EXE [612864 2012-12-29] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-09-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2014-09-26] (Lenovo)
R2 YogaPicks.AppService; C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe [19440 2014-01-06] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-18] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [60920 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [178840 2017-12-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\system32\DRIVERS\avipbb.sys [169376 2017-12-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-02] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\windows\System32\Drivers\avusbflt.sys [38048 2017-06-14] (Avira Operations GmbH & Co. KG)
S3 AX88772; C:\windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [24056 2016-01-14] ()
R0 EPMVolFlt; C:\windows\System32\drivers\EPMVolFlt.sys [20936 2017-11-23] (Windows (R) Codename Longhorn DDK provider)
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [10848 2016-07-11] () [File not signed]
S3 FTDIBUS; C:\windows\system32\drivers\ftdibus.sys [129448 2017-09-19] (Future Technology Devices International Ltd.)
S3 FTSER2K; C:\windows\system32\drivers\ftser2k.sys [89800 2017-08-24] (Future Technology Devices International Ltd.)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331608 2014-07-17] (SafeNet Inc.)
S3 HPEWSFXBULK; C:\windows\system32\drivers\hpfx64bulk.sys [29200 2017-03-06] (Hewlett Packard)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-02-11] (REALiX(tm))
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [229632 2017-04-15] (Intel Corporation)
S3 IT9135BDA; C:\windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [253880 2018-01-12] (Malwarebytes)
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3517200 2017-02-14] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R2 NPF; C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\npf64.sys [36600 2016-08-17] (Riverbed Technology, Inc.)
S4 RsFx0201; C:\windows\System32\DRIVERS\RsFx0201.sys [336880 2012-10-20] (Microsoft Corporation)
S3 RTL2832UBDA; C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys [237968 2013-11-18] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\SysWOW64\Drivers\RTL2832UUSB.sys [39056 2013-11-18] (REALTEK SEMICONDUCTOR Corp.)
R3 RTSUER; C:\windows\system32\Drivers\RtsUer.sys [418784 2017-02-14] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [3127552 2017-02-14] (Realtek Semiconductor Corp.)
R3 SensorsServiceDriver; C:\windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2017-03-12] (Synaptics Incorporated)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 usbrndis6; C:\windows\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2014-12-31] (Basil Projects)
R3 WinDriver6; C:\windows\system32\drivers\windrvr6.sys [268800 2014-01-28] (Jungo Connectivity)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-01-12 13:31 - 2018-01-12 13:36 - 000034760 _____ C:\Users\Pedro\Desktop\FRST.txt
2018-01-12 09:27 - 2018-01-12 09:28 - 000043307 _____ C:\Users\Pedro\Desktop\Addition.txt
2018-01-12 09:06 - 2018-01-12 09:06 - 000112640 _____ (forum.viry.cz) C:\Users\Pedro\Desktop\FRSTLauncher.exe
2018-01-12 09:01 - 2018-01-12 09:01 - 002393088 _____ (Farbar) C:\Users\Pedro\Desktop\FRST64.exe
