Prosím o kontrolu logů - dochází ke spontánním restartům notebooku.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-01-2019
Ran by Ivo Brož (administrator) on BROZ-NB (03-02-2019 16:12:19)
Running from C:\Users\Ivo Brož\Desktop
Loaded Profiles: Ivo Brož (Available Profiles: Ivo Brož)
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\Atomic Alarm Clock\timeserv.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Winstep Software Technologies) C:\Program Files\Winstep\WsxService.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\WDC.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Users\Ivo Brož\Disk Mega\Správce\Timery\AlphaClock\aclock.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Drive Software Company) C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(Winstep Software Technologies) C:\Program Files\Winstep\Nexus.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(emc) C:\Users\Ivo Brož\AppData\Roaming\uTorrent\uninstall.exe
(BitTorrent, Inc.) C:\Users\Ivo Brož\AppData\Roaming\uTorrent\utorrent.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Update\DropboxUpdate.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7289376 2015-12-07] (Realtek Semiconductor)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [98304 2009-04-01] (ASUS)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2015-12-10] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [Cm106Sound] => RunDll32 cm106.cpl,CMICtrlWnd
HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960248 2015-10-26] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [3642688 2018-04-23] (Dropbox, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-12-12] (AVAST Software)
HKLM\...\Run: [seznam-listicka-distribuce] => "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [Alpha Clock] => C:\Users\Ivo Brož\Disk Mega\Správce\Timery\AlphaClock\aclock.exe [69120 2003-10-23] ()
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [AtomicAlarmClock6] => C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe [3621376 2016-03-22] (Drive Software Company)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1021736 2016-01-08] (Samsung)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [2739240 2015-11-13] ()
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [NeXuS-Ultimate] => C:\Program Files\Winstep\Nexus.exe [14688896 2016-10-06] (Winstep Software Technologies)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\MountPoints2: {1fd2caed-200b-11e9-b1d7-002243c6c20d} - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2006-11-02] (Microsoft Corporation)
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\system32\ac3filter.acm [1075200 2012-04-09] ()
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2019-01-16] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\USB Multi-Channel Audio Device – zástupce.lnk [2016-01-20]
ShortcutTarget: USB Multi-Channel Audio Device – zástupce.lnk -> (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.150.237 192.168.1.1
Tcpip\..\Interfaces\{8F985A02-AFC7-4F31-9AEB-B906A326FEEF}: [DhcpNameServer] 192.168.150.237 192.168.1.1
Tcpip\..\Interfaces\{E4F7D5EC-A14C-4D43-80CC-AD22C07F8A51}: [DhcpNameServer] 10.111.0.1 10.114.1.1 91.221.212.198
Internet Explorer:
==================
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131230232319602000&GUID=8055860F-EFF5-4C63-9C53-171B90716F95
SearchScopes: HKU\S-1-5-21-698314851-3235763532-1396065412-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-11] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-11] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-00111-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: rxbgig8q.default
FF ProfilePath: C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default [2019-02-03]
FF Homepage: Mozilla\Firefox\Profiles\rxbgig8q.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\rxbgig8q.default -> is enabled.
FF Extension: (FaviconizeTab) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\faviconizetab@espion.just-size.jp.xpi [2016-11-17] [Legacy]
FF Extension: (To Google Translate) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2018-07-15]
FF Extension: (Avast Passwords) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2019-01-11]
FF Extension: (WebToPDF) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\manish.p05@gmail.com.xpi [2017-08-12] [Legacy]
FF Extension: (Print Edit) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\printedit@DW-dev.xpi [2018-03-23] [Legacy]
FF Extension: (Save as PDF) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2017-11-11]
FF Extension: (Google Translator for Firefox) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\translator@zoli.bod.xpi [2018-03-25] [Legacy]
FF Extension: (Avast Online Security) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\wrc@avast.com.xpi [2019-01-29]
FF Extension: (FxIF) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi [2016-08-06] [Legacy]
FF Extension: (FireTray) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{9533f794-00b4-4354-aa15-c2bbda6989f8} [2016-08-06] [Legacy]
FF Extension: (No Name) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-23]
FF Extension: (Tab Mix Plus) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-09-01] [Legacy]
FF Extension: (Web2PDF converter) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{e8f509f0-b677-11de-8a39-0800200c9a66}.xpi [2016-08-06] [Legacy]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-12-07] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Windows\system32\npdeployJava1.dll [2016-12-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-11] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default [2019-01-21]
CHR Extension: (Prezentace) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-16]
CHR Extension: (Dokumenty) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-16]
CHR Extension: (Disk Google) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-16]
CHR Extension: (YouTube) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-16]
CHR Extension: (Tabulky) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-16]
CHR Extension: (Gmail) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-16]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-09] (Adobe Systems Incorporated) [File not signed]
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [100920 2008-08-13] ()
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6799632 2018-12-12] (AVAST Software)
R2 AtomicAlarmClock; C:\Program Files\Atomic Alarm Clock\timeserv.exe [2007040 2013-04-24] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-12-12] (AVAST Software)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [43344 2018-04-23] (Dropbox, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [931200 2016-02-17] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 Winstep Xtreme Service; C:\Program Files\Winstep\WsxService.exe [774656 2016-06-07] (Winstep Software Technologies) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167480 2018-12-12] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188976 2018-12-12] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165384 2018-12-12] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284256 2018-12-12] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57904 2018-12-12] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [183176 2018-12-12] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42736 2018-12-12] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2018-12-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135200 2019-01-19] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr.sys [70640 2018-12-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2018-12-12] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784560 2018-12-12] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397992 2018-12-12] (AVAST Software)
R3 aswStmXP; C:\Windows\System32\drivers\aswStmXP.sys [146584 2018-12-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310200 2018-12-12] (AVAST Software)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-10] (Společnost Microsoft)
S4 IObitUnlocker; C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys [30216 2014-03-04] (IObit)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114368 2015-10-08] (Power Software Ltd)
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [191200 2016-01-08] (DEVGURU Co., LTD.(www.devguru.co.kr))
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
S3 USBMULCD; C:\Windows\System32\drivers\CM106.sys [3105280 2012-10-04] (C-Media Electronics Inc)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-03 16:12 - 2019-02-03 16:13 - 000018987 _____ C:\Users\Ivo Brož\Desktop\FRST.txt
2019-02-03 16:10 - 2019-02-03 16:11 - 001788416 _____ (Farbar) C:\Users\Ivo Brož\Desktop\FRST.exe
2019-02-03 16:00 - 2019-02-03 16:00 - 000000863 _____ C:\Users\Public\Desktop\PotPlayer.lnk
2019-02-03 07:50 - 2019-02-03 07:50 - 000149784 _____ C:\Windows\Minidump\Mini020319-01.dmp
2019-02-03 07:50 - 2019-02-03 07:50 - 000000000 ____D C:\Windows\Minidump
2019-02-03 07:49 - 2019-02-03 07:49 - 149304508 _____ C:\Windows\MEMORY.DMP
2019-01-31 16:49 - 2019-01-31 16:49 - 000825464 _____ C:\Users\Ivo Brož\Desktop\Alien.Woosh.01.wav
2019-01-31 16:48 - 2019-01-31 16:49 - 000733304 _____ C:\Users\Ivo Brož\Desktop\Alien.Woosh.02.wav
2019-01-31 16:48 - 2019-01-31 16:48 - 000733304 _____ C:\Users\Ivo Brož\Desktop\Alien.Woosh.03.wav
2019-01-31 16:37 - 2019-01-31 16:37 - 000785664 _____ C:\Users\Ivo Brož\Desktop\Space.Ship.Fly.By.05.wav
2019-01-31 12:57 - 2019-01-31 12:57 - 000563842 _____ C:\Users\Ivo Brož\Desktop\Scanner.wav
2019-01-30 15:50 - 2019-01-30 15:50 - 000698556 _____ C:\Users\Ivo Brož\Desktop\Pruvodce_zivotem_abstinenci_0.pdf
2019-01-30 14:50 - 2019-01-30 14:54 - 000000000 ____D C:\Users\Ivo Brož\Desktop\Doklady
2019-01-26 15:47 - 2019-01-26 15:47 - 000421805 _____ C:\Users\Ivo Brož\Desktop\Palačinky.htm
2019-01-26 15:47 - 2019-01-26 15:47 - 000383115 _____ C:\Users\Ivo Brož\Desktop\Americké lívance.htm
2019-01-26 15:25 - 2019-01-26 15:47 - 000000000 ____D C:\Users\Ivo Brož\Desktop\Palačinky_soubory
2019-01-26 15:23 - 2019-01-26 15:47 - 000000000 ____D C:\Users\Ivo Brož\Desktop\Americké lívance_soubory
2019-01-26 14:52 - 2019-01-26 14:52 - 000510384 _____ C:\Users\Ivo Brož\Desktop\Rychlá bábovka.htm
2019-01-26 14:49 - 2019-01-26 14:52 - 000000000 ____D C:\Users\Ivo Brož\Desktop\Rychlá bábovka_soubory
2019-01-25 22:41 - 2019-01-25 22:41 - 000000811 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-25 16:46 - 2019-01-25 16:46 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\Daum
2019-01-24 21:40 - 2019-01-24 21:44 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\vlc
2019-01-24 21:39 - 2019-01-24 21:39 - 000000866 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-01-24 21:39 - 2019-01-24 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-01-23 17:51 - 2019-01-24 21:38 - 000000000 ____D C:\Program Files\VideoLAN
2019-01-22 18:21 - 2019-01-22 18:21 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\360CloudEnterprise
2019-01-22 18:16 - 2019-01-22 18:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Unlocker
2019-01-22 18:16 - 2019-01-22 18:16 - 000000000 ____D C:\Program Files\IObit
2019-01-21 20:27 - 2019-01-22 17:34 - 000262522 _____ C:\Windows\ntbtlog.txt
2019-01-21 10:23 - 2019-02-03 16:12 - 000000000 ____D C:\FRST
2019-01-20 20:18 - 2018-12-12 17:33 - 000323288 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-16 18:19 - 2019-01-16 18:19 - 000001990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-16 18:19 - 2019-01-16 18:19 - 000001978 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-03 16:14 - 2015-12-09 17:18 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\uTorrent
2019-02-03 16:12 - 2016-11-05 09:02 - 000000896 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-02-03 16:08 - 2018-09-30 18:38 - 000000000 ____D C:\Users\Ivo Brož\AppData\Local\AVAST Software
2019-02-03 16:03 - 2016-11-05 09:02 - 000000892 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-02-03 16:00 - 2016-01-29 10:50 - 000000000 ____D C:\Program Files\PotPlayer
2019-02-03 15:48 - 2016-11-17 10:32 - 000000000 ____D C:\Users\Ivo Brož\AppData\LocalLow\Mozilla
2019-02-03 15:45 - 2016-10-30 10:53 - 000000000 ____D C:\Users\Ivo Brož\.rainlendar2
2019-02-03 15:23 - 2006-11-02 14:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-03 15:23 - 2006-11-02 13:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-03 15:23 - 2006-11-02 13:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-03 14:57 - 2008-04-17 13:36 - 000644548 _____ C:\Windows\system32\perfh005.dat
2019-02-03 14:57 - 2008-04-17 13:36 - 000137186 _____ C:\Windows\system32\perfc005.dat
2019-02-03 14:57 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\inf
2019-02-03 14:57 - 2006-11-02 11:33 - 001530430 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-03 14:12 - 2015-12-09 15:43 - 000000000 ____D C:\Program Files\Dropbox
2019-02-03 09:58 - 2018-12-16 19:59 - 000000000 ____D C:\Program Files\RQMONEY
2019-02-03 07:50 - 2015-12-03 10:46 - 000000000 ____D C:\Users\Ivo Brož
2019-01-31 15:15 - 2016-07-30 11:32 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\Audacity
2019-01-25 22:41 - 2016-01-25 11:37 - 000000000 ____D C:\Program Files\CCleaner
2019-01-25 22:25 - 2016-01-29 10:55 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\PotPlayerMini
2019-01-24 20:05 - 2015-12-03 15:08 - 000003204 _____ C:\Windows\bthservsdp.dat
2019-01-24 20:05 - 2006-11-02 14:01 - 000032550 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-01-22 18:22 - 2018-03-25 07:42 - 000000000 ____D C:\Program Files\360
2019-01-22 18:16 - 2018-03-23 14:52 - 000000000 ____D C:\ProgramData\IObit
2019-01-22 09:58 - 2016-09-24 10:07 - 000000000 ____D C:\Users\Public\Documents\Winstep
2019-01-21 19:32 - 2016-02-13 21:46 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-01-21 19:07 - 2006-11-02 12:18 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-01-21 15:10 - 2018-03-23 14:54 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\IObit
2019-01-21 15:10 - 2018-03-23 14:54 - 000000000 ____D C:\Users\Ivo Brož\AppData\LocalLow\IObit
2019-01-21 15:10 - 2018-03-23 14:54 - 000000000 ____D C:\Program Files\Common Files\IObit
2019-01-21 15:09 - 2016-12-11 12:10 - 000000000 ____D C:\AdwCleaner
2019-01-19 11:07 - 2017-11-21 07:16 - 000135200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-16 18:19 - 2015-12-16 03:08 - 000000000 ____D C:\Program Files\Google
2019-01-14 13:37 - 2016-08-19 13:38 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\Acrylic Wi-Fi Professional
2019-01-14 13:33 - 2016-07-25 12:50 - 000000218 _____ C:\Users\Ivo Brož\advanced_ip_scanner_MAC.bin
2019-01-09 08:24 - 2015-12-07 20:47 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2019-01-09 08:24 - 2015-12-07 20:47 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-01-09 08:24 - 2015-12-07 20:47 - 000000000 ____D C:\Windows\system32\Macromed
==================== Files in the root of some directories =======
2015-12-10 22:50 - 2018-04-07 20:41 - 000000132 _____ () C:\Users\Ivo Brož\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-12-10 19:20 - 2015-12-10 19:20 - 000023888 _____ () C:\Users\Ivo Brož\AppData\Roaming\UserTile.png
2017-08-30 15:17 - 2017-11-27 01:25 - 000001480 _____ () C:\Users\Ivo Brož\AppData\Local\Adobe Uložit pro web 12.0 Prefs
2015-12-03 10:46 - 2016-12-11 16:08 - 000007916 _____ () C:\Users\Ivo Brož\AppData\Local\d3d9caps.dat
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2019-02-03 15:29
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-01-2019
Ran by Ivo Brož (03-02-2019 16:14:35)
Running from C:\Users\Ivo Brož\Desktop
Microsoft® Windows Vista™ Business Service Pack 2 (X86) (2015-12-03 17:38:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-698314851-3235763532-1396065412-500 - Administrator - Disabled)
Guest (S-1-5-21-698314851-3235763532-1396065412-501 - Limited - Enabled)
Ivo Brož (S-1-5-21-698314851-3235763532-1396065412-1000 - Administrator - Enabled) => C:\Users\Ivo Brož
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.12 (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
7-Zip 16.04 (HKLM\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
AC3Filter 2.0a (HKLM\...\AC3Filter_is1) (Version: 2.0a - Alexander Vigovsky)
Acrylic Wi-Fi Home v3.1 (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\{3706FB7A-11FB-44C4-AD94-2B29878D75DC}_is1) (Version: 3.1 - Tarlogic Security S.L.)
