Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Potenciální nebezpečí, prosím o pomoc

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
Hugo111
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 16 kvě 2018 16:55

Potenciální nebezpečí, prosím o pomoc

#1 Příspěvek od Hugo111 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12.05.2018
Ran by Bender (16-05-2018 17:58:34)
Running from D:\Staženo
Windows 10 Pro Version 1709 16299.371 (X64) (2018-01-24 08:32:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1516928578-2532743376-384880014-500 - Administrator - Disabled)
Bender (S-1-5-21-1516928578-2532743376-384880014-1001 - Administrator - Enabled) => C:\Users\Bender
DefaultAccount (S-1-5-21-1516928578-2532743376-384880014-503 - Limited - Disabled)
Guest (S-1-5-21-1516928578-2532743376-384880014-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1516928578-2532743376-384880014-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Aktualizace NVIDIA 31.1.10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.1.10.0 - NVIDIA Corporation) Hidden
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.4.2338 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.42 - Piriform)
Driver Booster 4.4 (HKLM-x32\...\Driver Booster_is1) (Version: 4.4.0 - IObit)
EPSON XP-205 207 Series Printer Uninstall (HKLM\...\EPSON XP-205 207 Series) (Version: - SEIKO EPSON Corporation)
Fallout 4 - Čeština (HKLM-x32\...\{980A3524-F865-4EA3-8486-FBF16D9FFCE4}) (Version: 0.9.2 - Fallout 4 - Čeština)
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
FastShare.cz verze 2.3.1 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.3.1 - )
Fraps (HKLM-x32\...\Fraps) (Version: - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.27.5284 - GOM & Company)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.4.0.8 - IObit)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 172 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Light Image Resizer 4.7.7.0 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.7.7.0 - ObviousIdea)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 60.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 60.0 (x86 en-US)) (Version: 60.0 - Mozilla)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1919.119 - Trusteer)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.15.44004 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1919.119 - Trusteer) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.1 - Rockstar Games)
SSD Fresh (HKLM-x32\...\SSD Fresh_is1) (Version: 2015 - Abelssoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.75813 - TeamViewer)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
The Witcher 3 Wild Hunt Blood and Wine (HKLM-x32\...\The Witcher 3 Wild Hunt Blood and Wine_is1) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{EC5A6438-850E-4AD1-9169-DD071C8EFFEF}) (Version: 2.10.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 19.1 - Ubisoft)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-14] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-14] (AVAST Software)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-14] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-14] (AVAST Software)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07D8AE85-677A-4520-B942-79ABA442CD5D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-03-14] (NVIDIA Corporation)
Task: {09C0A29B-B966-4CF7-9CBD-57A960F1A752} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-05-14] (AVAST Software)
Task: {0ED7D739-9AEB-4E83-BA65-D12C0DB424ED} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {17AEA478-2D7E-48E8-A522-4BB9ECEEAB60} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-03-14] (NVIDIA Corporation)
Task: {1AE1819C-50BE-4E18-9CC5-25CE5741E6CB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {1CCB0EC2-24CF-49C1-A092-9A5195BCDA4C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe [2018-05-08] (Adobe Systems Incorporated)
Task: {26EFDE3D-2E4C-4174-B268-BA32CC1E5DDB} - System32\Tasks\S-1-5-21-1516928578-2532743376-384880014-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {41B87812-5E1E-49FA-B114-ECBBE2FF62B2} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-03-14] (NVIDIA Corporation)
Task: {41C6F13F-D276-43E5-B90B-F8B79CF8F398} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-04-12] (Piriform Ltd)
Task: {58B57074-C14C-4249-910C-25C6E66A2B40} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-08] (Adobe Systems Incorporated)
Task: {66220572-36D6-4FC1-8817-D456D87C22F6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-04-15] (AVAST Software)
Task: {6A6E895B-FAF4-47C2-88A6-80ED575D1F41} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {7629318C-D588-43B4-A550-44F700CA9CF7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-04-12] (Piriform Ltd)
Task: {7641C45F-52B7-4D38-86F7-1E4C18629B35} - System32\Tasks\Microsoft\Windows\WS\WSSync => C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\dllhost.exe <==== ATTENTION
Task: {8A678F1D-B054-45B3-8D11-3BD0676BCD61} - System32\Tasks\Driver Booster SkipUAC (Bender) => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe [2017-05-03] (IObit)
Task: {93331CB7-DB10-4622-A5DE-7A3078AE32D6} - System32\Tasks\Uninstaller_SkipUac_Bender => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2018-03-28] (IObit)
Task: {A180546E-A4ED-4A01-A541-170315D6A34A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {BE3F4F59-8EB2-4C29-A1CE-00CECB5AE07F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-03-14] (NVIDIA Corporation)
Task: {F0528A06-4965-413E-A40F-DE68A4577012} - System32\Tasks\Microsoft\Windows\WS\WSLicenses => C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\WmiPrvSE.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Bender.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) <==== Cyrillic