2018-01-11 18:29 - 2018-01-11 18:29 - 000000354 _____ C:\Users\Pedro\Desktop\materiál fara dec2017
2018-01-10 22:39 - 2018-01-12 13:12 - 000253880 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2018-01-10 18:33 - 2018-01-12 08:40 - 000000000 ____D C:\AdwCleaner
2018-01-10 17:47 - 2018-01-10 17:47 - 008198432 _____ (Malwarebytes) C:\Users\Pedro\Desktop\AdwCleaner.exe
2018-01-06 12:34 - 2018-01-06 12:50 - 000000458 _____ C:\Users\Pedro\Desktop\Sescom januar 2018.txt
2018-01-01 19:26 - 2018-01-01 19:26 - 000001365 _____ C:\Users\Public\Desktop\EaseUS Partition Master 12.8.lnk
2018-01-01 19:26 - 2018-01-01 19:26 - 000000000 ____D C:\ProgramData\SystemAcCrux
2018-01-01 19:26 - 2018-01-01 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 12.8
2018-01-01 19:25 - 2018-01-01 19:25 - 000000000 ____D C:\Program Files (x86)\EaseUS
2018-01-01 19:25 - 2017-12-06 12:47 - 004094608 _____ C:\windows\system32\BootMan.exe
2018-01-01 19:25 - 2017-12-06 12:47 - 003076240 _____ C:\windows\SysWOW64\BootMan.exe
2018-01-01 19:25 - 2017-12-01 16:32 - 000131728 _____ C:\windows\system32\setupempdrvx64.exe
2018-01-01 19:25 - 2017-11-23 11:47 - 000020936 _____ (Windows (R) Codename Longhorn DDK provider) C:\windows\system32\EPMVolFlt.sys
2018-01-01 19:25 - 2017-11-23 11:47 - 000020936 _____ (Windows (R) Codename Longhorn DDK provider) C:\windows\system32\Drivers\EPMVolFlt.sys
2018-01-01 19:25 - 2016-07-11 10:01 - 000010848 _____ C:\windows\system32\EuGdiDrv.sys
2018-01-01 19:25 - 2016-01-14 10:05 - 000024056 _____ C:\windows\system32\epmntdrv.sys
2018-01-01 19:25 - 2014-11-18 14:46 - 000021088 _____ C:\windows\SysWOW64\EuEpmGdi.dll
2018-01-01 19:25 - 2014-11-18 14:46 - 000017504 _____ C:\windows\system32\EuEpmGdi.dll
2017-12-31 22:55 - 2017-12-31 22:56 - 000001398 _____ C:\Users\Pedro\Desktop\rufus-2.12.lnk
2017-12-31 11:00 - 2017-12-31 11:00 - 000000000 ____D C:\windows\SysWOW64\rufus_files
2017-12-31 10:41 - 2017-12-31 10:40 - 000111016 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2017-12-31 10:29 - 2017-12-31 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-12-30 17:13 - 2017-12-30 17:14 - 000000000 ___HD C:\$SysReset
2017-12-29 20:02 - 2017-12-29 18:12 - 000014060 ____N C:\Users\Pedro\Desktop\aa_skin_values.night.lua
2017-12-29 19:58 - 2017-12-29 18:12 - 000013970 ____N C:\Users\Pedro\Desktop\aa_skin_values.day.lua
2017-12-23 18:13 - 2017-12-23 18:13 - 000000000 ____D C:\windows\LastGood.Tmp
2017-12-23 18:03 - 2017-12-23 18:03 - 000000000 ____D C:\Users\Pedro\AppData\Local\Metrel_d.d
2017-12-23 17:56 - 2017-12-23 17:57 - 000000000 ____D C:\Program Files (x86)\Metrel
2017-12-23 17:56 - 2017-12-23 17:56 - 000001952 _____ C:\Users\Public\Desktop\Metrel PATLink PRO.lnk
2017-12-23 17:56 - 2017-12-23 17:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metrel
2017-12-23 17:43 - 2012-02-11 19:02 - 000045656 _____ (Microsoft Corporation) C:\windows\SysWOW64\perf-MSSQL11.METREL-sqlagtctr.dll
2017-12-23 17:43 - 2012-02-11 17:44 - 000054360 _____ (Microsoft Corporation) C:\windows\system32\perf-MSSQL11.METREL-sqlagtctr.dll
2017-12-23 17:42 - 2012-02-11 19:03 - 000082520 _____ (Microsoft Corporation) C:\windows\SysWOW64\perf-MSSQL$METREL-sqlctr11.1.3000.0.dll
2017-12-23 17:42 - 2012-02-11 17:46 - 000180312 _____ (Microsoft Corporation) C:\windows\system32\hadrres.dll