Acrylic Wi-Fi Professional v3.0 (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\{FBD2EDDA-2B1B-49A2-9147-99CBCC5F10E5}_is1) (Version: 3.0 - Tarlogic Security S.L.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Advanced IP Scanner 2.4 (HKLM\...\{C3CF783A-5457-4989-966F-7BE08812FB71}) (Version: 2.4.2601 - Famatech)
AIMP3 (HKLM\...\AIMP3) (Version: v3.60.1502, 20.09.2015 - AIMP DevTeam)
Aktualizace NVIDIA 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
ATK Hotkey (HKLM\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0050 - ASUS)
Atomic Alarm Clock 6.20 (HKLM\...\Atomic Alarm Clock_is1) (Version: - Drive Software Company)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avidemux 2.6 - 32 bits (32-bit) (HKLM\...\Avidemux 2.6 - 32 bits) (Version: 2.6.14.160917 - )
Canon CanoScan Toolbox 5.0 (HKLM\...\CanoScan Toolbox 5.0) (Version: - )
CanoScan LiDE 70 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2411) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
Dropbox (HKLM\...\Dropbox) (Version: 48.4.58 - Dropbox, Inc.)
Dropbox Update Helper (HKLM\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
eCookBook 4.5.2 (HKLM\...\{AA09EB40-138D-4331-B39D-D79CBA6A994C}_is1) (Version: 4.5.2 - Eugen Lety)
FastStone Image Viewer 5.3 (HKLM\...\FastStone Image Viewer) (Version: 5.3 - FastStone Soft)
GeoGebra 5 (HKLM\...\GeoGebra 5) (Version: 5.0.230.0 - International GeoGebra Institute)
Google Drive (HKLM\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP LaserJet 1020 Series (HKLM\...\HP LaserJet 1020 Series) (Version: - )
IObit Unlocker (HKLM\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
Java 8 Update 111 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java DB 10.6.2.1 (HKLM\...\{73EC658D-A1C6-40CA-8E86-E05821BAACE7}) (Version: 10.6.2.1 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
K-Lite Codec Pack 11.5.0 Full (HKLM\...\KLiteCodecPack_is1) (Version: 11.5.0 - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
LAV Filters 0.67 (HKLM\...\lavfilters_is1) (Version: 0.67 - Hendrik Leppkes)
MediaInfo 0.7.89 (HKLM\...\MediaInfo) (Version: 0.7.89 - MediaArea.net)
MEGAsync (HKLM\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MKVToolNix 9.9.0 (32bit) (HKLM\...\MKVToolNix) (Version: 9.9.0 - Moritz Bunkus)
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 52.9.0 ESR (x86 cs) (HKLM\...\Mozilla Firefox 52.9.0 ESR (x86 cs)) (Version: 52.9.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.9.1.6764 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 cs) (HKLM\...\Mozilla Thunderbird 52.9.1 (x86 cs)) (Version: 52.9.1 - Mozilla)
Nexus 16.9 (HKLM\...\Winstep Xtreme_is1) (Version: - )
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.90 - NVIDIA Corporation)
Ovládací panel NVIDIA 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 310.90 - NVIDIA Corporation) Hidden
PDF Settings CS5 (HKLM\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PotPlayer (HKLM\...\PotPlayer) (Version: 1.7.16291 - Kakao Corp.)
PowerISO (HKLM\...\PowerISO) (Version: 6.4 - Power Software Ltd)
Rainlendar2 (remove only) (HKLM\...\Rainlendar2) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5821 - Realtek Semiconductor Corp.)
Recepty doma (HKLM\...\Recepty doma_is1) (Version: - Martin Roubec)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.57.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.57.01 - RICOH)
Samsung Kies (HKLM\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung PC Studio 3 (HKLM\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.1.71009 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (HKLM\...\{C79A37F3-C076-48BE-B290-F4C8676ABD74}) (Version: 3.0.0.71009 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Subtitle Edit 3.4.9 (HKLM\...\SubtitleEdit_is1) (Version: 3.4.9.0 - Nikse)
SugarSync Manager (HKLM\...\SugarSync) (Version: 1.9.80.99361 - SugarSync, Inc.)
USB Multi-Channel Audio Device (HKLM\...\{71B53BA8-4BE3-49AF-BC3E-07F392006206}) (Version: 1.00.0005 - C-Media Electronics, Inc.)
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
XCell Compiler 2.3.6 (HKLM\...\XCell Compiler) (Version: 2.3.6 - DoneEx)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-01-22] (AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2014-03-04] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software)
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-01-22] (AIMP DevTeam)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google)
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2014-03-04] (IObit)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2012-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2014-03-04] (IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {006A8993-78AC-45C6-9CDB-8EEC94B7CAEC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {1A98C338-38C7-4C81-9BC8-74DD98BEC0C1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {292902AB-606E-46EE-98FF-F59D7A329613} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {3574DA2E-9638-42B0-B302-E0FC44BD852B} - System32\Tasks\AdobeAAMUpdater-1.0-broz-nb-Ivo Brož => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-12-10] (Adobe Systems Incorporated)
Task: {415851D0-1958-40B9-B343-5BBF36E7E21C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)
Task: {4BF4CD01-8E02-4F68-94FE-2F8CDF2C2D94} - System32\Tasks\WindosUpda2ta => C:\Users\IVOBRO~1\AppData\Local\Temp\dlll.vbs <==== ATTENTION
Task: {4C080FE2-4B8C-4A73-B327-F65FFC21AD39} - System32\Tasks\Uninstaller_SkipUac_Ivo_Brož => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {67C1C463-2F04-46C1-85E6-C7DC7E7EF286} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {709F5BE2-8B43-4614-BCF3-A4438986850B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {795D4BC5-7A8B-4934-98ED-B16F84024809} - System32\Tasks\{D7CCBCF0-1302-44F0-B603-F769D2211119} => C:\Windows\system32\pcalua.exe -a C:\Frd\frd.exe -d C:\Frd\
Task: {8A4AEB9C-4A3D-414C-B18A-47DC38104B57} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {92751818-17C1-4488-817A-09FABD01B171} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-01-10] (Piriform Ltd)
Task: {AC02B278-B04B-4103-A10F-E7101DF84781} - System32\Tasks\{AE6CA972-194E-4679-851A-1F860BB1B7C0} => C:\Windows\system32\pcalua.exe -a "C:\Users\Ivo Brož\Disk Mega\Media\FreeRapid-0.9u4\frd.exe" -d "C:\Users\Ivo Brož\Disk Mega\Media\FreeRapid-0.9u4"
Task: {AFE10FAC-B0EF-48BA-BE00-570D27EAED91} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-18] (AVAST Software)
Task: {BE5A01FD-811C-4A69-8B94-406CF3E511C2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-12-12] (AVAST Software)
Task: {DBF56899-01E2-43F2-80C6-88C327E243AF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Ivo Brož\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
Shortcut: C:\Users\Ivo Brož\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
==================== Loaded Modules (Whitelisted) ==============
2016-03-22 13:33 - 2013-06-07 02:06 - 001147392 _____ () C:\Program Files\Atomic Alarm Clock\Clock.dll
2008-08-13 20:59 - 2008-08-13 20:59 - 000100920 _____ () C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
2018-12-12 17:33 - 2018-12-12 17:33 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-02-03 12:25 - 2019-02-03 12:25 - 005772944 _____ () C:\Program Files\AVAST Software\Avast\defs\19020300\algo.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2016-01-31 09:53 - 2012-09-18 15:26 - 000169472 _____ () C:\Windows\System32\zlhp1020.dll
2016-01-31 09:54 - 2012-09-18 15:26 - 000059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2016-03-22 13:33 - 2013-04-24 18:20 - 002007040 _____ () C:\Program Files\Atomic Alarm Clock\timeserv.exe
2015-12-28 12:06 - 2003-10-23 04:17 - 000069120 _____ () C:\Users\Ivo Brož\Disk Mega\Správce\Timery\AlphaClock\aclock.exe
2016-02-20 07:59 - 2016-02-17 08:02 - 000020352 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll
2015-11-13 12:57 - 2015-11-13 12:57 - 002739240 _____ () C:\Program Files\Rainlendar2\Rainlendar2.exe
2015-08-14 07:31 - 2015-08-14 07:31 - 000252928 _____ () C:\Program Files\Rainlendar2\libical.dll
2015-08-14 07:31 - 2015-08-14 07:31 - 000051200 _____ () C:\Program Files\Rainlendar2\libicalss.dll
2014-05-04 11:48 - 2014-05-04 11:48 - 000197632 _____ () C:\Program Files\Rainlendar2\lua52.dll
2015-11-13 12:57 - 2015-11-13 12:57 - 000068136 _____ () C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
2015-11-13 12:58 - 2015-11-13 12:58 - 000235560 _____ () C:\Program Files\Rainlendar2\plugins\GoogleCalendarPlugin.dll
2014-05-04 11:49 - 2014-05-04 11:49 - 000027648 _____ () C:\Program Files\Rainlendar2\lfs.dll
2017-11-12 16:23 - 2012-06-08 20:40 - 001086176 _____ () C:\Program Files\Winstep\wodTelnetDLX.dll
2017-11-21 07:15 - 2017-11-21 07:15 - 048936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2019-02-03 16:01 - 000000876 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Samsung\Samsung PC Studio 3\
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.150.237 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Corporation)
FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe (Microsoft Corporation)
FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe (Microsoft Corporation)
FirewallRules: [{08DD6062-1E2E-451B-B20A-60F7C9FFDBA9}] => (Allow) LPort=80
FirewallRules: [{B273ED47-F80D-406A-8F16-347EC8EC5446}] => (Allow) LPort=80
FirewallRules: [{4FB3F07B-0DCA-4802-87AC-EDA5D601DFA3}] => (Allow) LPort=80
FirewallRules: [TCP Query User{DD36DB1F-250E-41A5-A85B-EF47F7ACC859}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [UDP Query User{DA72B481-3B69-48D1-9F28-0424C9153B59}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [TCP Query User{583183BD-09D8-4E27-8881-A8EA81ACAF36}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [UDP Query User{2B79F693-9213-46F9-AE06-9FFCDA0323BD}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [{DE774DC2-BD32-4AC5-8DEA-92A29216FF8C}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
FirewallRules: [{CE2F8922-23C5-476B-B1CD-98AFB31BC2F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
FirewallRules: [{DEEC08F7-A0B9-43A2-BB48-092997BAD930}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
FirewallRules: [TCP Query User{0E27ED6F-61DB-4900-9BAA-A27CCED0D5B9}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{62B1331D-7951-4A39-801E-53C7D203B7A8}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc.)
FirewallRules: [{03CC05EC-281A-4BEB-88D0-B21E4B0754E6}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe (Tarlogic Security S.L.)
FirewallRules: [{1F1A5A56-AA1F-47B4-8733-3B57654860F6}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe (Tarlogic Security S.L.)
FirewallRules: [{1E0AA980-0B4B-46F1-BB8F-AE80D9CD5E40}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{57622297-F076-4654-8D29-F77D549215D2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [TCP Query User{62F07C6D-43D9-4BB6-B3AE-3006F15FF0F0}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{64C4E2B3-6157-4F8D-9490-71ABD433DB24}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc.)
FirewallRules: [TCP Query User{08E96C80-D5CC-4816-AB74-2F79918D1346}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle Corporation)
FirewallRules: [UDP Query User{FD23FA26-F72A-44A4-8CDA-A29EE1F0CCA0}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle Corporation)
FirewallRules: [TCP Query User{AEEEBF1B-B63B-419F-82DC-82FA54D36845}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle Corporation)
FirewallRules: [UDP Query User{D7140E4C-C781-4BC7-B9E7-ED7D0F23DBDA}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle Corporation)
FirewallRules: [{02EFEA7A-004D-4AC5-A87B-428406B2271E}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
FirewallRules: [{79CA22F6-0B16-44C3-8777-D41D83E9A2EF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{F6987523-D159-487E-801C-64C072D57CF4}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{39789F12-1381-4CBC-8D61-FD0B6AEF7043}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{A2581BC8-DD79-423B-816E-303087E30B50}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{40C642FD-2269-405E-89A2-33792ADD9A68}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/03/2019 04:05:10 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\IVO BROŽ\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\FORTITUDE.LNK> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (02/03/2019 04:05:10 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\IVO BROŽ\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\FORTITUDE.LNK> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (02/03/2019 03:24:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/03/2019 08:23:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/03/2019 07:54:04 AM) (Source: ESENT) (EventID: 481) (User: )
Description: Windows (2976) Windows: Pokus o čtení ze souboru C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb s posunem 922167287808 (0x000000d6b5742000) o 8192 (0x00002000) bajtů se po 60 sekundách nezdařil. Došlo k systémové chybě 38 (0x00000026): Byl dosažen konec souboru. . Operace čtení se nezdaří a dojde k chybě -4001 (0xfffff05f). Pokud tyto potíže potrvají, je soubor pravděpodobně poškozen a bude nutné jej obnovit ze záložní kopie.