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-12-30 11:11 - 2017-05-14 21:48 - 000075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-01-29 15:43 - 2018-03-14 15:05 - 001267648 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-05-16 17:40 - 2018-04-30 12:54 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-05-16 17:40 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-03-14 10:56 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-14 10:56 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-03 16:39 - 2017-05-22 11:16 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2016-06-03 16:39 - 2017-05-22 11:16 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-06-03 16:39 - 2017-05-22 11:16 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2017-01-29 15:43 - 2018-03-14 15:05 - 001041344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-06-02 15:51 - 2015-06-02 15:51 - 000545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2018-03-12 09:59 - 2018-03-12 09:59 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-05-14 21:32 - 2018-05-14 21:32 - 000482520 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-01-29 15:43 - 2018-03-14 15:04 - 081563584 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-05-15 20:54 - 2018-03-14 15:04 - 002478016 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-05-15 20:54 - 2018-03-14 15:04 - 000125376 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2018-04-25 11:48 - 2018-01-25 17:02 - 000899856 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2016-06-03 16:39 - 2018-01-25 17:01 - 000631568 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2016-06-03 16:39 - 2017-05-22 11:16 - 000524064 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-10-14 17:25 - 2018-04-13 09:03 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1516928578-2532743376-384880014-1001\Control Panel\Desktop\\Wallpaper -> d:\foto\3d\stretched-249788.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: DAEMON Tools Lite Automount =>
MSCONFIG\startupreg: OneDrive =>
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\StartupApproved\Run: => "Uninstall 17.3.6917.0607"
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\StartupApproved\Run: => "Uninstall 17.3.6917.0607\amd64"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{44999D66-721E-4081-9CA7-21291EC27DDD}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{8EC91400-657A-4C16-87E1-14D4501AED64}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{6D39F91E-0BC4-4ED1-8B3D-BE09ADDBEC78}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{354FFC30-99E2-43D7-BE3E-FA093FF1D065}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [UDP Query User{6200E2FD-84B9-4A87-B51C-7483B06E0703}D:\staženo\mashinky.v24.10.2017\mashinky.exe] => (Block) D:\staženo\mashinky.v24.10.2017\mashinky.exe
FirewallRules: [TCP Query User{46B09289-2C67-423D-A9F6-5ED2A3A1BB90}D:\staženo\mashinky.v24.10.2017\mashinky.exe] => (Block) D:\staženo\mashinky.v24.10.2017\mashinky.exe
FirewallRules: [{AA5B2D93-8686-4476-BD27-6B1798393DF2}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{33EF6988-E674-4F32-83DC-88A079F14093}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{13106448-6E98-43FB-8A55-03ED88019B65}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{8D2F6EA2-D2E2-4C0F-B021-A123E86B47A9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{06292264-098E-4D7B-B2C4-8BA118AAC9B4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4BC6F340-4ADF-4617-BEBF-040E4A68E8E1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7A409E0A-1E91-4874-9A75-B0AE29CA8C59}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7B94DA6A-5989-468F-8303-B551103B11CB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe
FirewallRules: [{2D8E153E-359E-407E-AB6F-2C36E698577F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe
FirewallRules: [{42A9C047-C727-4316-9526-77079D5364E8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe
FirewallRules: [{DFDF6E49-4B00-4FF0-85A8-987535101D0C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe
FirewallRules: [{BD8E31EC-4867-4073-A888-24B0202A60D6}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
FirewallRules: [{3515770B-663F-4361-AC10-F9AADF93FA1C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
FirewallRules: [UDP Query User{D45068D7-08B6-47CE-9A6D-BE2777514288}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{E1CD92E5-E80D-4609-BE33-F3E862BE762C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{F29F9D5A-26A0-40D9-8152-24E1A63F7601}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{BFFEFC84-5CC0-468A-A2CF-DC22F0716B49}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{61994760-8C79-4179-8901-E7347AB3F6D3}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{A2B4AEB4-6F50-4378-8B7C-B5BE876DF14A}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [UDP Query User{F8C1939D-A53F-4B3F-9089-1C38C8854FFA}D:\steam\steamapps\common\war thunder\win32\aces.exe] => (Allow) D:\steam\steamapps\common\war thunder\win32\aces.exe
FirewallRules: [TCP Query User{51F4D50E-647B-4028-8542-72193E80707B}D:\steam\steamapps\common\war thunder\win32\aces.exe] => (Allow) D:\steam\steamapps\common\war thunder\win32\aces.exe
FirewallRules: [{D069EBB0-5A48-4863-86C4-51C614BFD188}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{5EE2D73D-5756-4C8C-9515-F21C52A9F9DB}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{AAE38085-57E0-4690-BE96-CB17424567E6}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{42B8DA41-6101-4916-9AD9-16A9F32F27BC}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{B19990AA-9635-42A7-9182-58B9FEB650E8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{56E69D23-3CBF-4F9C-B1F5-1CAD7B64ACF3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{5E6E7149-D0A8-49CC-8DB2-0CF88C738404}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0319C74A-688F-4A0F-AF66-9E52846CA8E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C60EF214-1CAB-4A00-84F0-97ECFFAB7458}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D8C21FC0-C921-4274-94F5-CBC4CDFFCB0A}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E7663570-99B8-4A08-91BD-80C3B3246115}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{409F8A3F-BB6F-4732-A658-4EED1A3CFF6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EEBE9890-6731-4970-AEFB-585769C82F01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DDBEBDF1-6455-47E6-9DBC-72325631FA47}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C0B98CDF-9188-47EF-A8F1-A7ADAFA2AF80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9F03E7C5-F111-4622-ACC6-58494C6AB32D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0C884D40-0EAD-4C7D-9AA1-7A0F2DBF7029}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{15474BFB-EF16-4AA8-B595-5EE6E46E328D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{49263828-1CFC-41ED-8F9B-7D378522A321}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{63C83012-2760-472B-9484-9C5044B22ECE}] => (Allow) D:\Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{343B2D30-775D-4542-9EA4-0F2148A710FD}] => (Allow) D:\Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{C2A6DE3A-C55F-4085-958A-3EA91D9D1EA3}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{04C9F88F-1DC9-4AB7-AD3B-A8B69B217D99}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{24AAB8C5-C809-4E79-92BA-EC9F8E40F5FA}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{76A0E705-1A24-419B-A471-B8044BD20CB7}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{D5CF4331-B06C-4798-9507-C8C31230E9F2}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{8D8C67E7-4F87-4117-820E-901FE996DB91}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{6D368595-4057-483C-81DC-B87A03BEE544}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{4C82C9CC-505F-46DC-B35A-659851346C56}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{10192150-DB05-4365-AB1F-47BBD7EC93FE}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{AEB4F2B8-C823-4F0D-B6CD-FC8122AA5FF8}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{099D62FB-9D0E-4FA0-9E08-277441D7079C}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{8D26D8D8-6001-40FB-9881-32D8CC385EB6}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{DB0CE48F-2029-4CE1-B6B9-EE1127ABA299}D:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) D:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe
FirewallRules: [UDP Query User{9CB48D83-235B-4FC3-8052-E009579E8E64}D:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) D:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe
FirewallRules: [TCP Query User{8B91B245-D860-466F-A829-14AD0F97AE0C}D:\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz_x64.exe
FirewallRules: [UDP Query User{F031254B-2E9C-46C9-922E-AE7A84FAC880}D:\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz_x64.exe
FirewallRules: [{F74DD8F3-CAB8-4888-A9AB-838556CD7125}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2EF454F9-0085-460D-BC32-3B1CE3CE13CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{823A518A-DF50-4708-9194-49E6B0BD7DC7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{03AF92B1-1A2A-49B0-B38E-882B7EF4979E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{231094DE-24C4-4A38-9B3D-4BCC984F93F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D1D3C3B9-CC65-4DB3-89A8-54D4841CC17D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/14/2018 08:59:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_wuauserv, verze: 10.0.16299.15, časové razítko: 0x9c786b9a
Název chybujícího modulu: ntdll.dll, verze: 10.0.16299.334, časové razítko: 0xe508fc03
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004bf1b
ID chybujícího procesu: 0xa0c
Čas spuštění chybující aplikace: 0x01d3eb72b56bb171
Cesta k chybující aplikaci: c:\windows\system32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 258fdb14-edf0-42c4-b9c7-df6dd274108f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/10/2018 09:24:16 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (04/17/2018 09:13:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.371_none_5d75084fa7e1cb96.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.371_none_15c7d1789365a290.manifest.

Error: (04/16/2018 03:27:03 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.371_none_5d75084fa7e1cb96.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.371_none_15c7d1789365a290.manifest.

Error: (04/15/2018 08:28:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.371_none_5d75084fa7e1cb96.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.371_none_15c7d1789365a290.manifest.

Error: (04/13/2018 10:19:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.371_none_5d75084fa7e1cb96.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.371_none_15c7d1789365a290.manifest.

Error: (04/12/2018 11:05:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program adwcleaner_7.0.8.0.exe verze 7.0.8.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 2734

Čas spuštění: 01d3d23d0806ba45

Čas ukončení: 20

Cesta k aplikaci: C:\Users\Bender\Desktop\adwcleaner_7.0.8.0.exe

ID hlášení: 5ea1faf6-aba8-4763-83fb-08e5afab5d3f

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (04/11/2018 09:33:59 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.