2017-12-23 17:42 - 2012-02-11 17:46 - 000082520 _____ (Microsoft Corporation) C:\windows\system32\fssres.dll
2017-12-23 17:42 - 2012-02-11 17:44 - 000095832 _____ (Microsoft Corporation) C:\windows\system32\perf-MSSQL$METREL-sqlctr11.1.3000.0.dll
2017-12-23 17:39 - 2017-12-23 17:39 - 000000000 ____D C:\windows\system32\RsFx
2017-12-23 17:38 - 2017-12-23 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
2017-12-23 17:37 - 2017-12-23 17:37 - 000000000 ____D C:\windows\system32\1033
2017-12-23 17:28 - 2017-12-23 17:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012
2017-12-19 09:24 - 2017-12-19 09:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-12-19 09:24 - 2017-11-29 09:11 - 000077432 _____ C:\windows\system32\Drivers\mbae64.sys
2017-12-19 09:22 - 2017-12-19 09:22 - 000000000 ____D C:\ProgramData\MB3CoreBackup
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-01-12 13:35 - 2014-12-31 15:04 - 000000000 ___RD C:\gd
2018-01-12 13:32 - 2017-01-09 21:46 - 000000000 ____D C:\Users\Pedro\AppData\LocalLow\Mozilla
2018-01-12 13:30 - 2015-01-24 14:13 - 000024800 _____ C:\Users\Pedro\AppData\Roaming\Notepad2.ini
2018-01-12 13:30 - 2015-01-02 09:50 - 000000000 ____D C:\Users\Pedro\AppData\Local\GmailNotifierPro
2018-01-12 13:11 - 2013-08-22 15:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-01-12 13:10 - 2014-09-26 21:37 - 000006656 _____ C:\windows\system32\VfService.trf
2018-01-12 12:48 - 2015-01-02 09:50 - 000000000 ____D C:\Users\Pedro\AppData\Roaming\GmailNotifierPro
2018-01-12 11:55 - 2017-04-18 21:40 - 000000416 _____ C:\windows\Tasks\update-sys.job
2018-01-12 09:38 - 2017-04-18 20:46 - 000000406 _____ C:\windows\Tasks\update-S-1-5-21-2121847970-1608828601-3914908799-1001.job
2018-01-12 09:24 - 2016-06-17 14:34 - 000000000 ____D C:\FRST
2018-01-12 09:08 - 2015-01-02 17:57 - 000000000 ____D C:\=DOWNLOADS=
2018-01-12 08:58 - 2014-03-18 10:53 - 000987220 _____ C:\windows\system32\PerfStringBackup.INI
2018-01-12 08:58 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2018-01-11 00:09 - 2017-03-03 19:35 - 000000000 ____D C:\Users\Pedro\AppData\Roaming\aWARemote Server
2018-01-10 23:21 - 2015-01-07 23:51 - 000000000 ____D C:\Users\Pedro\AppData\Roaming\MPC-HC
2018-01-10 22:19 - 2015-01-02 17:53 - 000000000 ____D C:\Users\Pedro\AppData\Roaming\uTorrent
2018-01-10 22:16 - 2017-08-13 17:46 - 000000000 ____D C:\ProgramData\firebird
2018-01-10 17:14 - 2017-05-31 16:03 - 000004992 _____ C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Lenpedro-Pedro Lenpedro
2018-01-10 16:46 - 2014-12-30 22:24 - 000003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2121847970-1608828601-3914908799-1001
2018-01-10 11:08 - 2016-12-18 13:11 - 000000000 ____D C:\Users\Pedro\AppData\LocalLow\uTorrent
2018-01-09 20:47 - 2015-03-22 14:18 - 000004288 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-01-09 20:47 - 2013-08-22 16:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-01-09 20:47 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\Macromed
2018-01-08 23:13 - 2014-09-26 20:53 - 000000000 ____D C:\ProgramData\Package Cache
2018-01-08 23:08 - 2013-08-22 14:25 - 000524288 ___SH C:\windows\system32\config\BBI
2018-01-08 16:15 - 2017-11-19 20:18 - 000003872 _____ C:\windows\System32\Tasks\CCleaner Update