Error: (02/03/2019 07:51:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/25/2019 10:30:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.0.6002.18005 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID procesu: 7f4
Čas zahájení: 01d4b417f26aab5f
Čas ukončení: 29
Error: (01/25/2019 08:06:20 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {ece65172-35d0-4e6f-a780-fb8c7fc9422e}
System errors:
=============
Error: (02/03/2019 03:27:18 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY)
Description: Event-ID 1001
Error: (02/03/2019 03:24:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom
Error: (02/03/2019 03:23:04 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT AUTHORITY)
Description: Event-ID 412
Error: (02/03/2019 03:22:50 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:18:48, 3.2.2019) bylo neočekávané.
Error: (02/03/2019 02:20:28 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error: (02/03/2019 02:20:28 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error: (02/03/2019 02:20:28 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error: (02/03/2019 02:20:28 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
CodeIntegrity:
===================================
Date: 2017-11-26 20:16:33.748
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:33.551
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:33.353
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:33.123
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:32.732
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.1.7601.17514_none_7194784c1e85df7d\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:32.536
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.1.7601.17514_none_7194784c1e85df7d\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:32.336
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.1.7601.17514_none_7194784c1e85df7d\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:32.103
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.1.7601.17514_none_7194784c1e85df7d\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
Percentage of memory in use: 64%
Total physical RAM: 3070.16 MB
Available physical RAM: 1093.57 MB
Total Virtual: 6355.36 MB
Available Virtual: 4519.65 MB
==================== Drives ================================
Drive c: (VistaOS) (Fixed) (Total:298.09 GB) (Free:3.4 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (SSD) (Fixed) (Total:111.79 GB) (Free:5.64 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 92A1476C)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 03DA0763)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Samovolné restarty NB
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Ivošisko
- Návštěvník
- Příspěvky: 393
- Registrován: 04 říj 2006 11:26
- Bydliště: Ostrava/Jeseníky
- Kontaktovat uživatele:
Samovolné restarty NB
Dík, Ivo.
Re: Samovolné restarty NB
Dobry den.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
► Vyšla moja nová kniha BOTNETY! 
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
-
Ivošisko
- Návštěvník
- Příspěvky: 393
- Registrován: 04 říj 2006 11:26
- Bydliště: Ostrava/Jeseníky
- Kontaktovat uživatele:
Re: Samovolné restarty NB
Děkuji za pomoc....
# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-01-31.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-03-2019
# Duration: 00:00:04
# OS: Windows Vista (TM) Business
# Cleaned: 3
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [4258 octets] - [21/01/2019 15:09:58]
AdwCleaner[C00].txt - [3900 octets] - [21/01/2019 15:10:24]
AdwCleaner[S01].txt - [1660 octets] - [03/02/2019 16:49:25]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-01-31.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-03-2019
# Duration: 00:00:04
# OS: Windows Vista (TM) Business
# Cleaned: 3
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [4258 octets] - [21/01/2019 15:09:58]
AdwCleaner[C00].txt - [3900 octets] - [21/01/2019 15:10:24]
AdwCleaner[S01].txt - [1660 octets] - [03/02/2019 16:49:25]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Dík, Ivo.
Re: Samovolné restarty NB
Mozem poprosit o novy log z FRST + ADDITION.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
-
Ivošisko
- Návštěvník
- Příspěvky: 393
- Registrován: 04 říj 2006 11:26
- Bydliště: Ostrava/Jeseníky
- Kontaktovat uživatele:
Re: Samovolné restarty NB
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-01-2019
Ran by Ivo Brož (administrator) on BROZ-NB (03-02-2019 17:29:36)
Running from C:\Users\Ivo Brož\Desktop
Loaded Profiles: Ivo Brož (Available Profiles: Ivo Brož)
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\Atomic Alarm Clock\timeserv.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\WDC.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Winstep Software Technologies) C:\Program Files\Winstep\WsxService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\Users\Ivo Brož\Disk Mega\Správce\Timery\AlphaClock\aclock.exe
(Drive Software Company) C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(Winstep Software Technologies) C:\Program Files\Winstep\Nexus.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7289376 2015-12-07] (Realtek Semiconductor)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [98304 2009-04-01] (ASUS)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2015-12-10] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [Cm106Sound] => RunDll32 cm106.cpl,CMICtrlWnd
HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960248 2015-10-26] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [3642688 2018-04-23] (Dropbox, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-12-12] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [Alpha Clock] => C:\Users\Ivo Brož\Disk Mega\Správce\Timery\AlphaClock\aclock.exe [69120 2003-10-23] ()
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [AtomicAlarmClock6] => C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe [3621376 2016-03-22] (Drive Software Company)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1021736 2016-01-08] (Samsung)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [2739240 2015-11-13] ()
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [NeXuS-Ultimate] => C:\Program Files\Winstep\Nexus.exe [14688896 2016-10-06] (Winstep Software Technologies)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\MountPoints2: {1fd2caed-200b-11e9-b1d7-002243c6c20d} - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2006-11-02] (Microsoft Corporation)
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\system32\ac3filter.acm [1075200 2012-04-09] ()
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2019-01-16] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\USB Multi-Channel Audio Device – zástupce.lnk [2016-01-20]
ShortcutTarget: USB Multi-Channel Audio Device – zástupce.lnk -> (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.150.237 192.168.1.1
Tcpip\..\Interfaces\{8F985A02-AFC7-4F31-9AEB-B906A326FEEF}: [DhcpNameServer] 192.168.150.237 192.168.1.1
Tcpip\..\Interfaces\{E4F7D5EC-A14C-4D43-80CC-AD22C07F8A51}: [DhcpNameServer] 10.111.0.1 10.114.1.1 91.221.212.198
Internet Explorer:
==================
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131230232319602000&GUID=8055860F-EFF5-4C63-9C53-171B90716F95
SearchScopes: HKU\S-1-5-21-698314851-3235763532-1396065412-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-11] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-11] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-00111-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: rxbgig8q.default
FF ProfilePath: C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default [2019-02-03]
FF Homepage: Mozilla\Firefox\Profiles\rxbgig8q.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\rxbgig8q.default -> is enabled.
FF Extension: (FaviconizeTab) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\faviconizetab@espion.just-size.jp.xpi [2016-11-17] [Legacy]
FF Extension: (To Google Translate) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2018-07-15]
FF Extension: (Avast Passwords) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2019-01-11]
FF Extension: (WebToPDF) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\manish.p05@gmail.com.xpi [2017-08-12] [Legacy]
FF Extension: (Print Edit) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\printedit@DW-dev.xpi [2018-03-23] [Legacy]
FF Extension: (Save as PDF) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2017-11-11]
FF Extension: (Google Translator for Firefox) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\translator@zoli.bod.xpi [2018-03-25] [Legacy]
FF Extension: (Avast Online Security) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\wrc@avast.com.xpi [2019-01-29]
FF Extension: (FxIF) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi [2016-08-06] [Legacy]
FF Extension: (FireTray) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{9533f794-00b4-4354-aa15-c2bbda6989f8} [2016-08-06] [Legacy]
FF Extension: (No Name) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-23]
FF Extension: (Tab Mix Plus) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-09-01] [Legacy]
FF Extension: (Web2PDF converter) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{e8f509f0-b677-11de-8a39-0800200c9a66}.xpi [2016-08-06] [Legacy]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-12-07] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Windows\system32\npdeployJava1.dll [2016-12-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-11] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default [2019-01-21]
CHR Extension: (Prezentace) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-16]
CHR Extension: (Dokumenty) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-16]
CHR Extension: (Disk Google) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-16]
CHR Extension: (YouTube) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-16]
CHR Extension: (Tabulky) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-16]
CHR Extension: (Gmail) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-16]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-09] (Adobe Systems Incorporated) [File not signed]
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [100920 2008-08-13] ()
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6799632 2018-12-12] (AVAST Software)
R2 AtomicAlarmClock; C:\Program Files\Atomic Alarm Clock\timeserv.exe [2007040 2013-04-24] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-12-12] (AVAST Software)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [43344 2018-04-23] (Dropbox, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [931200 2016-02-17] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 Winstep Xtreme Service; C:\Program Files\Winstep\WsxService.exe [774656 2016-06-07] (Winstep Software Technologies) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167480 2018-12-12] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188976 2018-12-12] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165384 2018-12-12] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284256 2018-12-12] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57904 2018-12-12] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [183176 2018-12-12] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42736 2018-12-12] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2018-12-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135200 2019-01-19] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr.sys [70640 2018-12-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2018-12-12] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784560 2018-12-12] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397992 2018-12-12] (AVAST Software)
R3 aswStmXP; C:\Windows\System32\drivers\aswStmXP.sys [146584 2018-12-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310200 2018-12-12] (AVAST Software)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-10] (Společnost Microsoft)
S4 IObitUnlocker; C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys [30216 2014-03-04] (IObit)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114368 2015-10-08] (Power Software Ltd)
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [191200 2016-01-08] (DEVGURU Co., LTD.(www.devguru.co.kr))
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
S3 USBMULCD; C:\Windows\System32\drivers\CM106.sys [3105280 2012-10-04] (C-Media Electronics Inc)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-03 16:45 - 2019-02-03 16:46 - 007316688 _____ (Malwarebytes) C:\Users\Ivo Brož\Desktop\adwcleaner_7.2.7.0.exe
2019-02-03 16:14 - 2019-02-03 16:15 - 000040949 _____ C:\Users\Ivo Brož\Desktop\Addition.txt
2019-02-03 16:12 - 2019-02-03 17:30 - 000018795 _____ C:\Users\Ivo Brož\Desktop\FRST.txt
2019-02-03 16:10 - 2019-02-03 16:11 - 001788416 _____ (Farbar) C:\Users\Ivo Brož\Desktop\FRST.exe
2019-02-03 16:00 - 2019-02-03 16:00 - 000000863 _____ C:\Users\Public\Desktop\PotPlayer.lnk
2019-02-03 07:50 - 2019-02-03 07:50 - 000149784 _____ C:\Windows\Minidump\Mini020319-01.dmp
2019-02-03 07:50 - 2019-02-03 07:50 - 000000000 ____D C:\Windows\Minidump
2019-02-03 07:49 - 2019-02-03 07:49 - 149304508 _____ C:\Windows\MEMORY.DMP
2019-01-31 16:49 - 2019-01-31 16:49 - 000825464 _____ C:\Users\Ivo Brož\Desktop\Alien.Woosh.01.wav
2019-01-31 16:48 - 2019-01-31 16:49 - 000733304 _____ C:\Users\Ivo Brož\Desktop\Alien.Woosh.02.wav
2019-01-31 16:48 - 2019-01-31 16:48 - 000733304 _____ C:\Users\Ivo Brož\Desktop\Alien.Woosh.03.wav
2019-01-31 16:37 - 2019-01-31 16:37 - 000785664 _____ C:\Users\Ivo Brož\Desktop\Space.Ship.Fly.By.05.wav
2019-01-31 12:57 - 2019-01-31 12:57 - 000563842 _____ C:\Users\Ivo Brož\Desktop\Scanner.wav
2019-01-30 15:50 - 2019-01-30 15:50 - 000698556 _____ C:\Users\Ivo Brož\Desktop\Pruvodce_zivotem_abstinenci_0.pdf
2019-01-30 14:50 - 2019-01-30 14:54 - 000000000 ____D C:\Users\Ivo Brož\Desktop\Doklady
2019-01-26 15:47 - 2019-01-26 15:47 - 000421805 _____ C:\Users\Ivo Brož\Desktop\Palačinky.htm
2019-01-26 15:47 - 2019-01-26 15:47 - 000383115 _____ C:\Users\Ivo Brož\Desktop\Americké lívance.htm
2019-01-26 15:25 - 2019-01-26 15:47 - 000000000 ____D C:\Users\Ivo Brož\Desktop\Palačinky_soubory
2019-01-26 15:23 - 2019-01-26 15:47 - 000000000 ____D C:\Users\Ivo Brož\Desktop\Americké lívance_soubory
2019-01-26 14:52 - 2019-01-26 14:52 - 000510384 _____ C:\Users\Ivo Brož\Desktop\Rychlá bábovka.htm
2019-01-26 14:49 - 2019-01-26 14:52 - 000000000 ____D C:\Users\Ivo Brož\Desktop\Rychlá bábovka_soubory
2019-01-25 22:41 - 2019-01-25 22:41 - 000000811 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-25 16:46 - 2019-01-25 16:46 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\Daum
2019-01-24 21:40 - 2019-01-24 21:44 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\vlc
2019-01-24 21:39 - 2019-01-24 21:39 - 000000866 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-01-24 21:39 - 2019-01-24 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-01-23 17:51 - 2019-01-24 21:38 - 000000000 ____D C:\Program Files\VideoLAN
2019-01-22 18:21 - 2019-01-22 18:21 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\360CloudEnterprise
2019-01-22 18:16 - 2019-01-22 18:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Unlocker
2019-01-22 18:16 - 2019-01-22 18:16 - 000000000 ____D C:\Program Files\IObit
2019-01-21 20:27 - 2019-01-22 17:34 - 000262522 _____ C:\Windows\ntbtlog.txt
2019-01-21 10:23 - 2019-02-03 17:29 - 000000000 ____D C:\FRST
2019-01-20 20:18 - 2018-12-12 17:33 - 000323288 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-16 18:19 - 2019-01-16 18:19 - 000001990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-16 18:19 - 2019-01-16 18:19 - 000001978 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-03 17:28 - 2018-09-30 18:38 - 000000000 ____D C:\Users\Ivo Brož\AppData\Local\AVAST Software
2019-02-03 17:12 - 2016-11-05 09:02 - 000000896 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-02-03 17:08 - 2016-11-17 10:32 - 000000000 ____D C:\Users\Ivo Brož\AppData\LocalLow\Mozilla
2019-02-03 17:07 - 2008-04-17 13:36 - 000644548 _____ C:\Windows\system32\perfh005.dat
2019-02-03 17:07 - 2008-04-17 13:36 - 000137186 _____ C:\Windows\system32\perfc005.dat
2019-02-03 17:07 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\inf
2019-02-03 17:07 - 2006-11-02 11:33 - 001530430 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-03 17:03 - 2016-10-30 10:53 - 000000000 ____D C:\Users\Ivo Brož\.rainlendar2
2019-02-03 17:01 - 2016-11-05 09:02 - 000000892 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-02-03 17:00 - 2006-11-02 14:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-03 17:00 - 2006-11-02 13:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-03 17:00 - 2006-11-02 13:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-03 16:59 - 2015-12-03 15:08 - 000005332 _____ C:\Windows\bthservsdp.dat
2019-02-03 16:59 - 2006-11-02 14:01 - 000032550 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-02-03 16:47 - 2015-12-09 17:18 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\uTorrent
2019-02-03 16:00 - 2016-01-29 10:50 - 000000000 ____D C:\Program Files\PotPlayer
2019-02-03 14:12 - 2015-12-09 15:43 - 000000000 ____D C:\Program Files\Dropbox
2019-02-03 09:58 - 2018-12-16 19:59 - 000000000 ____D C:\Program Files\RQMONEY
2019-02-03 07:50 - 2015-12-03 10:46 - 000000000 ____D C:\Users\Ivo Brož
2019-01-31 15:15 - 2016-07-30 11:32 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\Audacity
2019-01-25 22:41 - 2016-01-25 11:37 - 000000000 ____D C:\Program Files\CCleaner
2019-01-25 22:25 - 2016-01-29 10:55 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\PotPlayerMini
2019-01-22 18:22 - 2018-03-25 07:42 - 000000000 ____D C:\Program Files\360
2019-01-22 18:16 - 2018-03-23 14:52 - 000000000 ____D C:\ProgramData\IObit
2019-01-22 09:58 - 2016-09-24 10:07 - 000000000 ____D C:\Users\Public\Documents\Winstep
2019-01-21 19:32 - 2016-02-13 21:46 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-01-21 19:07 - 2006-11-02 12:18 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-01-21 15:10 - 2018-03-23 14:54 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\IObit
2019-01-21 15:10 - 2018-03-23 14:54 - 000000000 ____D C:\Users\Ivo Brož\AppData\LocalLow\IObit
2019-01-21 15:10 - 2018-03-23 14:54 - 000000000 ____D C:\Program Files\Common Files\IObit
2019-01-21 15:09 - 2016-12-11 12:10 - 000000000 ____D C:\AdwCleaner
2019-01-19 11:07 - 2017-11-21 07:16 - 000135200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-16 18:19 - 2015-12-16 03:08 - 000000000 ____D C:\Program Files\Google
2019-01-14 13:37 - 2016-08-19 13:38 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\Acrylic Wi-Fi Professional
2019-01-14 13:33 - 2016-07-25 12:50 - 000000218 _____ C:\Users\Ivo Brož\advanced_ip_scanner_MAC.bin
2019-01-09 08:24 - 2015-12-07 20:47 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2019-01-09 08:24 - 2015-12-07 20:47 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-01-09 08:24 - 2015-12-07 20:47 - 000000000 ____D C:\Windows\system32\Macromed
==================== Files in the root of some directories =======
2015-12-10 22:50 - 2018-04-07 20:41 - 000000132 _____ () C:\Users\Ivo Brož\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-12-10 19:20 - 2015-12-10 19:20 - 000023888 _____ () C:\Users\Ivo Brož\AppData\Roaming\UserTile.png
2017-08-30 15:17 - 2017-11-27 01:25 - 000001480 _____ () C:\Users\Ivo Brož\AppData\Local\Adobe Uložit pro web 12.0 Prefs
2015-12-03 10:46 - 2016-12-11 16:08 - 000007916 _____ () C:\Users\Ivo Brož\AppData\Local\d3d9caps.dat
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2019-02-03 17:07
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-01-2019
Ran by Ivo Brož (03-02-2019 17:30:57)
Running from C:\Users\Ivo Brož\Desktop
Microsoft® Windows Vista™ Business Service Pack 2 (X86) (2015-12-03 17:38:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-698314851-3235763532-1396065412-500 - Administrator - Disabled)
Guest (S-1-5-21-698314851-3235763532-1396065412-501 - Limited - Enabled)
Ivo Brož (S-1-5-21-698314851-3235763532-1396065412-1000 - Administrator - Enabled) => C:\Users\Ivo Brož
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.12 (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
7-Zip 16.04 (HKLM\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
AC3Filter 2.0a (HKLM\...\AC3Filter_is1) (Version: 2.0a - Alexander Vigovsky)
Acrylic Wi-Fi Home v3.1 (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\{3706FB7A-11FB-44C4-AD94-2B29878D75DC}_is1) (Version: 3.1 - Tarlogic Security S.L.)