System errors:
=============
Error: (05/16/2018 05:45:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (05/16/2018 05:45:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (30000 ms).

Error: (05/16/2018 05:39:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (05/16/2018 05:39:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (30000 ms).

Error: (05/16/2018 05:38:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/16/2018 05:38:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (05/16/2018 05:38:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba IObit Uninstaller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/16/2018 05:38:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Rapport Management Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


==================== Memory info ===========================

Processor: AMD Phenom(tm) II X4 965 Processor
Percentage of memory in use: 27%
Total physical RAM: 8189.24 MB
Available physical RAM: 5929.7 MB
Total Virtual: 10749.24 MB
Available Virtual: 8103.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.46 GB) (Free:75.59 GB) NTFS
Drive d: () (Fixed) (Total:465.76 GB) (Free:195.49 GB) NTFS

\\?\Volume{99474600-2572-11e6-824f-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.07 GB) NTFS
\\?\Volume{d08e5fa2-0000-0000-0000-50b31d000000}\ () (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: D08E5FA2)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 350A3509)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Hugo111
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 16 kvě 2018 16:55

Re: Potenciální nebezpečí, prosím o pomoc

#2 Příspěvek od Hugo111 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.05.2018
Ran by Bender (administrator) on MACHINAMANIFIKA (16-05-2018 17:57:33)
Running from D:\Staženo
Loaded Profiles: Bender (Available Profiles: Bender)
Platform: Windows 10 Pro Version 1709 16299.371 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-09-30] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-05-14] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9d91fb0c-9262-43e2-8167-6f58aa59ef10}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131447556187635604&GUID=6546327C-DA7C-4125-A3AF-28646B82BC7B
SearchScopes: HKU\S-1-5-21-1516928578-2532743376-384880014-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10405__170717__yaie&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-01-25] (IObit)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-05-14] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-05-14] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: 0dwf6kv4.default
FF ProfilePath: C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default [2018-05-16]
FF user.js: detected! => C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\user.js [2017-06-29]
FF Homepage: Mozilla\Firefox\Profiles\0dwf6kv4.default -> seznam.cz
FF NewTab: Mozilla\Firefox\Profiles\0dwf6kv4.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10405__170717__yaff
FF Session Restore: Mozilla\Firefox\Profiles\0dwf6kv4.default -> is enabled.
FF Extension: (IBM Security Rapport) - C:\Users\Bender\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2018-05-14]
FF Extension: (Avast Passwords) - C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2018-04-11]
FF Extension: (Avast SafePrice) - C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\Extensions\sp@avast.com.xpi [2018-03-08]
FF Extension: (Avast Online Security) - C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\Extensions\wrc@avast.com.xpi [2017-10-06]
FF Extension: (Adblock Plus) - C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-04-21]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-08] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-08] ()
FF Plugin-x32: @haitao.com/npHaitaoPlugin -> C:\Users\Bender\AppData\Local\htyh\application\htwebHelper.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-05-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-05-14] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7620096 2018-05-14] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2018-05-14] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6076936 2018-05-08] ()
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-05-30] (Disc Soft Ltd)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206096 2018-01-25] (IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2158912 2018-03-19] (Electronic Arts)
S2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3028808 2018-03-19] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2017-05-14] ()
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5253624 2018-04-29] (IBM Corp.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2018-01-23] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [13848 2016-05-29] (Advanced Micro Devices Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196640 2018-05-14] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-03-12] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-03-12] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-03-12] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-03-12] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [234560 2018-05-14] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-05-14] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159120 2018-05-14] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111360 2018-05-14] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-05-14] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027720 2018-05-14] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-05-14] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-05-14] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381552 2018-05-14] (AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-06-01] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-06-01] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-05-29] (REALiX(tm))
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [39904 2017-06-06] (IObit.com)
R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegProcessFilter.sys [40328 2018-01-10] (IObit.com)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [190696 2018-05-16] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112864 2018-05-16] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2018-05-16] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-05-16] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [103648 2018-05-16] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [58816 2018-03-14] (NVIDIA Corporation)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [496744 2018-04-29] (IBM Corp.)
R1 RapportCerberus_1919106; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1919106.sys [1645288 2018-05-10] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [712488 2018-04-29] (IBM Corp.)
S3 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [340904 2018-04-29] (IBM Corp.)
S3 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [605160 2018-04-29] (IBM Corp.)
S3 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [751976 2018-04-29] (IBM Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-11-26] (Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
S3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)
S1 ntknsv; \SystemRoot\System32\drivers\ntknsv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-16 17:40 - 2018-05-16 17:44 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-05-16 17:40 - 2018-05-16 17:44 - 000112864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-05-16 17:40 - 2018-05-16 17:44 - 000103648 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-05-16 17:40 - 2018-05-16 17:44 - 000044768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-05-16 17:40 - 2018-05-16 17:40 - 000190696 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-05-16 17:40 - 2018-05-16 17:40 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-05-16 17:40 - 2018-05-16 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-05-16 17:40 - 2018-05-16 17:40 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-05-16 17:40 - 2018-05-16 17:40 - 000000000 ____D C:\Program Files\Malwarebytes
2018-05-16 17:40 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-05-15 20:54 - 2018-05-15 20:54 - 000004088 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-14 21:32 - 2018-05-14 21:32 - 000376536 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-05-14 21:22 - 2018-05-14 21:22 - 000000000 ___HD C:\$WINDOWS.~BT
2018-05-08 10:36 - 2018-05-08 10:40 - 000000000 ____D C:\Users\Bender\Documents\DayZ
2018-05-08 10:36 - 2018-05-08 10:40 - 000000000 ____D C:\Users\Bender\AppData\Local\DayZ
2018-04-25 11:49 - 2018-04-25 11:49 - 000001447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-16 17:57 - 2018-04-11 11:19 - 000000000 ____D C:\FRST
2018-05-16 17:57 - 2016-11-18 18:14 - 000000000 ____D C:\Users\Bender\AppData\LocalLow\Mozilla
2018-05-16 17:50 - 2018-01-24 10:33 - 003008326 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-16 17:50 - 2017-09-30 16:30 - 001376750 _____ C:\WINDOWS\system32\perfh005.dat
2018-05-16 17:50 - 2017-09-30 16:30 - 000343374 _____ C:\WINDOWS\system32\perfc005.dat
2018-05-16 17:45 - 2017-04-24 22:55 - 000000000 ____D C:\ProgramData\NVIDIA
2018-05-16 17:44 - 2018-01-24 10:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-16 17:44 - 2017-09-29 10:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-05-16 17:38 - 2018-01-24 10:23 - 000000000 ____D C:\Users\Bender
2018-05-16 17:38 - 2016-05-29 10:43 - 000000000 ____D C:\Users\Bender\AppData\Roaming\IObit
2018-05-16 17:37 - 2018-04-11 13:23 - 000000000 ____D C:\AdwCleaner
2018-05-16 17:27 - 2018-01-24 10:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-16 17:27 - 2017-04-24 22:55 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-05-15 21:00 - 2016-12-26 12:05 - 000000000 ____D C:\Users\Bender\AppData\Roaming\ObviousIdea
2018-05-15 20:55 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-05-15 20:55 - 2017-04-24 22:55 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-05-15 20:55 - 2017-01-29 15:43 - 000001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-05-15 20:54 - 2018-01-24 10:30 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-15 20:54 - 2018-01-24 10:30 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-15 20:54 - 2018-01-24 10:30 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-15 20:54 - 2018-01-24 10:30 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-15 20:54 - 2018-01-24 10:30 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-15 20:54 - 2018-01-24 10:30 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-15 20:54 - 2018-01-24 10:30 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-15 20:54 - 2017-04-24 22:55 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-05-15 20:15 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-05-15 20:10 - 2018-01-23 16:53 - 000000000 ___DC C:\WINDOWS\Panther
2018-05-15 19:54 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-15 19:33 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-15 19:33 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-14 21:45 - 2017-10-05 17:47 - 000098760 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-05-14 21:45 - 2017-10-05 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-05-14 21:45 - 2017-10-05 17:47 - 000000000 ____D C:\Program Files (x86)\Java
2018-05-14 21:32 - 2018-01-24 10:30 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-05-14 21:32 - 2018-01-23 19:07 - 001027720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-05-14 21:32 - 2018-01-23 19:07 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-05-14 21:32 - 2018-01-23 19:07 - 000381552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-05-14 21:32 - 2018-01-23 19:07 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-05-14 21:32 - 2018-01-23 19:07 - 000196640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-05-14 21:32 - 2018-01-23 19:07 - 000159120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-05-14 21:32 - 2018-01-23 19:07 - 000111360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-05-14 21:32 - 2018-01-23 19:07 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-05-14 21:32 - 2018-01-23 19:07 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-05-14 21:32 - 2017-10-05 12:42 - 000234560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-05-14 21:31 - 2018-01-24 10:30 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-05-14 21:31 - 2016-10-02 18:59 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-05-14 21:31 - 2016-05-29 11:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-05-10 22:28 - 2017-07-25 15:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2018-05-10 10:57 - 2016-05-29 10:44 - 000000000 ____D C:\ProgramData\ProductData
2018-05-10 09:24 - 2016-05-29 11:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-10 09:21 - 2017-10-11 19:01 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-10 09:21 - 2016-05-29 11:41 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-08 11:37 - 2018-03-14 10:43 - 000004656 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-05-08 11:37 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-05-08 11:37 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-05-08 10:06 - 2016-05-29 18:51 - 000000000 ____D C:\Users\Bender\Documents\The Witcher 3
2018-05-06 12:02 - 2016-05-29 19:34 - 000000000 ____D C:\Users\Bender\AppData\Local\NVIDIA Corporation
2018-05-03 20:54 - 2016-06-06 16:23 - 000000000 ____D C:\Users\Bender\Documents\My Games
2018-05-03 20:53 - 2016-06-01 12:00 - 000000000 ____D C:\ProgramData\kb
2018-04-29 22:19 - 2018-01-23 19:07 - 000340904 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportHades64.sys
2018-04-29 22:19 - 2017-07-25 15:11 - 000605160 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportKE64.sys
2018-04-25 11:50 - 2016-05-29 10:43 - 000000000 ____D C:\Program Files (x86)\IObit
2018-04-25 11:49 - 2016-06-03 16:39 - 000001435 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2018-04-25 11:49 - 2016-06-03 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2018-04-25 11:48 - 2016-05-29 10:43 - 000000000 ____D C:\ProgramData\IObit
2018-04-23 10:53 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories =======