2018-01-08 16:15 - 2017-02-07 20:54 - 000000845 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-01-08 12:22 - 2014-12-31 00:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-01-06 11:30 - 2015-04-06 00:28 - 000002238 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-04 23:54 - 2015-01-26 12:59 - 000000000 ____D C:\Users\Pedro\AppData\Roaming\Mp3tag
2018-01-03 18:00 - 2017-03-14 22:18 - 000000290 __RSH C:\ProgramData\ntuser.pol
2018-01-03 00:23 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\NDF
2018-01-01 18:52 - 2014-12-31 19:33 - 000000000 ____D C:\+SHARE+
2018-01-01 17:54 - 2015-03-08 17:46 - 000000132 _____ C:\Users\Pedro\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2017-12-31 10:57 - 2013-08-22 16:36 - 000000000 ___HD C:\windows\system32\GroupPolicy
2017-12-31 10:57 - 2013-08-22 16:36 - 000000000 ____D C:\windows\SysWOW64\GroupPolicy
2017-12-31 10:32 - 2014-12-30 22:18 - 000000000 ____D C:\Users\Pedro\AppData\Local\Packages
2017-12-31 10:28 - 2015-01-24 18:50 - 000000000 ____D C:\Program Files\Java
2017-12-23 17:41 - 2014-12-31 22:29 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2017-12-23 17:40 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-12-23 17:38 - 2014-12-31 22:29 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2017-12-23 17:37 - 2015-01-08 18:52 - 000000000 ____D C:\windows\SysWOW64\1033
2017-12-22 17:51 - 2015-08-19 19:33 - 000000000 ____D C:\Users\Pedro\Documents\Fax
2017-12-22 17:51 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\FxsTmp
2017-12-15 08:14 - 2015-01-08 19:09 - 000000000 ____D C:\Users\Pedro\AppData\Local\ElevatedDiagnostics
2017-12-15 00:15 - 2014-12-31 00:26 - 000178840 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2017-12-15 00:15 - 2014-12-31 00:26 - 000169376 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2017-12-14 10:49 - 2017-12-12 20:22 - 000000000 ____D C:\Users\Pedro\AppData\Roaming\Foxit Scanner Images
==================== Files in the root of some directories =======
2015-01-21 16:05 - 2000-06-08 14:46 - 000003638 _____ () C:\Program Files (x86)\Common Files\Config.ico
2015-01-21 16:05 - 2008-07-25 11:17 - 000558080 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCP80.dll
2015-01-21 16:05 - 2008-07-25 11:17 - 000635904 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCR80.dll
2015-02-12 18:16 - 2015-04-21 12:03 - 000000132 _____ () C:\Users\Pedro\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2015-03-08 17:46 - 2018-01-01 17:54 - 000000132 _____ () C:\Users\Pedro\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-01-24 14:13 - 2018-01-12 13:30 - 000024800 _____ () C:\Users\Pedro\AppData\Roaming\Notepad2.ini
2017-08-07 23:12 - 2017-11-17 21:02 - 000003584 _____ () C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-11-18 20:02 - 2017-11-18 20:02 - 000000218 _____ () C:\Users\Pedro\AppData\Local\recently-used.xbel
2015-01-02 12:47 - 2015-01-02 12:47 - 000000017 _____ () C:\Users\Pedro\AppData\Local\resmon.resmoncfg
2016-05-19 08:08 - 2016-05-19 08:08 - 000000003 _____ () C:\Users\Pedro\AppData\Local\updater.log
2016-05-19 08:08 - 2017-05-08 08:26 - 000000425 _____ () C:\Users\Pedro\AppData\Local\UserProducts.xml
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-01-07 12:43
==================== End of FRST.txt ============================