Acrylic Wi-Fi Professional v3.0 (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\{FBD2EDDA-2B1B-49A2-9147-99CBCC5F10E5}_is1) (Version: 3.0 - Tarlogic Security S.L.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Advanced IP Scanner 2.4 (HKLM\...\{C3CF783A-5457-4989-966F-7BE08812FB71}) (Version: 2.4.2601 - Famatech)
AIMP3 (HKLM\...\AIMP3) (Version: v3.60.1502, 20.09.2015 - AIMP DevTeam)
Aktualizace NVIDIA 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
ATK Hotkey (HKLM\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0050 - ASUS)
Atomic Alarm Clock 6.20 (HKLM\...\Atomic Alarm Clock_is1) (Version: - Drive Software Company)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avidemux 2.6 - 32 bits (32-bit) (HKLM\...\Avidemux 2.6 - 32 bits) (Version: 2.6.14.160917 - )
Canon CanoScan Toolbox 5.0 (HKLM\...\CanoScan Toolbox 5.0) (Version: - )
CanoScan LiDE 70 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2411) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
Dropbox (HKLM\...\Dropbox) (Version: 48.4.58 - Dropbox, Inc.)
Dropbox Update Helper (HKLM\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
eCookBook 4.5.2 (HKLM\...\{AA09EB40-138D-4331-B39D-D79CBA6A994C}_is1) (Version: 4.5.2 - Eugen Lety)
FastStone Image Viewer 5.3 (HKLM\...\FastStone Image Viewer) (Version: 5.3 - FastStone Soft)
GeoGebra 5 (HKLM\...\GeoGebra 5) (Version: 5.0.230.0 - International GeoGebra Institute)
Google Drive (HKLM\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP LaserJet 1020 Series (HKLM\...\HP LaserJet 1020 Series) (Version: - )
IObit Unlocker (HKLM\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
Java 8 Update 111 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java DB 10.6.2.1 (HKLM\...\{73EC658D-A1C6-40CA-8E86-E05821BAACE7}) (Version: 10.6.2.1 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
K-Lite Codec Pack 11.5.0 Full (HKLM\...\KLiteCodecPack_is1) (Version: 11.5.0 - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
LAV Filters 0.67 (HKLM\...\lavfilters_is1) (Version: 0.67 - Hendrik Leppkes)
MediaInfo 0.7.89 (HKLM\...\MediaInfo) (Version: 0.7.89 - MediaArea.net)
MEGAsync (HKLM\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MKVToolNix 9.9.0 (32bit) (HKLM\...\MKVToolNix) (Version: 9.9.0 - Moritz Bunkus)
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 52.9.0 ESR (x86 cs) (HKLM\...\Mozilla Firefox 52.9.0 ESR (x86 cs)) (Version: 52.9.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.9.1.6764 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 cs) (HKLM\...\Mozilla Thunderbird 52.9.1 (x86 cs)) (Version: 52.9.1 - Mozilla)
Nexus 16.9 (HKLM\...\Winstep Xtreme_is1) (Version: - )
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.90 - NVIDIA Corporation)
Ovládací panel NVIDIA 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 310.90 - NVIDIA Corporation) Hidden
PDF Settings CS5 (HKLM\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PotPlayer (HKLM\...\PotPlayer) (Version: 1.7.16291 - Kakao Corp.)
PowerISO (HKLM\...\PowerISO) (Version: 6.4 - Power Software Ltd)
Rainlendar2 (remove only) (HKLM\...\Rainlendar2) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5821 - Realtek Semiconductor Corp.)
Recepty doma (HKLM\...\Recepty doma_is1) (Version: - Martin Roubec)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.57.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.57.01 - RICOH)
Samsung Kies (HKLM\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung PC Studio 3 (HKLM\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.1.71009 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (HKLM\...\{C79A37F3-C076-48BE-B290-F4C8676ABD74}) (Version: 3.0.0.71009 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Subtitle Edit 3.4.9 (HKLM\...\SubtitleEdit_is1) (Version: 3.4.9.0 - Nikse)
SugarSync Manager (HKLM\...\SugarSync) (Version: 1.9.80.99361 - SugarSync, Inc.)
USB Multi-Channel Audio Device (HKLM\...\{71B53BA8-4BE3-49AF-BC3E-07F392006206}) (Version: 1.00.0005 - C-Media Electronics, Inc.)
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
XCell Compiler 2.3.6 (HKLM\...\XCell Compiler) (Version: 2.3.6 - DoneEx)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-01-22] (AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2014-03-04] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software)
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-01-22] (AIMP DevTeam)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google)
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2014-03-04] (IObit)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2012-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2014-03-04] (IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {006A8993-78AC-45C6-9CDB-8EEC94B7CAEC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {1A98C338-38C7-4C81-9BC8-74DD98BEC0C1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {292902AB-606E-46EE-98FF-F59D7A329613} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {3574DA2E-9638-42B0-B302-E0FC44BD852B} - System32\Tasks\AdobeAAMUpdater-1.0-broz-nb-Ivo Brož => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-12-10] (Adobe Systems Incorporated)
Task: {415851D0-1958-40B9-B343-5BBF36E7E21C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)
Task: {4BF4CD01-8E02-4F68-94FE-2F8CDF2C2D94} - System32\Tasks\WindosUpda2ta => C:\Users\IVOBRO~1\AppData\Local\Temp\dlll.vbs <==== ATTENTION
Task: {4C080FE2-4B8C-4A73-B327-F65FFC21AD39} - System32\Tasks\Uninstaller_SkipUac_Ivo_Brož => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {67C1C463-2F04-46C1-85E6-C7DC7E7EF286} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {709F5BE2-8B43-4614-BCF3-A4438986850B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {795D4BC5-7A8B-4934-98ED-B16F84024809} - System32\Tasks\{D7CCBCF0-1302-44F0-B603-F769D2211119} => C:\Windows\system32\pcalua.exe -a C:\Frd\frd.exe -d C:\Frd\
Task: {8A4AEB9C-4A3D-414C-B18A-47DC38104B57} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {92751818-17C1-4488-817A-09FABD01B171} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-01-10] (Piriform Ltd)
Task: {AC02B278-B04B-4103-A10F-E7101DF84781} - System32\Tasks\{AE6CA972-194E-4679-851A-1F860BB1B7C0} => C:\Windows\system32\pcalua.exe -a "C:\Users\Ivo Brož\Disk Mega\Media\FreeRapid-0.9u4\frd.exe" -d "C:\Users\Ivo Brož\Disk Mega\Media\FreeRapid-0.9u4"
Task: {AFE10FAC-B0EF-48BA-BE00-570D27EAED91} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-18] (AVAST Software)
Task: {BE5A01FD-811C-4A69-8B94-406CF3E511C2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-12-12] (AVAST Software)
Task: {DBF56899-01E2-43F2-80C6-88C327E243AF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Ivo Brož\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
Shortcut: C:\Users\Ivo Brož\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
==================== Loaded Modules (Whitelisted) ==============
2016-03-22 13:33 - 2013-06-07 02:06 - 001147392 _____ () C:\Program Files\Atomic Alarm Clock\Clock.dll
2008-08-13 20:59 - 2008-08-13 20:59 - 000100920 _____ () C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
2018-12-12 17:33 - 2018-12-12 17:33 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2019-02-03 17:04 - 2019-02-03 17:04 - 005772944 _____ () C:\Program Files\AVAST Software\Avast\defs\19020302\algo.dll
2016-01-31 09:53 - 2012-09-18 15:26 - 000169472 _____ () C:\Windows\System32\zlhp1020.dll
2016-01-31 09:54 - 2012-09-18 15:26 - 000059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2016-03-22 13:33 - 2013-04-24 18:20 - 002007040 _____ () C:\Program Files\Atomic Alarm Clock\timeserv.exe
2016-02-20 07:59 - 2016-02-17 08:02 - 000020352 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll
2015-12-28 12:06 - 2003-10-23 04:17 - 000069120 _____ () C:\Users\Ivo Brož\Disk Mega\Správce\Timery\AlphaClock\aclock.exe
2015-11-13 12:57 - 2015-11-13 12:57 - 002739240 _____ () C:\Program Files\Rainlendar2\Rainlendar2.exe
2015-08-14 07:31 - 2015-08-14 07:31 - 000252928 _____ () C:\Program Files\Rainlendar2\libical.dll
2015-08-14 07:31 - 2015-08-14 07:31 - 000051200 _____ () C:\Program Files\Rainlendar2\libicalss.dll
2014-05-04 11:48 - 2014-05-04 11:48 - 000197632 _____ () C:\Program Files\Rainlendar2\lua52.dll
2015-11-13 12:57 - 2015-11-13 12:57 - 000068136 _____ () C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
2015-11-13 12:58 - 2015-11-13 12:58 - 000235560 _____ () C:\Program Files\Rainlendar2\plugins\GoogleCalendarPlugin.dll
2014-05-04 11:49 - 2014-05-04 11:49 - 000027648 _____ () C:\Program Files\Rainlendar2\lfs.dll
2017-11-12 16:23 - 2012-06-08 20:40 - 001086176 _____ () C:\Program Files\Winstep\wodTelnetDLX.dll
2017-11-21 07:15 - 2017-11-21 07:15 - 048936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2019-02-03 17:03 - 000000876 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Samsung\Samsung PC Studio 3\
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.150.237 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Corporation)
FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe (Microsoft Corporation)
FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe (Microsoft Corporation)
FirewallRules: [{08DD6062-1E2E-451B-B20A-60F7C9FFDBA9}] => (Allow) LPort=80
FirewallRules: [{B273ED47-F80D-406A-8F16-347EC8EC5446}] => (Allow) LPort=80
FirewallRules: [{4FB3F07B-0DCA-4802-87AC-EDA5D601DFA3}] => (Allow) LPort=80
FirewallRules: [TCP Query User{DD36DB1F-250E-41A5-A85B-EF47F7ACC859}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [UDP Query User{DA72B481-3B69-48D1-9F28-0424C9153B59}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [TCP Query User{583183BD-09D8-4E27-8881-A8EA81ACAF36}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [UDP Query User{2B79F693-9213-46F9-AE06-9FFCDA0323BD}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [{DE774DC2-BD32-4AC5-8DEA-92A29216FF8C}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
FirewallRules: [{CE2F8922-23C5-476B-B1CD-98AFB31BC2F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
FirewallRules: [{DEEC08F7-A0B9-43A2-BB48-092997BAD930}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
FirewallRules: [TCP Query User{0E27ED6F-61DB-4900-9BAA-A27CCED0D5B9}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{62B1331D-7951-4A39-801E-53C7D203B7A8}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc.)