2017-05-14 22:57 - 2017-05-14 22:57 - 000140800 _____ () C:\Users\Bender\AppData\Local\installer.dat
2017-09-30 19:42 - 2017-09-30 21:07 - 000007598 _____ () C:\Users\Bender\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-15 19:38

==================== End of FRST.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Potenciální nebezpečí, prosím o pomoc

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Hugo111
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 16 kvě 2018 16:55

Re: Potenciální nebezpečí, prosím o pomoc

#4 Příspěvek od Hugo111 »

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 16.05.18
Čas skenování: 17:41
Logovací soubor: 89ba6d96-591f-11e8-8fda-50e549caf687.json
Správce: Ano

-Informace o softwaru-
Verze: 3.5.1.2522
Verze komponentů: 1.0.365
Aktualizovat verzi balíku komponent: 1.0.5132
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 16299.371)
CPU: x64
Systém souborů: NTFS
Uživatel: MACHINAMANIFIKA\Bender

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 296295
Zjištěné hrozby: 11
Hrozby umístěné do karantény: 11
Uplynulý čas: 2 min, 10 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 3
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1516928578-2532743376-384880014-1001\CONSOLE\TASKENG.EXE, V karanténě, [6478], [425125],1.0.5132
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1516928578-2532743376-384880014-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE, V karanténě, [6478], [425124],1.0.5132
Adware.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\BESTZIpperUnique, V karanténě, [2972], [484522],1.0.5132

Hodnota v registru: 3
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1516928578-2532743376-384880014-1001\CONSOLE\TASKENG.EXE|WINDOWPOSITION, V karanténě, [6478], [425125],1.0.5132
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1516928578-2532743376-384880014-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_WINDOWSPOWERSHELL_V1.0_POWERSHELL.EXE|WINDOWPOSITION, V karanténě, [6478], [425126],1.0.5132
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1516928578-2532743376-384880014-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE|WINDOWPOSITION, V karanténě, [6478], [425124],1.0.5132

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 3
PUP.Optional.ChinAd, C:\USERS\BENDER\APPDATA\LOCAL\HTYH, V karanténě, [1542], [421129],1.0.5132
PUP.Optional.ChinAd, C:\Users\Bender\AppData\LocalLow\htyh\config, V karanténě, [1542], [421130],1.0.5132
PUP.Optional.ChinAd, C:\USERS\BENDER\APPDATA\LOCALLOW\HTYH, V karanténě, [1542], [421130],1.0.5132

Soubor: 2
PUP.Optional.ChinAd, C:\Users\Bender\AppData\LocalLow\htyh\config\baseData.cfg, V karanténě, [1542], [421130],1.0.5132
PUP.Optional.ChinAd, C:\Users\Bender\AppData\LocalLow\htyh\config\htbusiness.cfg, V karanténě, [1542], [421130],1.0.5132

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Potenciální nebezpečí, prosím o pomoc

#5 Příspěvek od Rudy »

V ADW ještě klikněte na mazání, restartujte a dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Hugo111
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 16 kvě 2018 16:55