FirewallRules: [{03CC05EC-281A-4BEB-88D0-B21E4B0754E6}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe (Tarlogic Security S.L.)
FirewallRules: [{1F1A5A56-AA1F-47B4-8733-3B57654860F6}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe (Tarlogic Security S.L.)
FirewallRules: [{1E0AA980-0B4B-46F1-BB8F-AE80D9CD5E40}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{57622297-F076-4654-8D29-F77D549215D2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [TCP Query User{62F07C6D-43D9-4BB6-B3AE-3006F15FF0F0}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{64C4E2B3-6157-4F8D-9490-71ABD433DB24}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc.)
FirewallRules: [TCP Query User{08E96C80-D5CC-4816-AB74-2F79918D1346}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle Corporation)
FirewallRules: [UDP Query User{FD23FA26-F72A-44A4-8CDA-A29EE1F0CCA0}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle Corporation)
FirewallRules: [TCP Query User{AEEEBF1B-B63B-419F-82DC-82FA54D36845}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle Corporation)
FirewallRules: [UDP Query User{D7140E4C-C781-4BC7-B9E7-ED7D0F23DBDA}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle Corporation)
FirewallRules: [{02EFEA7A-004D-4AC5-A87B-428406B2271E}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
FirewallRules: [{79CA22F6-0B16-44C3-8777-D41D83E9A2EF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{F6987523-D159-487E-801C-64C072D57CF4}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{39789F12-1381-4CBC-8D61-FD0B6AEF7043}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{A2581BC8-DD79-423B-816E-303087E30B50}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{40C642FD-2269-405E-89A2-33792ADD9A68}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/03/2019 05:01:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/03/2019 04:05:10 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\IVO BROŽ\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\FORTITUDE.LNK> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (02/03/2019 04:05:10 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\IVO BROŽ\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\FORTITUDE.LNK> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (02/03/2019 03:24:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/03/2019 08:23:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/03/2019 07:54:04 AM) (Source: ESENT) (EventID: 481) (User: )
Description: Windows (2976) Windows: Pokus o čtení ze souboru C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb s posunem 922167287808 (0x000000d6b5742000) o 8192 (0x00002000) bajtů se po 60 sekundách nezdařil. Došlo k systémové chybě 38 (0x00000026): Byl dosažen konec souboru. . Operace čtení se nezdaří a dojde k chybě -4001 (0xfffff05f). Pokud tyto potíže potrvají, je soubor pravděpodobně poškozen a bude nutné jej obnovit ze záložní kopie.
Error: (02/03/2019 07:51:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/25/2019 10:30:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.0.6002.18005 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID procesu: 7f4
Čas zahájení: 01d4b417f26aab5f
Čas ukončení: 29
System errors:
=============
Error: (02/03/2019 05:07:04 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY)
Description: Event-ID 1001
Error: (02/03/2019 05:01:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom
Error: (02/03/2019 05:00:57 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT AUTHORITY)
Description: Event-ID 412
Error: (02/03/2019 04:59:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Licencování softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (02/03/2019 04:59:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Network Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/03/2019 04:59:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Winstep Xtreme Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/03/2019 04:59:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (02/03/2019 04:59:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SAMSUNG Mobile Connectivity Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2017-11-26 20:16:33.748
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:33.551
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:33.353
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:33.123
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:32.732
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.1.7601.17514_none_7194784c1e85df7d\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:32.536
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.1.7601.17514_none_7194784c1e85df7d\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:32.336
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.1.7601.17514_none_7194784c1e85df7d\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:32.103
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.1.7601.17514_none_7194784c1e85df7d\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
Percentage of memory in use: 54%
Total physical RAM: 3070.16 MB
Available physical RAM: 1389.09 MB
Total Virtual: 6365.34 MB
Available Virtual: 4777.25 MB
==================== Drives ================================
Drive c: (VistaOS) (Fixed) (Total:298.09 GB) (Free:3.06 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (SSD) (Fixed) (Total:111.79 GB) (Free:5.64 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 92A1476C)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 03DA0763)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by Ivo Brož (administrator) on BROZ-NB (03-02-2019 17:29:36)
Running from C:\Users\Ivo Brož\Desktop
Loaded Profiles: Ivo Brož (Available Profiles: Ivo Brož)
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\Atomic Alarm Clock\timeserv.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\WDC.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Winstep Software Technologies) C:\Program Files\Winstep\WsxService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\Users\Ivo Brož\Disk Mega\Správce\Timery\AlphaClock\aclock.exe
(Drive Software Company) C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(Winstep Software Technologies) C:\Program Files\Winstep\Nexus.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7289376 2015-12-07] (Realtek Semiconductor)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [98304 2009-04-01] (ASUS)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2015-12-10] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [Cm106Sound] => RunDll32 cm106.cpl,CMICtrlWnd
HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960248 2015-10-26] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [3642688 2018-04-23] (Dropbox, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-12-12] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [Alpha Clock] => C:\Users\Ivo Brož\Disk Mega\Správce\Timery\AlphaClock\aclock.exe [69120 2003-10-23] ()
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [AtomicAlarmClock6] => C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe [3621376 2016-03-22] (Drive Software Company)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1021736 2016-01-08] (Samsung)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [2739240 2015-11-13] ()
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [NeXuS-Ultimate] => C:\Program Files\Winstep\Nexus.exe [14688896 2016-10-06] (Winstep Software Technologies)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\MountPoints2: {1fd2caed-200b-11e9-b1d7-002243c6c20d} - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2006-11-02] (Microsoft Corporation)
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\system32\ac3filter.acm [1075200 2012-04-09] ()
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2019-01-16] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\USB Multi-Channel Audio Device – zástupce.lnk [2016-01-20]
ShortcutTarget: USB Multi-Channel Audio Device – zástupce.lnk -> (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.150.237 192.168.1.1
Tcpip\..\Interfaces\{8F985A02-AFC7-4F31-9AEB-B906A326FEEF}: [DhcpNameServer] 192.168.150.237 192.168.1.1
Tcpip\..\Interfaces\{E4F7D5EC-A14C-4D43-80CC-AD22C07F8A51}: [DhcpNameServer] 10.111.0.1 10.114.1.1 91.221.212.198
Internet Explorer:
==================
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131230232319602000&GUID=8055860F-EFF5-4C63-9C53-171B90716F95
SearchScopes: HKU\S-1-5-21-698314851-3235763532-1396065412-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-11] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-11] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-00111-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: rxbgig8q.default
FF ProfilePath: C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default [2019-02-03]
FF Homepage: Mozilla\Firefox\Profiles\rxbgig8q.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\rxbgig8q.default -> is enabled.
FF Extension: (FaviconizeTab) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\faviconizetab@espion.just-size.jp.xpi [2016-11-17] [Legacy]
FF Extension: (To Google Translate) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2018-07-15]
FF Extension: (Avast Passwords) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2019-01-11]
FF Extension: (WebToPDF) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\manish.p05@gmail.com.xpi [2017-08-12] [Legacy]
FF Extension: (Print Edit) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\printedit@DW-dev.xpi [2018-03-23] [Legacy]
FF Extension: (Save as PDF) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2017-11-11]
FF Extension: (Google Translator for Firefox) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\translator@zoli.bod.xpi [2018-03-25] [Legacy]
FF Extension: (Avast Online Security) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\wrc@avast.com.xpi [2019-01-29]
FF Extension: (FxIF) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi [2016-08-06] [Legacy]
FF Extension: (FireTray) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{9533f794-00b4-4354-aa15-c2bbda6989f8} [2016-08-06] [Legacy]
FF Extension: (No Name) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-23]
FF Extension: (Tab Mix Plus) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-09-01] [Legacy]
FF Extension: (Web2PDF converter) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{e8f509f0-b677-11de-8a39-0800200c9a66}.xpi [2016-08-06] [Legacy]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-12-07] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Windows\system32\npdeployJava1.dll [2016-12-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-11] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default [2019-01-21]
CHR Extension: (Prezentace) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-16]
CHR Extension: (Dokumenty) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-16]
CHR Extension: (Disk Google) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-16]
CHR Extension: (YouTube) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-16]
CHR Extension: (Tabulky) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-16]
CHR Extension: (Gmail) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-16]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-09] (Adobe Systems Incorporated) [File not signed]
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [100920 2008-08-13] ()
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6799632 2018-12-12] (AVAST Software)
R2 AtomicAlarmClock; C:\Program Files\Atomic Alarm Clock\timeserv.exe [2007040 2013-04-24] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-12-12] (AVAST Software)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [43344 2018-04-23] (Dropbox, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [931200 2016-02-17] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 Winstep Xtreme Service; C:\Program Files\Winstep\WsxService.exe [774656 2016-06-07] (Winstep Software Technologies) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167480 2018-12-12] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188976 2018-12-12] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165384 2018-12-12] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284256 2018-12-12] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57904 2018-12-12] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [183176 2018-12-12] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42736 2018-12-12] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2018-12-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135200 2019-01-19] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr.sys [70640 2018-12-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2018-12-12] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784560 2018-12-12] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397992 2018-12-12] (AVAST Software)
R3 aswStmXP; C:\Windows\System32\drivers\aswStmXP.sys [146584 2018-12-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310200 2018-12-12] (AVAST Software)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-10] (Společnost Microsoft)
S4 IObitUnlocker; C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys [30216 2014-03-04] (IObit)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114368 2015-10-08] (Power Software Ltd)
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [191200 2016-01-08] (DEVGURU Co., LTD.(www.devguru.co.kr))
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
S3 USBMULCD; C:\Windows\System32\drivers\CM106.sys [3105280 2012-10-04] (C-Media Electronics Inc)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-03 16:45 - 2019-02-03 16:46 - 007316688 _____ (Malwarebytes) C:\Users\Ivo Brož\Desktop\adwcleaner_7.2.7.0.exe
2019-02-03 16:14 - 2019-02-03 16:15 - 000040949 _____ C:\Users\Ivo Brož\Desktop\Addition.txt
2019-02-03 16:12 - 2019-02-03 17:30 - 000018795 _____ C:\Users\Ivo Brož\Desktop\FRST.txt
2019-02-03 16:10 - 2019-02-03 16:11 - 001788416 _____ (Farbar) C:\Users\Ivo Brož\Desktop\FRST.exe
2019-02-03 16:00 - 2019-02-03 16:00 - 000000863 _____ C:\Users\Public\Desktop\PotPlayer.lnk
2019-02-03 07:50 - 2019-02-03 07:50 - 000149784 _____ C:\Windows\Minidump\Mini020319-01.dmp
2019-02-03 07:50 - 2019-02-03 07:50 - 000000000 ____D C:\Windows\Minidump
2019-02-03 07:49 - 2019-02-03 07:49 - 149304508 _____ C:\Windows\MEMORY.DMP
2019-01-31 16:49 - 2019-01-31 16:49 - 000825464 _____ C:\Users\Ivo Brož\Desktop\Alien.Woosh.01.wav
2019-01-31 16:48 - 2019-01-31 16:49 - 000733304 _____ C:\Users\Ivo Brož\Desktop\Alien.Woosh.02.wav
2019-01-31 16:48 - 2019-01-31 16:48 - 000733304 _____ C:\Users\Ivo Brož\Desktop\Alien.Woosh.03.wav
2019-01-31 16:37 - 2019-01-31 16:37 - 000785664 _____ C:\Users\Ivo Brož\Desktop\Space.Ship.Fly.By.05.wav
2019-01-31 12:57 - 2019-01-31 12:57 - 000563842 _____ C:\Users\Ivo Brož\Desktop\Scanner.wav
2019-01-30 15:50 - 2019-01-30 15:50 - 000698556 _____ C:\Users\Ivo Brož\Desktop\Pruvodce_zivotem_abstinenci_0.pdf
2019-01-30 14:50 - 2019-01-30 14:54 - 000000000 ____D C:\Users\Ivo Brož\Desktop\Doklady
2019-01-26 15:47 - 2019-01-26 15:47 - 000421805 _____ C:\Users\Ivo Brož\Desktop\Palačinky.htm
2019-01-26 15:47 - 2019-01-26 15:47 - 000383115 _____ C:\Users\Ivo Brož\Desktop\Americké lívance.htm
2019-01-26 15:25 - 2019-01-26 15:47 - 000000000 ____D C:\Users\Ivo Brož\Desktop\Palačinky_soubory
2019-01-26 15:23 - 2019-01-26 15:47 - 000000000 ____D C:\Users\Ivo Brož\Desktop\Americké lívance_soubory
2019-01-26 14:52 - 2019-01-26 14:52 - 000510384 _____ C:\Users\Ivo Brož\Desktop\Rychlá bábovka.htm
2019-01-26 14:49 - 2019-01-26 14:52 - 000000000 ____D C:\Users\Ivo Brož\Desktop\Rychlá bábovka_soubory
2019-01-25 22:41 - 2019-01-25 22:41 - 000000811 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-25 16:46 - 2019-01-25 16:46 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\Daum
2019-01-24 21:40 - 2019-01-24 21:44 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\vlc
2019-01-24 21:39 - 2019-01-24 21:39 - 000000866 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-01-24 21:39 - 2019-01-24 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-01-23 17:51 - 2019-01-24 21:38 - 000000000 ____D C:\Program Files\VideoLAN
2019-01-22 18:21 - 2019-01-22 18:21 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\360CloudEnterprise
2019-01-22 18:16 - 2019-01-22 18:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Unlocker
2019-01-22 18:16 - 2019-01-22 18:16 - 000000000 ____D C:\Program Files\IObit
2019-01-21 20:27 - 2019-01-22 17:34 - 000262522 _____ C:\Windows\ntbtlog.txt
2019-01-21 10:23 - 2019-02-03 17:29 - 000000000 ____D C:\FRST
2019-01-20 20:18 - 2018-12-12 17:33 - 000323288 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-16 18:19 - 2019-01-16 18:19 - 000001990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-16 18:19 - 2019-01-16 18:19 - 000001978 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-03 17:28 - 2018-09-30 18:38 - 000000000 ____D C:\Users\Ivo Brož\AppData\Local\AVAST Software
2019-02-03 17:12 - 2016-11-05 09:02 - 000000896 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-02-03 17:08 - 2016-11-17 10:32 - 000000000 ____D C:\Users\Ivo Brož\AppData\LocalLow\Mozilla
2019-02-03 17:07 - 2008-04-17 13:36 - 000644548 _____ C:\Windows\system32\perfh005.dat
2019-02-03 17:07 - 2008-04-17 13:36 - 000137186 _____ C:\Windows\system32\perfc005.dat
2019-02-03 17:07 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\inf
2019-02-03 17:07 - 2006-11-02 11:33 - 001530430 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-03 17:03 - 2016-10-30 10:53 - 000000000 ____D C:\Users\Ivo Brož\.rainlendar2
2019-02-03 17:01 - 2016-11-05 09:02 - 000000892 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-02-03 17:00 - 2006-11-02 14:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-03 17:00 - 2006-11-02 13:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-03 17:00 - 2006-11-02 13:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-03 16:59 - 2015-12-03 15:08 - 000005332 _____ C:\Windows\bthservsdp.dat
2019-02-03 16:59 - 2006-11-02 14:01 - 000032550 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-02-03 16:47 - 2015-12-09 17:18 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\uTorrent
2019-02-03 16:00 - 2016-01-29 10:50 - 000000000 ____D C:\Program Files\PotPlayer
2019-02-03 14:12 - 2015-12-09 15:43 - 000000000 ____D C:\Program Files\Dropbox
2019-02-03 09:58 - 2018-12-16 19:59 - 000000000 ____D C:\Program Files\RQMONEY
2019-02-03 07:50 - 2015-12-03 10:46 - 000000000 ____D C:\Users\Ivo Brož
2019-01-31 15:15 - 2016-07-30 11:32 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\Audacity
2019-01-25 22:41 - 2016-01-25 11:37 - 000000000 ____D C:\Program Files\CCleaner
2019-01-25 22:25 - 2016-01-29 10:55 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\PotPlayerMini
2019-01-22 18:22 - 2018-03-25 07:42 - 000000000 ____D C:\Program Files\360
2019-01-22 18:16 - 2018-03-23 14:52 - 000000000 ____D C:\ProgramData\IObit
2019-01-22 09:58 - 2016-09-24 10:07 - 000000000 ____D C:\Users\Public\Documents\Winstep
2019-01-21 19:32 - 2016-02-13 21:46 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-01-21 19:07 - 2006-11-02 12:18 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-01-21 15:10 - 2018-03-23 14:54 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\IObit
2019-01-21 15:10 - 2018-03-23 14:54 - 000000000 ____D C:\Users\Ivo Brož\AppData\LocalLow\IObit
2019-01-21 15:10 - 2018-03-23 14:54 - 000000000 ____D C:\Program Files\Common Files\IObit
2019-01-21 15:09 - 2016-12-11 12:10 - 000000000 ____D C:\AdwCleaner
2019-01-19 11:07 - 2017-11-21 07:16 - 000135200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-16 18:19 - 2015-12-16 03:08 - 000000000 ____D C:\Program Files\Google
2019-01-14 13:37 - 2016-08-19 13:38 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\Acrylic Wi-Fi Professional
2019-01-14 13:33 - 2016-07-25 12:50 - 000000218 _____ C:\Users\Ivo Brož\advanced_ip_scanner_MAC.bin
2019-01-09 08:24 - 2015-12-07 20:47 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2019-01-09 08:24 - 2015-12-07 20:47 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-01-09 08:24 - 2015-12-07 20:47 - 000000000 ____D C:\Windows\system32\Macromed
==================== Files in the root of some directories =======
2015-12-10 22:50 - 2018-04-07 20:41 - 000000132 _____ () C:\Users\Ivo Brož\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-12-10 19:20 - 2015-12-10 19:20 - 000023888 _____ () C:\Users\Ivo Brož\AppData\Roaming\UserTile.png
2017-08-30 15:17 - 2017-11-27 01:25 - 000001480 _____ () C:\Users\Ivo Brož\AppData\Local\Adobe Uložit pro web 12.0 Prefs
2015-12-03 10:46 - 2016-12-11 16:08 - 000007916 _____ () C:\Users\Ivo Brož\AppData\Local\d3d9caps.dat
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2019-02-03 17:07
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-01-2019
Ran by Ivo Brož (03-02-2019 17:30:57)
Running from C:\Users\Ivo Brož\Desktop
Microsoft® Windows Vista™ Business Service Pack 2 (X86) (2015-12-03 17:38:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-698314851-3235763532-1396065412-500 - Administrator - Disabled)
Guest (S-1-5-21-698314851-3235763532-1396065412-501 - Limited - Enabled)
Ivo Brož (S-1-5-21-698314851-3235763532-1396065412-1000 - Administrator - Enabled) => C:\Users\Ivo Brož
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.12 (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
7-Zip 16.04 (HKLM\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
AC3Filter 2.0a (HKLM\...\AC3Filter_is1) (Version: 2.0a - Alexander Vigovsky)
Acrylic Wi-Fi Home v3.1 (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\{3706FB7A-11FB-44C4-AD94-2B29878D75DC}_is1) (Version: 3.1 - Tarlogic Security S.L.)
Acrylic Wi-Fi Professional v3.0 (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\{FBD2EDDA-2B1B-49A2-9147-99CBCC5F10E5}_is1) (Version: 3.0 - Tarlogic Security S.L.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Advanced IP Scanner 2.4 (HKLM\...\{C3CF783A-5457-4989-966F-7BE08812FB71}) (Version: 2.4.2601 - Famatech)
AIMP3 (HKLM\...\AIMP3) (Version: v3.60.1502, 20.09.2015 - AIMP DevTeam)
Aktualizace NVIDIA 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
ATK Hotkey (HKLM\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0050 - ASUS)
Atomic Alarm Clock 6.20 (HKLM\...\Atomic Alarm Clock_is1) (Version: - Drive Software Company)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avidemux 2.6 - 32 bits (32-bit) (HKLM\...\Avidemux 2.6 - 32 bits) (Version: 2.6.14.160917 - )
Canon CanoScan Toolbox 5.0 (HKLM\...\CanoScan Toolbox 5.0) (Version: - )
CanoScan LiDE 70 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2411) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
Dropbox (HKLM\...\Dropbox) (Version: 48.4.58 - Dropbox, Inc.)
Dropbox Update Helper (HKLM\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
eCookBook 4.5.2 (HKLM\...\{AA09EB40-138D-4331-B39D-D79CBA6A994C}_is1) (Version: 4.5.2 - Eugen Lety)
FastStone Image Viewer 5.3 (HKLM\...\FastStone Image Viewer) (Version: 5.3 - FastStone Soft)
GeoGebra 5 (HKLM\...\GeoGebra 5) (Version: 5.0.230.0 - International GeoGebra Institute)
Google Drive (HKLM\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP LaserJet 1020 Series (HKLM\...\HP LaserJet 1020 Series) (Version: - )
IObit Unlocker (HKLM\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
Java 8 Update 111 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java DB 10.6.2.1 (HKLM\...\{73EC658D-A1C6-40CA-8E86-E05821BAACE7}) (Version: 10.6.2.1 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
K-Lite Codec Pack 11.5.0 Full (HKLM\...\KLiteCodecPack_is1) (Version: 11.5.0 - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
LAV Filters 0.67 (HKLM\...\lavfilters_is1) (Version: 0.67 - Hendrik Leppkes)
MediaInfo 0.7.89 (HKLM\...\MediaInfo) (Version: 0.7.89 - MediaArea.net)
MEGAsync (HKLM\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MKVToolNix 9.9.0 (32bit) (HKLM\...\MKVToolNix) (Version: 9.9.0 - Moritz Bunkus)
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 52.9.0 ESR (x86 cs) (HKLM\...\Mozilla Firefox 52.9.0 ESR (x86 cs)) (Version: 52.9.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.9.1.6764 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 cs) (HKLM\...\Mozilla Thunderbird 52.9.1 (x86 cs)) (Version: 52.9.1 - Mozilla)
Nexus 16.9 (HKLM\...\Winstep Xtreme_is1) (Version: - )
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.90 - NVIDIA Corporation)
Ovládací panel NVIDIA 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 310.90 - NVIDIA Corporation) Hidden
PDF Settings CS5 (HKLM\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PotPlayer (HKLM\...\PotPlayer) (Version: 1.7.16291 - Kakao Corp.)
PowerISO (HKLM\...\PowerISO) (Version: 6.4 - Power Software Ltd)
Rainlendar2 (remove only) (HKLM\...\Rainlendar2) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5821 - Realtek Semiconductor Corp.)
Recepty doma (HKLM\...\Recepty doma_is1) (Version: - Martin Roubec)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.57.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.57.01 - RICOH)
Samsung Kies (HKLM\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung PC Studio 3 (HKLM\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.1.71009 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (HKLM\...\{C79A37F3-C076-48BE-B290-F4C8676ABD74}) (Version: 3.0.0.71009 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Subtitle Edit 3.4.9 (HKLM\...\SubtitleEdit_is1) (Version: 3.4.9.0 - Nikse)
SugarSync Manager (HKLM\...\SugarSync) (Version: 1.9.80.99361 - SugarSync, Inc.)
USB Multi-Channel Audio Device (HKLM\...\{71B53BA8-4BE3-49AF-BC3E-07F392006206}) (Version: 1.00.0005 - C-Media Electronics, Inc.)
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
XCell Compiler 2.3.6 (HKLM\...\XCell Compiler) (Version: 2.3.6 - DoneEx)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-01-22] (AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2014-03-04] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software)
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-01-22] (AIMP DevTeam)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google)
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2014-03-04] (IObit)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2012-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2014-03-04] (IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {006A8993-78AC-45C6-9CDB-8EEC94B7CAEC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {1A98C338-38C7-4C81-9BC8-74DD98BEC0C1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {292902AB-606E-46EE-98FF-F59D7A329613} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {3574DA2E-9638-42B0-B302-E0FC44BD852B} - System32\Tasks\AdobeAAMUpdater-1.0-broz-nb-Ivo Brož => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-12-10] (Adobe Systems Incorporated)
Task: {415851D0-1958-40B9-B343-5BBF36E7E21C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)
Task: {4BF4CD01-8E02-4F68-94FE-2F8CDF2C2D94} - System32\Tasks\WindosUpda2ta => C:\Users\IVOBRO~1\AppData\Local\Temp\dlll.vbs <==== ATTENTION
Task: {4C080FE2-4B8C-4A73-B327-F65FFC21AD39} - System32\Tasks\Uninstaller_SkipUac_Ivo_Brož => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {67C1C463-2F04-46C1-85E6-C7DC7E7EF286} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {709F5BE2-8B43-4614-BCF3-A4438986850B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {795D4BC5-7A8B-4934-98ED-B16F84024809} - System32\Tasks\{D7CCBCF0-1302-44F0-B603-F769D2211119} => C:\Windows\system32\pcalua.exe -a C:\Frd\frd.exe -d C:\Frd\
Task: {8A4AEB9C-4A3D-414C-B18A-47DC38104B57} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {92751818-17C1-4488-817A-09FABD01B171} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-01-10] (Piriform Ltd)
Task: {AC02B278-B04B-4103-A10F-E7101DF84781} - System32\Tasks\{AE6CA972-194E-4679-851A-1F860BB1B7C0} => C:\Windows\system32\pcalua.exe -a "C:\Users\Ivo Brož\Disk Mega\Media\FreeRapid-0.9u4\frd.exe" -d "C:\Users\Ivo Brož\Disk Mega\Media\FreeRapid-0.9u4"
Task: {AFE10FAC-B0EF-48BA-BE00-570D27EAED91} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-18] (AVAST Software)
Task: {BE5A01FD-811C-4A69-8B94-406CF3E511C2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-12-12] (AVAST Software)
Task: {DBF56899-01E2-43F2-80C6-88C327E243AF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Ivo Brož\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
Shortcut: C:\Users\Ivo Brož\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
==================== Loaded Modules (Whitelisted) ==============
2016-03-22 13:33 - 2013-06-07 02:06 - 001147392 _____ () C:\Program Files\Atomic Alarm Clock\Clock.dll
2008-08-13 20:59 - 2008-08-13 20:59 - 000100920 _____ () C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
2018-12-12 17:33 - 2018-12-12 17:33 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2019-02-03 17:04 - 2019-02-03 17:04 - 005772944 _____ () C:\Program Files\AVAST Software\Avast\defs\19020302\algo.dll
2016-01-31 09:53 - 2012-09-18 15:26 - 000169472 _____ () C:\Windows\System32\zlhp1020.dll
2016-01-31 09:54 - 2012-09-18 15:26 - 000059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2016-03-22 13:33 - 2013-04-24 18:20 - 002007040 _____ () C:\Program Files\Atomic Alarm Clock\timeserv.exe
2016-02-20 07:59 - 2016-02-17 08:02 - 000020352 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll
2015-12-28 12:06 - 2003-10-23 04:17 - 000069120 _____ () C:\Users\Ivo Brož\Disk Mega\Správce\Timery\AlphaClock\aclock.exe
2015-11-13 12:57 - 2015-11-13 12:57 - 002739240 _____ () C:\Program Files\Rainlendar2\Rainlendar2.exe
2015-08-14 07:31 - 2015-08-14 07:31 - 000252928 _____ () C:\Program Files\Rainlendar2\libical.dll
2015-08-14 07:31 - 2015-08-14 07:31 - 000051200 _____ () C:\Program Files\Rainlendar2\libicalss.dll
2014-05-04 11:48 - 2014-05-04 11:48 - 000197632 _____ () C:\Program Files\Rainlendar2\lua52.dll
2015-11-13 12:57 - 2015-11-13 12:57 - 000068136 _____ () C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
2015-11-13 12:58 - 2015-11-13 12:58 - 000235560 _____ () C:\Program Files\Rainlendar2\plugins\GoogleCalendarPlugin.dll
2014-05-04 11:49 - 2014-05-04 11:49 - 000027648 _____ () C:\Program Files\Rainlendar2\lfs.dll
2017-11-12 16:23 - 2012-06-08 20:40 - 001086176 _____ () C:\Program Files\Winstep\wodTelnetDLX.dll
2017-11-21 07:15 - 2017-11-21 07:15 - 048936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2019-02-03 17:03 - 000000876 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Samsung\Samsung PC Studio 3\
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.150.237 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Corporation)
FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe (Microsoft Corporation)
FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe (Microsoft Corporation)
FirewallRules: [{08DD6062-1E2E-451B-B20A-60F7C9FFDBA9}] => (Allow) LPort=80
FirewallRules: [{B273ED47-F80D-406A-8F16-347EC8EC5446}] => (Allow) LPort=80
FirewallRules: [{4FB3F07B-0DCA-4802-87AC-EDA5D601DFA3}] => (Allow) LPort=80
FirewallRules: [TCP Query User{DD36DB1F-250E-41A5-A85B-EF47F7ACC859}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [UDP Query User{DA72B481-3B69-48D1-9F28-0424C9153B59}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [TCP Query User{583183BD-09D8-4E27-8881-A8EA81ACAF36}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [UDP Query User{2B79F693-9213-46F9-AE06-9FFCDA0323BD}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [{DE774DC2-BD32-4AC5-8DEA-92A29216FF8C}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
FirewallRules: [{CE2F8922-23C5-476B-B1CD-98AFB31BC2F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
FirewallRules: [{DEEC08F7-A0B9-43A2-BB48-092997BAD930}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
FirewallRules: [TCP Query User{0E27ED6F-61DB-4900-9BAA-A27CCED0D5B9}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{62B1331D-7951-4A39-801E-53C7D203B7A8}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc.)