Re: Potenciální nebezpečí, prosím o pomoc

#6 Příspěvek od Hugo111 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by Bender (16-05-2018 21:21:49)
Running from C:\Users\Bender\Desktop
Windows 10 Pro Version 1709 16299.371 (X64) (2018-01-24 08:32:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1516928578-2532743376-384880014-500 - Administrator - Disabled)
Bender (S-1-5-21-1516928578-2532743376-384880014-1001 - Administrator - Enabled) => C:\Users\Bender
DefaultAccount (S-1-5-21-1516928578-2532743376-384880014-503 - Limited - Disabled)
Guest (S-1-5-21-1516928578-2532743376-384880014-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1516928578-2532743376-384880014-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Aktualizace NVIDIA 31.1.10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.1.10.0 - NVIDIA Corporation) Hidden
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.4.2338 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.42 - Piriform)
Driver Booster 4.4 (HKLM-x32\...\Driver Booster_is1) (Version: 4.4.0 - IObit)
EPSON XP-205 207 Series Printer Uninstall (HKLM\...\EPSON XP-205 207 Series) (Version: - SEIKO EPSON Corporation)
Fallout 4 - Čeština (HKLM-x32\...\{980A3524-F865-4EA3-8486-FBF16D9FFCE4}) (Version: 0.9.2 - Fallout 4 - Čeština)
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
FastShare.cz verze 2.3.1 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.3.1 - )
Fraps (HKLM-x32\...\Fraps) (Version: - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.27.5284 - GOM & Company)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.4.0.8 - IObit)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 172 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Light Image Resizer 4.7.7.0 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.7.7.0 - ObviousIdea)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 60.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 60.0 (x86 en-US)) (Version: 60.0 - Mozilla)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1919.119 - Trusteer)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.15.44004 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1919.119 - Trusteer) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.1 - Rockstar Games)
SSD Fresh (HKLM-x32\...\SSD Fresh_is1) (Version: 2015 - Abelssoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.75813 - TeamViewer)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
The Witcher 3 Wild Hunt Blood and Wine (HKLM-x32\...\The Witcher 3 Wild Hunt Blood and Wine_is1) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{EC5A6438-850E-4AD1-9169-DD071C8EFFEF}) (Version: 2.10.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 19.1 - Ubisoft)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-14] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-14] (AVAST Software)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-14] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-14] (AVAST Software)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07D8AE85-677A-4520-B942-79ABA442CD5D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-03-14] (NVIDIA Corporation)
Task: {09C0A29B-B966-4CF7-9CBD-57A960F1A752} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-05-14] (AVAST Software)
Task: {0ED7D739-9AEB-4E83-BA65-D12C0DB424ED} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {17AEA478-2D7E-48E8-A522-4BB9ECEEAB60} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-03-14] (NVIDIA Corporation)
Task: {1AE1819C-50BE-4E18-9CC5-25CE5741E6CB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {1CCB0EC2-24CF-49C1-A092-9A5195BCDA4C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe [2018-05-08] (Adobe Systems Incorporated)
Task: {26EFDE3D-2E4C-4174-B268-BA32CC1E5DDB} - System32\Tasks\S-1-5-21-1516928578-2532743376-384880014-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {41B87812-5E1E-49FA-B114-ECBBE2FF62B2} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-03-14] (NVIDIA Corporation)
Task: {41C6F13F-D276-43E5-B90B-F8B79CF8F398} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-04-12] (Piriform Ltd)
Task: {58B57074-C14C-4249-910C-25C6E66A2B40} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-08] (Adobe Systems Incorporated)
Task: {66220572-36D6-4FC1-8817-D456D87C22F6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-04-15] (AVAST Software)
Task: {6A6E895B-FAF4-47C2-88A6-80ED575D1F41} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {7629318C-D588-43B4-A550-44F700CA9CF7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-04-12] (Piriform Ltd)
Task: {7641C45F-52B7-4D38-86F7-1E4C18629B35} - System32\Tasks\Microsoft\Windows\WS\WSSync => C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\dllhost.exe <==== ATTENTION
Task: {8A678F1D-B054-45B3-8D11-3BD0676BCD61} - System32\Tasks\Driver Booster SkipUAC (Bender) => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe [2017-05-03] (IObit)
Task: {93331CB7-DB10-4622-A5DE-7A3078AE32D6} - System32\Tasks\Uninstaller_SkipUac_Bender => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2018-03-28] (IObit)
Task: {A180546E-A4ED-4A01-A541-170315D6A34A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {BE3F4F59-8EB2-4C29-A1CE-00CECB5AE07F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-03-14] (NVIDIA Corporation)
Task: {F0528A06-4965-413E-A40F-DE68A4577012} - System32\Tasks\Microsoft\Windows\WS\WSLicenses => C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\WmiPrvSE.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Bender.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) <==== Cyrillic