FirewallRules: [{03CC05EC-281A-4BEB-88D0-B21E4B0754E6}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe (Tarlogic Security S.L.)
FirewallRules: [{1F1A5A56-AA1F-47B4-8733-3B57654860F6}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe (Tarlogic Security S.L.)
FirewallRules: [{1E0AA980-0B4B-46F1-BB8F-AE80D9CD5E40}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{57622297-F076-4654-8D29-F77D549215D2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [TCP Query User{62F07C6D-43D9-4BB6-B3AE-3006F15FF0F0}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{64C4E2B3-6157-4F8D-9490-71ABD433DB24}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc.)
FirewallRules: [TCP Query User{08E96C80-D5CC-4816-AB74-2F79918D1346}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle Corporation)
FirewallRules: [UDP Query User{FD23FA26-F72A-44A4-8CDA-A29EE1F0CCA0}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle Corporation)
FirewallRules: [TCP Query User{AEEEBF1B-B63B-419F-82DC-82FA54D36845}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle Corporation)
FirewallRules: [UDP Query User{D7140E4C-C781-4BC7-B9E7-ED7D0F23DBDA}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle Corporation)
FirewallRules: [{02EFEA7A-004D-4AC5-A87B-428406B2271E}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
FirewallRules: [{79CA22F6-0B16-44C3-8777-D41D83E9A2EF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{F6987523-D159-487E-801C-64C072D57CF4}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{39789F12-1381-4CBC-8D61-FD0B6AEF7043}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{A2581BC8-DD79-423B-816E-303087E30B50}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{40C642FD-2269-405E-89A2-33792ADD9A68}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/03/2019 05:01:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/03/2019 04:05:10 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\IVO BROŽ\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\FORTITUDE.LNK> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (02/03/2019 04:05:10 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\IVO BROŽ\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\FORTITUDE.LNK> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (02/03/2019 03:24:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/03/2019 08:23:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/03/2019 07:54:04 AM) (Source: ESENT) (EventID: 481) (User: )
Description: Windows (2976) Windows: Pokus o čtení ze souboru C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb s posunem 922167287808 (0x000000d6b5742000) o 8192 (0x00002000) bajtů se po 60 sekundách nezdařil. Došlo k systémové chybě 38 (0x00000026): Byl dosažen konec souboru. . Operace čtení se nezdaří a dojde k chybě -4001 (0xfffff05f). Pokud tyto potíže potrvají, je soubor pravděpodobně poškozen a bude nutné jej obnovit ze záložní kopie.
Error: (02/03/2019 07:51:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/25/2019 10:30:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.0.6002.18005 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID procesu: 7f4
Čas zahájení: 01d4b417f26aab5f
Čas ukončení: 29
System errors:
=============
Error: (02/03/2019 05:07:04 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY)
Description: Event-ID 1001
Error: (02/03/2019 05:01:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom
Error: (02/03/2019 05:00:57 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT AUTHORITY)
Description: Event-ID 412
Error: (02/03/2019 04:59:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Licencování softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (02/03/2019 04:59:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Network Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/03/2019 04:59:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Winstep Xtreme Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/03/2019 04:59:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (02/03/2019 04:59:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SAMSUNG Mobile Connectivity Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2017-11-26 20:16:33.748
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:33.551
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:33.353
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:33.123
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:32.732
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.1.7601.17514_none_7194784c1e85df7d\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:32.536
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.1.7601.17514_none_7194784c1e85df7d\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:32.336
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.1.7601.17514_none_7194784c1e85df7d\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:32.103
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.1.7601.17514_none_7194784c1e85df7d\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
Percentage of memory in use: 54%
Total physical RAM: 3070.16 MB
Available physical RAM: 1389.09 MB
Total Virtual: 6365.34 MB
Available Virtual: 4777.25 MB
==================== Drives ================================
Drive c: (VistaOS) (Fixed) (Total:298.09 GB) (Free:3.06 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (SSD) (Fixed) (Total:111.79 GB) (Free:5.64 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 92A1476C)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 03DA0763)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Dík, Ivo.
Re: Samovolné restarty NB
Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST, pricom zvolte Kodovanie na UTF-8 (skopirujte do poznamkoveho bloku -> Subor -> Ulozit ako -> Encoding/Kodovaniee: zvolte UTF-8 -> ulozit).
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Kód: Vybrat vše
CloseProcesses:
EmptyTemp:
C:\Program Files\IObit
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\MountPoints2: {1fd2caed-200b-11e9-b1d7-002243c6c20d} - D:\HiSuiteDownLoader.exe
FF Extension: (No Name) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-23]
S4 IObitUnlocker; C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys [30216 2014-03-04] (IObit)
2019-01-22 18:16 - 2019-01-22 18:16 - 000000000 ____D C:\Program Files\IObit
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
2019-01-21 19:07 - 2006-11-02 12:18 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-01-21 15:10 - 2018-03-23 14:54 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\IObit
2019-01-21 15:10 - 2018-03-23 14:54 - 000000000 ____D C:\Users\Ivo Brož\AppData\LocalLow\IObit
2019-01-21 15:10 - 2018-03-23 14:54 - 000000000 ____D C:\Program Files\Common Files\IObit
Task: {4BF4CD01-8E02-4F68-94FE-2F8CDF2C2D94} - System32\Tasks\WindosUpda2ta => C:\Users\IVOBRO~1\AppData\Local\Temp\dlll.vbs <==== ATTENTION
Task: {4C080FE2-4B8C-4A73-B327-F65FFC21AD39} - System32\Tasks\Uninstaller_SkipUac_Ivo_Brož => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {795D4BC5-7A8B-4934-98ED-B16F84024809} - System32\Tasks\{D7CCBCF0-1302-44F0-B603-F769D2211119} => C:\Windows\system32\pcalua.exe -a C:\Frd\frd.exe -d C:\Frd\
Task: {AC02B278-B04B-4103-A10F-E7101DF84781} - System32\Tasks\{AE6CA972-194E-4679-851A-1F860BB1B7C0} => C:\Windows\system32\pcalua.exe -a "C:\Users\Ivo Brož\Disk Mega\Media\FreeRapid-0.9u4\frd.exe" -d "C:\Users\Ivo Brož\Disk Mega\Media\FreeRapid-0.9u4"
Shortcut: C:\Users\Ivo Brož\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
Shortcut: C:\Users\Ivo Brož\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
-
Ivošisko
- Návštěvník
- Příspěvky: 393
- Registrován: 04 říj 2006 11:26
- Bydliště: Ostrava/Jeseníky
- Kontaktovat uživatele:
Re: Samovolné restarty NB
Fix result of Farbar Recovery Scan Tool (x86) Version: 4-02-2019
Ran by Ivo Brož (04-02-2019 20:07:30) Run:4
Running from C:\Users\Ivo Brož\Desktop
Loaded Profiles: Ivo Brož (Available Profiles: Ivo Brož)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
EmptyTemp:
C:\Program Files\IObit
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\MountPoints2: {1fd2caed-200b-11e9-b1d7-002243c6c20d} - D:\HiSuiteDownLoader.exe
FF Extension: (No Name) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-23]
S4 IObitUnlocker; C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys [30216 2014-03-04] (IObit)
2019-01-22 18:16 - 2019-01-22 18:16 - 000000000 ____D C:\Program Files\IObit
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
2019-01-21 19:07 - 2006-11-02 12:18 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-01-21 15:10 - 2018-03-23 14:54 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\IObit
2019-01-21 15:10 - 2018-03-23 14:54 - 000000000 ____D C:\Users\Ivo Brož\AppData\LocalLow\IObit
2019-01-21 15:10 - 2018-03-23 14:54 - 000000000 ____D C:\Program Files\Common Files\IObit
Task: {4BF4CD01-8E02-4F68-94FE-2F8CDF2C2D94} - System32\Tasks\WindosUpda2ta => C:\Users\IVOBRO~1\AppData\Local\Temp\dlll.vbs <==== ATTENTION
Task: {4C080FE2-4B8C-4A73-B327-F65FFC21AD39} - System32\Tasks\Uninstaller_SkipUac_Ivo_Brož => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {795D4BC5-7A8B-4934-98ED-B16F84024809} - System32\Tasks\{D7CCBCF0-1302-44F0-B603-F769D2211119} => C:\Windows\system32\pcalua.exe -a C:\Frd\frd.exe -d C:\Frd\
Task: {AC02B278-B04B-4103-A10F-E7101DF84781} - System32\Tasks\{AE6CA972-194E-4679-851A-1F860BB1B7C0} => C:\Windows\system32\pcalua.exe -a "C:\Users\Ivo Brož\Disk Mega\Media\FreeRapid-0.9u4\frd.exe" -d "C:\Users\Ivo Brož\Disk Mega\Media\FreeRapid-0.9u4"
Shortcut: C:\Users\Ivo Brož\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
Shortcut: C:\Users\Ivo Brož\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
*****************
Processes closed successfully.
C:\Program Files\IObit => moved successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1fd2caed-200b-11e9-b1d7-002243c6c20d} => removed successfully.
HKLM\Software\Classes\CLSID\{1fd2caed-200b-11e9-b1d7-002243c6c20d} => not found
C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi => moved successfully
HKLM\System\CurrentControlSet\Services\IObitUnlocker => removed successfully.
IObitUnlocker => service removed successfully.
"C:\Program Files\IObit" => not found
HKLM\System\CurrentControlSet\Services\dbx => removed successfully.
dbx => service removed successfully.
HKLM\System\CurrentControlSet\Services\IpInIp => removed successfully.
IpInIp => service removed successfully.
HKLM\System\CurrentControlSet\Services\NwlnkFlt => removed successfully.
NwlnkFlt => service removed successfully.
HKLM\System\CurrentControlSet\Services\NwlnkFwd => removed successfully.
NwlnkFwd => service removed successfully.
C:\Windows\system32\GroupPolicy => moved successfully
C:\Users\Ivo Brož\AppData\Roaming\IObit => moved successfully
C:\Users\Ivo Brož\AppData\LocalLow\IObit => moved successfully
C:\Program Files\Common Files\IObit => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4BF4CD01-8E02-4F68-94FE-2F8CDF2C2D94}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BF4CD01-8E02-4F68-94FE-2F8CDF2C2D94}" => removed successfully.
C:\Windows\System32\Tasks\WindosUpda2ta => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindosUpda2ta" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C080FE2-4B8C-4A73-B327-F65FFC21AD39}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C080FE2-4B8C-4A73-B327-F65FFC21AD39}" => removed successfully.
C:\Windows\System32\Tasks\Uninstaller_SkipUac_Ivo_Brož => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_Ivo_Brož" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{795D4BC5-7A8B-4934-98ED-B16F84024809}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{795D4BC5-7A8B-4934-98ED-B16F84024809}" => removed successfully.
C:\Windows\System32\Tasks\{D7CCBCF0-1302-44F0-B603-F769D2211119} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D7CCBCF0-1302-44F0-B603-F769D2211119}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC02B278-B04B-4103-A10F-E7101DF84781}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC02B278-B04B-4103-A10F-E7101DF84781}" => removed successfully.
C:\Windows\System32\Tasks\{AE6CA972-194E-4679-851A-1F860BB1B7C0} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AE6CA972-194E-4679-851A-1F860BB1B7C0}" => removed successfully.