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-05-16 17:40 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-05-16 17:40 - 2018-04-30 12:54 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-01-29 15:43 - 2018-03-14 15:05 - 001267648 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-30 11:11 - 2017-05-14 21:48 - 000075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2018-03-14 10:56 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-14 10:56 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-03 16:39 - 2017-05-22 11:16 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2016-06-03 16:39 - 2017-05-22 11:16 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-06-03 16:39 - 2017-05-22 11:16 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2017-01-29 15:43 - 2018-03-14 15:05 - 001041344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-06-02 15:51 - 2015-06-02 15:51 - 000545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2018-03-12 09:59 - 2018-03-12 09:59 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-05-14 21:32 - 2018-05-14 21:32 - 000482520 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-01-29 15:43 - 2018-03-14 15:04 - 081563584 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-05-15 20:54 - 2018-03-14 15:04 - 002478016 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-05-15 20:54 - 2018-03-14 15:04 - 000125376 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2018-04-25 11:48 - 2018-01-25 17:02 - 000899856 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2016-06-03 16:39 - 2018-01-25 17:01 - 000631568 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2016-06-03 16:39 - 2017-05-22 11:16 - 000524064 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-10-14 17:25 - 2018-04-13 09:03 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1516928578-2532743376-384880014-1001\Control Panel\Desktop\\Wallpaper -> d:\foto\3d\stretched-249788.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: DAEMON Tools Lite Automount =>
MSCONFIG\startupreg: OneDrive =>
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\StartupApproved\Run: => "Uninstall 17.3.6917.0607"
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\StartupApproved\Run: => "Uninstall 17.3.6917.0607\amd64"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{44999D66-721E-4081-9CA7-21291EC27DDD}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{8EC91400-657A-4C16-87E1-14D4501AED64}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{6D39F91E-0BC4-4ED1-8B3D-BE09ADDBEC78}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{354FFC30-99E2-43D7-BE3E-FA093FF1D065}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [UDP Query User{6200E2FD-84B9-4A87-B51C-7483B06E0703}D:\staženo\mashinky.v24.10.2017\mashinky.exe] => (Block) D:\staženo\mashinky.v24.10.2017\mashinky.exe
FirewallRules: [TCP Query User{46B09289-2C67-423D-A9F6-5ED2A3A1BB90}D:\staženo\mashinky.v24.10.2017\mashinky.exe] => (Block) D:\staženo\mashinky.v24.10.2017\mashinky.exe
FirewallRules: [{AA5B2D93-8686-4476-BD27-6B1798393DF2}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{33EF6988-E674-4F32-83DC-88A079F14093}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{13106448-6E98-43FB-8A55-03ED88019B65}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{8D2F6EA2-D2E2-4C0F-B021-A123E86B47A9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{06292264-098E-4D7B-B2C4-8BA118AAC9B4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4BC6F340-4ADF-4617-BEBF-040E4A68E8E1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7A409E0A-1E91-4874-9A75-B0AE29CA8C59}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7B94DA6A-5989-468F-8303-B551103B11CB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe
FirewallRules: [{2D8E153E-359E-407E-AB6F-2C36E698577F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe
FirewallRules: [{42A9C047-C727-4316-9526-77079D5364E8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe
FirewallRules: [{DFDF6E49-4B00-4FF0-85A8-987535101D0C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe
FirewallRules: [{BD8E31EC-4867-4073-A888-24B0202A60D6}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
FirewallRules: [{3515770B-663F-4361-AC10-F9AADF93FA1C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
FirewallRules: [UDP Query User{D45068D7-08B6-47CE-9A6D-BE2777514288}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{E1CD92E5-E80D-4609-BE33-F3E862BE762C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{F29F9D5A-26A0-40D9-8152-24E1A63F7601}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{BFFEFC84-5CC0-468A-A2CF-DC22F0716B49}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{61994760-8C79-4179-8901-E7347AB3F6D3}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{A2B4AEB4-6F50-4378-8B7C-B5BE876DF14A}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [UDP Query User{F8C1939D-A53F-4B3F-9089-1C38C8854FFA}D:\steam\steamapps\common\war thunder\win32\aces.exe] => (Allow) D:\steam\steamapps\common\war thunder\win32\aces.exe
FirewallRules: [TCP Query User{51F4D50E-647B-4028-8542-72193E80707B}D:\steam\steamapps\common\war thunder\win32\aces.exe] => (Allow) D:\steam\steamapps\common\war thunder\win32\aces.exe
FirewallRules: [{D069EBB0-5A48-4863-86C4-51C614BFD188}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{5EE2D73D-5756-4C8C-9515-F21C52A9F9DB}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{AAE38085-57E0-4690-BE96-CB17424567E6}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{42B8DA41-6101-4916-9AD9-16A9F32F27BC}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{B19990AA-9635-42A7-9182-58B9FEB650E8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{56E69D23-3CBF-4F9C-B1F5-1CAD7B64ACF3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{5E6E7149-D0A8-49CC-8DB2-0CF88C738404}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0319C74A-688F-4A0F-AF66-9E52846CA8E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C60EF214-1CAB-4A00-84F0-97ECFFAB7458}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D8C21FC0-C921-4274-94F5-CBC4CDFFCB0A}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E7663570-99B8-4A08-91BD-80C3B3246115}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{409F8A3F-BB6F-4732-A658-4EED1A3CFF6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DDBEBDF1-6455-47E6-9DBC-72325631FA47}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C0B98CDF-9188-47EF-A8F1-A7ADAFA2AF80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9F03E7C5-F111-4622-ACC6-58494C6AB32D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0C884D40-0EAD-4C7D-9AA1-7A0F2DBF7029}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{15474BFB-EF16-4AA8-B595-5EE6E46E328D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{49263828-1CFC-41ED-8F9B-7D378522A321}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{63C83012-2760-472B-9484-9C5044B22ECE}] => (Allow) D:\Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{343B2D30-775D-4542-9EA4-0F2148A710FD}] => (Allow) D:\Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{F74DD8F3-CAB8-4888-A9AB-838556CD7125}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2EF454F9-0085-460D-BC32-3B1CE3CE13CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{823A518A-DF50-4708-9194-49E6B0BD7DC7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{03AF92B1-1A2A-49B0-B38E-882B7EF4979E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{231094DE-24C4-4A38-9B3D-4BCC984F93F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D1D3C3B9-CC65-4DB3-89A8-54D4841CC17D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/16/2018 06:08:20 PM) (Source: MsiInstaller) (EventID: 1013) (User: MACHINAMANIFIKA)
Description: Produkt: Rapport -- V systému je již instalována novější verze produktu Ochrana koncového bodu Trusteer. Pokud opravdu chcete pokračovat, odinstalujte produkt Ochrana koncového bodu Trusteer a pak znovu spusťte tuto instalaci.

Error: (05/14/2018 08:59:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_wuauserv, verze: 10.0.16299.15, časové razítko: 0x9c786b9a
Název chybujícího modulu: ntdll.dll, verze: 10.0.16299.334, časové razítko: 0xe508fc03
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004bf1b
ID chybujícího procesu: 0xa0c
Čas spuštění chybující aplikace: 0x01d3eb72b56bb171
Cesta k chybující aplikaci: c:\windows\system32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 258fdb14-edf0-42c4-b9c7-df6dd274108f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/10/2018 09:24:16 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (04/17/2018 09:13:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.371_none_5d75084fa7e1cb96.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.371_none_15c7d1789365a290.manifest.

Error: (04/16/2018 03:27:03 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.371_none_5d75084fa7e1cb96.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.371_none_15c7d1789365a290.manifest.

Error: (04/15/2018 08:28:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.371_none_5d75084fa7e1cb96.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.371_none_15c7d1789365a290.manifest.

Error: (04/13/2018 10:19:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.371_none_5d75084fa7e1cb96.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.371_none_15c7d1789365a290.manifest.

Error: (04/12/2018 11:05:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program adwcleaner_7.0.8.0.exe verze 7.0.8.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 2734

Čas spuštění: 01d3d23d0806ba45

Čas ukončení: 20

Cesta k aplikaci: C:\Users\Bender\Desktop\adwcleaner_7.0.8.0.exe

ID hlášení: 5ea1faf6-aba8-4763-83fb-08e5afab5d3f

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:


System errors:
=============
Error: (05/16/2018 09:21:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8007371b): 2018-05 Aktualizace zabezpečení pro Adobe Flash Player pro Windows 10 Version 1709 pro systémy typu x64 (KB4103729).

Error: (05/16/2018 09:18:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (05/16/2018 09:18:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (30000 ms).

Error: (05/16/2018 09:10:44 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/16/2018 08:17:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (05/16/2018 08:17:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (30000 ms).

Error: (05/16/2018 08:14:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Rapport Management Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/16/2018 08:14:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.


==================== Memory info ===========================

Processor: AMD Phenom(tm) II X4 965 Processor
Percentage of memory in use: 29%
Total physical RAM: 8189.24 MB
Available physical RAM: 5789.86 MB
Total Virtual: 10749.24 MB
Available Virtual: 8423.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.46 GB) (Free:72.12 GB) NTFS
Drive d: () (Fixed) (Total:465.76 GB) (Free:196.25 GB) NTFS

\\?\Volume{99474600-2572-11e6-824f-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.07 GB) NTFS
\\?\Volume{d08e5fa2-0000-0000-0000-50b31d000000}\ () (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: D08E5FA2)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 350A3509)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Hugo111
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 16 kvě 2018 16:55

Re: Potenciální nebezpečí, prosím o pomoc

#7 Příspěvek od Hugo111 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by Bender (administrator) on MACHINAMANIFIKA (16-05-2018 21:20:39)
Running from C:\Users\Bender\Desktop
Loaded Profiles: Bender (Available Profiles: Bender)
Platform: Windows 10 Pro Version 1709 16299.371 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-09-30] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-05-14] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9d91fb0c-9262-43e2-8167-6f58aa59ef10}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131447556187635604&GUID=6546327C-DA7C-4125-A3AF-28646B82BC7B
SearchScopes: HKU\S-1-5-21-1516928578-2532743376-384880014-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10405__170717__yaie&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-01-25] (IObit)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-05-14] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-05-14] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: 0dwf6kv4.default
FF ProfilePath: C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default [2018-05-16]
FF user.js: detected! => C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\user.js [2017-06-29]
FF Homepage: Mozilla\Firefox\Profiles\0dwf6kv4.default -> seznam.cz
FF NewTab: Mozilla\Firefox\Profiles\0dwf6kv4.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10405__170717__yaff
FF Session Restore: Mozilla\Firefox\Profiles\0dwf6kv4.default -> is enabled.
FF Extension: (IBM Security Rapport) - C:\Users\Bender\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2018-05-14]
FF Extension: (Avast Passwords) - C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2018-04-11]
FF Extension: (Avast SafePrice) - C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\Extensions\sp@avast.com.xpi [2018-05-16]
FF Extension: (Avast Online Security) - C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\Extensions\wrc@avast.com.xpi [2017-10-06]
FF Extension: (Adblock Plus) - C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-05-16]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-08] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-08] ()
FF Plugin-x32: @haitao.com/npHaitaoPlugin -> C:\Users\Bender\AppData\Local\htyh\application\htwebHelper.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-05-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-05-14] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7620096 2018-05-14] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2018-05-14] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6076936 2018-05-08] ()
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-05-30] (Disc Soft Ltd)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206096 2018-01-25] (IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2158912 2018-03-19] (Electronic Arts)
S2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3028808 2018-03-19] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2017-05-14] ()
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5253624 2018-04-29] (IBM Corp.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2018-01-23] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [13848 2016-05-29] (Advanced Micro Devices Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196640 2018-05-14] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-03-12] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-03-12] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-03-12] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-03-12] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [234560 2018-05-14] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-05-14] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159120 2018-05-14] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111360 2018-05-14] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-05-14] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027720 2018-05-14] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-05-14] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-05-14] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381552 2018-05-14] (AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-06-01] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-06-01] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-05-29] (REALiX(tm))
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [39904 2017-06-06] (IObit.com)
R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegProcessFilter.sys [40328 2018-01-10] (IObit.com)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [190696 2018-05-16] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112864 2018-05-16] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2018-05-16] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-05-16] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [103648 2018-05-16] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [58816 2018-03-14] (NVIDIA Corporation)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [496744 2018-04-29] (IBM Corp.)
R1 RapportCerberus_1919106; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1919106.sys [1645288 2018-05-10] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [712488 2018-04-29] (IBM Corp.)
S3 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [340904 2018-04-29] (IBM Corp.)
S3 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [605160 2018-04-29] (IBM Corp.)
S3 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [751976 2018-04-29] (IBM Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-11-26] (Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
S3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)
S1 ntknsv; \SystemRoot\System32\drivers\ntknsv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-16 21:20 - 2018-05-16 21:21 - 000015355 _____ C:\Users\Bender\Desktop\FRST.txt
2018-05-16 21:20 - 2018-05-16 21:20 - 002413056 _____ (Farbar) C:\Users\Bender\Desktop\FRST64.exe
2018-05-16 20:12 - 2018-05-16 20:12 - 007271632 _____ (Malwarebytes) C:\Users\Bender\Desktop\AdwCleaner.exe
2018-05-16 17:40 - 2018-05-16 21:18 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-05-16 17:40 - 2018-05-16 21:18 - 000112864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-05-16 17:40 - 2018-05-16 21:18 - 000103648 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-05-16 17:40 - 2018-05-16 21:18 - 000044768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-05-16 17:40 - 2018-05-16 17:40 - 000190696 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-05-16 17:40 - 2018-05-16 17:40 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-05-16 17:40 - 2018-05-16 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-05-16 17:40 - 2018-05-16 17:40 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-05-16 17:40 - 2018-05-16 17:40 - 000000000 ____D C:\Program Files\Malwarebytes
2018-05-16 17:40 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-05-15 20:54 - 2018-05-15 20:54 - 000004088 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-14 21:32 - 2018-05-14 21:32 - 000376536 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-05-08 10:36 - 2018-05-08 10:40 - 000000000 ____D C:\Users\Bender\Documents\DayZ
2018-05-08 10:36 - 2018-05-08 10:40 - 000000000 ____D C:\Users\Bender\AppData\Local\DayZ
2018-04-25 11:49 - 2018-04-25 11:49 - 000001447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-16 21:20 - 2018-04-11 11:19 - 000000000 ____D C:\FRST
2018-05-16 21:19 - 2017-04-24 22:55 - 000000000 ____D C:\ProgramData\NVIDIA
2018-05-16 21:18 - 2018-01-24 10:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-16 21:18 - 2016-11-18 18:14 - 000000000 ____D C:\Users\Bender\AppData\LocalLow\Mozilla
2018-05-16 21:17 - 2017-09-29 10:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-05-16 20:54 - 2017-06-28 20:45 - 000006794 _____ C:\Users\Bender\Documents\cc_20170628_204504.reg
2018-05-16 20:53 - 2017-07-17 11:27 - 000080634 _____ C:\Users\Bender\Documents\cc_20170717_112735.reg
2018-05-16 20:52 - 2018-01-23 16:53 - 000000000 ___DC C:\WINDOWS\Panther
2018-05-16 20:52 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-05-16 20:52 - 2016-06-03 15:29 - 000000000 ____D C:\Users\Bender\AppData\Local\CrashDumps
2018-05-16 20:22 - 2018-01-24 10:33 - 003035036 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-16 20:22 - 2017-09-30 16:30 - 001390294 _____ C:\WINDOWS\system32\perfh005.dat
2018-05-16 20:22 - 2017-09-30 16:30 - 000347556 _____ C:\WINDOWS\system32\perfc005.dat
2018-05-16 20:21 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-05-16 20:20 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-16 20:11 - 2018-04-12 18:55 - 000000000 ___HD C:\$WINDOWS.~BT
2018-05-16 20:07 - 2018-01-24 10:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-16 17:38 - 2018-01-24 10:23 - 000000000 ____D C:\Users\Bender
2018-05-16 17:38 - 2016-05-29 10:43 - 000000000 ____D C:\Users\Bender\AppData\Roaming\IObit
2018-05-16 17:37 - 2018-04-11 13:23 - 000000000 ____D C:\AdwCleaner
2018-05-16 17:27 - 2017-04-24 22:55 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-05-15 21:00 - 2016-12-26 12:05 - 000000000 ____D C:\Users\Bender\AppData\Roaming\ObviousIdea
2018-05-15 20:55 - 2017-04-24 22:55 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-05-15 20:55 - 2017-01-29 15:43 - 000001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-05-15 20:54 - 2018-01-24 10:30 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-15 20:54 - 2018-01-24 10:30 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-15 20:54 - 2018-01-24 10:30 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-15 20:54 - 2018-01-24 10:30 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-15 20:54 - 2018-01-24 10:30 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-15 20:54 - 2018-01-24 10:30 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-15 20:54 - 2018-01-24 10:30 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-15 20:54 - 2017-04-24 22:55 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-05-15 19:33 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-15 19:33 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-14 21:45 - 2017-10-05 17:47 - 000098760 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-05-14 21:45 - 2017-10-05 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-05-14 21:45 - 2017-10-05 17:47 - 000000000 ____D C:\Program Files (x86)\Java
2018-05-14 21:32 - 2018-01-24 10:30 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-05-14 21:32 - 2018-01-23 19:07 - 001027720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-05-14 21:32 - 2018-01-23 19:07 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-05-14 21:32 - 2018-01-23 19:07 - 000381552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-05-14 21:32 - 2018-01-23 19:07 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-05-14 21:32 - 2018-01-23 19:07 - 000196640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-05-14 21:32 - 2018-01-23 19:07 - 000159120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-05-14 21:32 - 2018-01-23 19:07 - 000111360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-05-14 21:32 - 2018-01-23 19:07 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-05-14 21:32 - 2018-01-23 19:07 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-05-14 21:32 - 2017-10-05 12:42 - 000234560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-05-14 21:31 - 2018-01-24 10:30 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-05-14 21:31 - 2016-10-02 18:59 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-05-14 21:31 - 2016-05-29 11:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-05-10 22:28 - 2017-07-25 15:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2018-05-10 10:57 - 2016-05-29 10:44 - 000000000 ____D C:\ProgramData\ProductData
2018-05-10 09:24 - 2016-05-29 11:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-10 09:21 - 2017-10-11 19:01 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-10 09:21 - 2016-05-29 11:41 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-08 11:37 - 2018-03-14 10:43 - 000004656 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-05-08 11:37 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-05-08 11:37 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-05-08 10:06 - 2016-05-29 18:51 - 000000000 ____D C:\Users\Bender\Documents\The Witcher 3
2018-05-06 12:02 - 2016-05-29 19:34 - 000000000 ____D C:\Users\Bender\AppData\Local\NVIDIA Corporation
2018-05-03 20:54 - 2016-06-06 16:23 - 000000000 ____D C:\Users\Bender\Documents\My Games
2018-05-03 20:53 - 2016-06-01 12:00 - 000000000 ____D C:\ProgramData\kb
2018-04-29 22:19 - 2018-01-23 19:07 - 000340904 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportHades64.sys
2018-04-29 22:19 - 2017-07-25 15:11 - 000605160 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportKE64.sys
2018-04-25 11:50 - 2016-05-29 10:43 - 000000000 ____D C:\Program Files (x86)\IObit
2018-04-25 11:49 - 2016-06-03 16:39 - 000001435 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2018-04-25 11:49 - 2016-06-03 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2018-04-25 11:48 - 2016-05-29 10:43 - 000000000 ____D C:\ProgramData\IObit
2018-04-23 10:53 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories =======

2017-05-14 22:57 - 2017-05-14 22:57 - 000140800 _____ () C:\Users\Bender\AppData\Local\installer.dat
2017-09-30 19:42 - 2017-09-30 21:07 - 000007598 _____ () C:\Users\Bender\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-15 19:38

==================== End of FRST.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Potenciální nebezpečí, prosím o pomoc

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
S1 ntknsv; \SystemRoot\System32\drivers\ntknsv.sys [X]

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Hugo111
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 16 kvě 2018 16:55

Re: Potenciální nebezpečí, prosím o pomoc

#9 Příspěvek od Hugo111 »

Několikrát proběhl pokus o aktualizaci win. Kterou se nepodařilo provést.

Hugo111
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 16 kvě 2018 16:55

Re: Potenciální nebezpečí, prosím o pomoc

#10 Příspěvek od Hugo111 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by Bender (16-05-2018 22:27:19) Run:2
Running from C:\Users\Bender\Desktop
Loaded Profiles: Bender (Available Profiles: Bender)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
S1 ntknsv; \SystemRoot\System32\drivers\ntknsv.sys [X]

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKLM\SOFTWARE\Policies\Google" => removed successfully
"HKLM\System\CurrentControlSet\Services\ntknsv" => removed successfully
ntknsv => service removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14841765 B
Java, Flash, Steam htmlcache => 78324668 B
Windows/system/drivers => 9293400 B
Edge => 10240 B
Chrome => 0 B
Firefox => 88611590 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 818 B
NetworkService => 0 B
Bender => 6646385 B

RecycleBin => 0 B
EmptyTemp: => 194.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:27:37 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Potenciální nebezpečí, prosím o pomoc

#11 Příspěvek od Rudy »

Smazáno. Log již vypadá OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Hugo111
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 16 kvě 2018 16:55

Re: Potenciální nebezpečí, prosím o pomoc

#12 Příspěvek od Hugo111 »

Děkuji mockrát ale ještě bych poprosil o pomoc s jednou věcí. V prohlížeči se mi nechtějí načítat stránky. Hlavně když chci něco otevřít tak musím kliknout víckrát a stanese že se neotevře vůbec. Jen abych se dostal do téhle diskuze sem musel kliknout asi dvacetkrát.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Potenciální nebezpečí, prosím o pomoc

#13 Příspěvek od Rudy »

Zkusíme prohlížeče vyčistit. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://www.stahuj.centrum.cz/utility_a_ ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Hugo111
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 16 kvě 2018 16:55

Re: Potenciální nebezpečí, prosím o pomoc

#14 Příspěvek od Hugo111 »

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Bender on źt 17. 05. 2018 at 16:19:15,85.
Microsoft Windows 10 Pro 10.0.16299 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Staženo\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 16:20:03,94 =====

--- Create Environment Variables 16:20:07,83
--- Create System Restore Point 16:21:26,00
--- Checking Input 16:22:00,90
--- Reset Hosts File 16:23:30,95
--- AU AppData Check 16:23:32,03
--- Remove From Windows Installer 16:23:41,99

Hugo111
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 16 kvě 2018 16:55

Re: Potenciální nebezpečí, prosím o pomoc

#15 Příspěvek od Hugo111 »

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Pro x64
Ran by Bender (Administrator) on źt 17. 05. 2018 at 16:34:06,56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 9

Successfully deleted: C:\ProgramData\mntemp (File)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\Bender\AppData\Roaming\3909 (Folder)
Successfully deleted: C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\user.js (File)
Successfully deleted: C:\Users\Bender\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Bender) (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_Bender (Task)
Successfully deleted: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Bender.job (Task)
Successfully deleted: C:\WINDOWS\wininit.ini (File)

Deleted the following from C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\prefs.js
user_pref(browser.search.searchengine.uid, ADATAXSP600_2F4920012103);
user_pref(extensions.foxcub.config.encodedConfig, {\core\:{\configUrl\:\hxxps://download.seznam.cz/software/conf/\,\updateUrl\:\hxxps://download.seznam.cz/software



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 17. 05. 2018 at 16:38:00,88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Zamčeno