C:\Users\Ivo Brož\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk => moved successfully
C:\Users\Ivo Brož\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 20050788 B
Java, Flash, Steam htmlcache => 1359 B
Windows/system/drivers => 682813 B
Edge => 0 B
Chrome => 0 B
Firefox => 43603050 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 692 B
LocalService => 0 B
NetworkService => 0 B
Ivo Brož => 64139967 B
RecycleBin => 259814 B
EmptyTemp: => 130.8 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:09:03 ====
Ran by Ivo Brož (04-02-2019 20:07:30) Run:4
Running from C:\Users\Ivo Brož\Desktop
Loaded Profiles: Ivo Brož (Available Profiles: Ivo Brož)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
EmptyTemp:
C:\Program Files\IObit
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\MountPoints2: {1fd2caed-200b-11e9-b1d7-002243c6c20d} - D:\HiSuiteDownLoader.exe
FF Extension: (No Name) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-23]
S4 IObitUnlocker; C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys [30216 2014-03-04] (IObit)
2019-01-22 18:16 - 2019-01-22 18:16 - 000000000 ____D C:\Program Files\IObit
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
2019-01-21 19:07 - 2006-11-02 12:18 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-01-21 15:10 - 2018-03-23 14:54 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\IObit
2019-01-21 15:10 - 2018-03-23 14:54 - 000000000 ____D C:\Users\Ivo Brož\AppData\LocalLow\IObit
2019-01-21 15:10 - 2018-03-23 14:54 - 000000000 ____D C:\Program Files\Common Files\IObit
Task: {4BF4CD01-8E02-4F68-94FE-2F8CDF2C2D94} - System32\Tasks\WindosUpda2ta => C:\Users\IVOBRO~1\AppData\Local\Temp\dlll.vbs <==== ATTENTION
Task: {4C080FE2-4B8C-4A73-B327-F65FFC21AD39} - System32\Tasks\Uninstaller_SkipUac_Ivo_Brož => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {795D4BC5-7A8B-4934-98ED-B16F84024809} - System32\Tasks\{D7CCBCF0-1302-44F0-B603-F769D2211119} => C:\Windows\system32\pcalua.exe -a C:\Frd\frd.exe -d C:\Frd\
Task: {AC02B278-B04B-4103-A10F-E7101DF84781} - System32\Tasks\{AE6CA972-194E-4679-851A-1F860BB1B7C0} => C:\Windows\system32\pcalua.exe -a "C:\Users\Ivo Brož\Disk Mega\Media\FreeRapid-0.9u4\frd.exe" -d "C:\Users\Ivo Brož\Disk Mega\Media\FreeRapid-0.9u4"
Shortcut: C:\Users\Ivo Brož\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
Shortcut: C:\Users\Ivo Brož\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
*****************
Processes closed successfully.
C:\Program Files\IObit => moved successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1fd2caed-200b-11e9-b1d7-002243c6c20d} => removed successfully.
HKLM\Software\Classes\CLSID\{1fd2caed-200b-11e9-b1d7-002243c6c20d} => not found
C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi => moved successfully
HKLM\System\CurrentControlSet\Services\IObitUnlocker => removed successfully.
IObitUnlocker => service removed successfully.
"C:\Program Files\IObit" => not found
HKLM\System\CurrentControlSet\Services\dbx => removed successfully.
dbx => service removed successfully.
HKLM\System\CurrentControlSet\Services\IpInIp => removed successfully.
IpInIp => service removed successfully.
HKLM\System\CurrentControlSet\Services\NwlnkFlt => removed successfully.
NwlnkFlt => service removed successfully.
HKLM\System\CurrentControlSet\Services\NwlnkFwd => removed successfully.
NwlnkFwd => service removed successfully.
C:\Windows\system32\GroupPolicy => moved successfully
C:\Users\Ivo Brož\AppData\Roaming\IObit => moved successfully
C:\Users\Ivo Brož\AppData\LocalLow\IObit => moved successfully
C:\Program Files\Common Files\IObit => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4BF4CD01-8E02-4F68-94FE-2F8CDF2C2D94}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BF4CD01-8E02-4F68-94FE-2F8CDF2C2D94}" => removed successfully.
C:\Windows\System32\Tasks\WindosUpda2ta => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindosUpda2ta" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C080FE2-4B8C-4A73-B327-F65FFC21AD39}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C080FE2-4B8C-4A73-B327-F65FFC21AD39}" => removed successfully.
C:\Windows\System32\Tasks\Uninstaller_SkipUac_Ivo_Brož => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_Ivo_Brož" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{795D4BC5-7A8B-4934-98ED-B16F84024809}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{795D4BC5-7A8B-4934-98ED-B16F84024809}" => removed successfully.
C:\Windows\System32\Tasks\{D7CCBCF0-1302-44F0-B603-F769D2211119} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D7CCBCF0-1302-44F0-B603-F769D2211119}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC02B278-B04B-4103-A10F-E7101DF84781}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC02B278-B04B-4103-A10F-E7101DF84781}" => removed successfully.
C:\Windows\System32\Tasks\{AE6CA972-194E-4679-851A-1F860BB1B7C0} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AE6CA972-194E-4679-851A-1F860BB1B7C0}" => removed successfully.
C:\Users\Ivo Brož\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk => moved successfully
C:\Users\Ivo Brož\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 20050788 B
Java, Flash, Steam htmlcache => 1359 B
Windows/system/drivers => 682813 B
Edge => 0 B
Chrome => 0 B
Firefox => 43603050 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 692 B
LocalService => 0 B
NetworkService => 0 B
Ivo Brož => 64139967 B
RecycleBin => 259814 B
EmptyTemp: => 130.8 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:09:03 ====
Dík, Ivo.
Re: Samovolné restarty NB
Ako je na tom pocitac?
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
-
Ivošisko
- Návštěvník
- Příspěvky: 393
- Registrován: 04 říj 2006 11:26
- Bydliště: Ostrava/Jeseníky
- Kontaktovat uživatele:
Re: Samovolné restarty NB
Zatím se tváří normálně, ale na základě dřívějších zkušeností bych ho rád ještě odzkoušel 
Dík, Ivo.
-
Ivošisko
- Návštěvník
- Příspěvky: 393
- Registrován: 04 říj 2006 11:26
- Bydliště: Ostrava/Jeseníky
- Kontaktovat uživatele:
Re: Samovolné restarty NB
Tak bohužel, po probuzení nastala modrá smrt atd.
Doplněno o pár hodin později:
nový poznatek - po poléčení mi po hodině nečinnosti notebook "chodil spát" (před léčbou nebylo nastaveno) a po každém probuzení následovala "modrá smrt"
Doplněno o pár hodin později:
nový poznatek - po poléčení mi po hodině nečinnosti notebook "chodil spát" (před léčbou nebylo nastaveno) a po každém probuzení následovala "modrá smrt"
Naposledy upravil(a) Ivošisko dne 05 úno 2019 08:23, celkem upraveno 1 x.
Dík, Ivo.
Re: Samovolné restarty NB
Urobte v nasledujucom navode OPTION ONE
https://www.tenforums.com/tutorials/690 ... -10-a.html
https://www.tenforums.com/tutorials/690 ... -10-a.html
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
-
Ivošisko
- Návštěvník
- Příspěvky: 393
- Registrován: 04 říj 2006 11:26
- Bydliště: Ostrava/Jeseníky
- Kontaktovat uživatele:
Re: Samovolné restarty NB
Problém je, že já nevím zda má být checkbox zaškrtlý či nikoliv. Nyní tam zatržítko je.
Dík, Ivo.
Re: Samovolné restarty NB
Odskrtnite ho tak, aby tam nebolo.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
-
Ivošisko
- Návštěvník
- Příspěvky: 393
- Registrován: 04 říj 2006 11:26
- Bydliště: Ostrava/Jeseníky
- Kontaktovat uživatele:
Re: Samovolné restarty NB
Něco není dobře, notebook má dlouhé odezvy (mezi stiskem klávesy a provedením úkonu jsou někdy až několikasekundové prodlevy). Prostě mám pocit, jakoby seděla nějaká žába na prameni a dusila tok..... Dovolil jsem si proto ještě jednou přiložit logy z FRSTu.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 4-02-2019
Ran by Ivo Brož (administrator) on BROZ-NB (05-02-2019 18:33:46)
Running from C:\Users\Ivo Brož\Desktop
Loaded Profiles: Ivo Brož (Available Profiles: Ivo Brož)
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\WDC.exe
() C:\Program Files\Atomic Alarm Clock\timeserv.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Winstep Software Technologies) C:\Program Files\Winstep\WsxService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\Users\Ivo Brož\Disk Mega\Správce\Timery\AlphaClock\aclock.exe
(Drive Software Company) C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(Winstep Software Technologies) C:\Program Files\Winstep\Nexus.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7289376 2015-12-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [98304 2009-04-01] (ASUS)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2015-12-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [Cm106Sound] => RunDll32 cm106.cpl,CMICtrlWnd
HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960248 2015-10-26] (Shenzhen Wondershare Information Technology Co., Ltd. -> )
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [3642688 2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [Alpha Clock] => C:\Users\Ivo Brož\Disk Mega\Správce\Timery\AlphaClock\aclock.exe [69120 2003-10-23] ()
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [AtomicAlarmClock6] => C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe [3621376 2016-03-22] (Drive Software Company)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1021736 2016-01-08] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [2739240 2015-11-13] (Rainy -> )
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [NeXuS-Ultimate] => C:\Program Files\Winstep\Nexus.exe [14688896 2016-10-06] (Winstep Software Technologies)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\MountPoints2: {1fd2caed-200b-11e9-b1d7-002243c6c20d} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2006-11-02] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\system32\ac3filter.acm [1075200 2012-04-09] ()
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2019-01-16] (Google Inc -> Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\USB Multi-Channel Audio Device – zástupce.lnk [2016-01-20]
ShortcutTarget: USB Multi-Channel Audio Device – zástupce.lnk -> (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.150.237 192.168.1.1
Tcpip\..\Interfaces\{8F985A02-AFC7-4F31-9AEB-B906A326FEEF}: [DhcpNameServer] 192.168.150.237 192.168.1.1
Tcpip\..\Interfaces\{E4F7D5EC-A14C-4D43-80CC-AD22C07F8A51}: [DhcpNameServer] 10.111.0.1 10.114.1.1 91.221.212.198
Internet Explorer:
==================
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131230232319602000&GUID=8055860F-EFF5-4C63-9C53-171B90716F95
SearchScopes: HKU\S-1-5-21-698314851-3235763532-1396065412-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-11] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-11] (Oracle America, Inc. -> Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-00111-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: rxbgig8q.default
FF ProfilePath: C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default [2019-02-05]
FF Homepage: Mozilla\Firefox\Profiles\rxbgig8q.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\rxbgig8q.default -> is enabled.
FF Extension: (FaviconizeTab) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\faviconizetab@espion.just-size.jp.xpi [2016-11-17] [Legacy]
FF Extension: (To Google Translate) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2018-07-15]
FF Extension: (Avast Passwords) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2019-01-11]
FF Extension: (WebToPDF) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\manish.p05@gmail.com.xpi [2017-08-12] [Legacy]
FF Extension: (Print Edit) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\printedit@DW-dev.xpi [2018-03-23] [Legacy]
FF Extension: (Save as PDF) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2017-11-11]
FF Extension: (Google Translator for Firefox) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\translator@zoli.bod.xpi [2018-03-25] [Legacy]
FF Extension: (Avast Online Security) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\wrc@avast.com.xpi [2019-01-29]
FF Extension: (FxIF) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi [2016-08-06] [Legacy]
FF Extension: (FireTray) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{9533f794-00b4-4354-aa15-c2bbda6989f8} [2016-08-06] [Legacy]
FF Extension: (Tab Mix Plus) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-09-01] [Legacy]
FF Extension: (Web2PDF converter) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{e8f509f0-b677-11de-8a39-0800200c9a66}.xpi [2016-08-06] [Legacy]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-12-07] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Windows\system32\npdeployJava1.dll [2016-12-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-11] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default [2019-01-21]
CHR Extension: (Prezentace) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-16]
CHR Extension: (Dokumenty) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-16]
CHR Extension: (Disk Google) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-16]
CHR Extension: (YouTube) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-16]
CHR Extension: (Tabulky) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-16]
CHR Extension: (Gmail) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-16]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [100920 2008-08-13] (ASUSTeK Computer Inc. -> )
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6799632 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R2 AtomicAlarmClock; C:\Program Files\Atomic Alarm Clock\timeserv.exe [2007040 2013-04-24] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [43344 2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [931200 2016-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Windows -> Microsoft Corporation)
R2 Winstep Xtreme Service; C:\Program Files\Winstep\WsxService.exe [774656 2016-06-07] (Winstep Software Technologies) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [422968 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
S4 adpahci; C:\Windows\system32\drivers\adpahci.sys [300600 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
S4 adpu320; C:\Windows\system32\drivers\adpu320.sys [149560 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
S4 aic78xx; C:\Windows\system32\drivers\djsvs.sys [71272 2006-11-02] (Microsoft Windows -> Adaptec, Inc.)
S4 aliide; C:\Windows\system32\drivers\aliide.sys [17464 2008-01-21] (Microsoft Windows -> Acer Laboratories Inc.)
S4 arc; C:\Windows\system32\drivers\arc.sys [79416 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
S4 arcsas; C:\Windows\system32\drivers\arcsas.sys [79928 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167480 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188976 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165384 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284256 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57904 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [183176 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42736 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135200 2019-01-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr.sys [70640 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784560 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397992 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R3 aswStmXP; C:\Windows\System32\drivers\aswStmXP.sys [146584 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310200 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [1183744 2009-09-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 BrFiltLo; C:\Windows\system32\drivers\brfiltlo.sys [13568 2006-11-02] (Microsoft Windows -> Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\drivers\brfiltup.sys [5248 2006-11-02] (Microsoft Windows -> Brother Industries, Ltd.)
S4 Brserid; C:\Windows\system32\drivers\brserid.sys [71808 2006-11-02] (Microsoft Windows -> Brother Industries Ltd.)
S4 BrSerWdm; C:\Windows\system32\drivers\brserwdm.sys [62336 2006-11-02] (Microsoft Windows -> Brother Industries Ltd.)
S4 BrUsbMdm; C:\Windows\system32\drivers\brusbmdm.sys [12160 2006-11-02] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\system32\drivers\brusbser.sys [11904 2006-11-02] (Microsoft Windows -> Brother Industries Ltd.)
S4 cmdide; C:\Windows\system32\drivers\cmdide.sys [19000 2008-01-21] (Microsoft Windows -> CMD Technology, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [99296 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 E1G60; C:\Windows\System32\DRIVERS\E1G60I32.sys [118784 2008-01-21] (Microsoft Windows -> Intel Corporation)
S4 elxstor; C:\Windows\system32\drivers\elxstor.sys [342584 2008-01-21] (Microsoft Windows -> Emulex)
S4 HpCISSs; C:\Windows\system32\drivers\hpcisss.sys [40504 2008-01-21] (Microsoft Windows -> Hewlett-Packard Company)
S4 iaStorV; C:\Windows\system32\drivers\iastorv.sys [235064 2008-01-21] (Microsoft Windows -> Intel Corporation)
S4 iirsp; C:\Windows\system32\drivers\iirsp.sys [41576 2006-11-02] (Microsoft Windows -> Intel Corp./ICP vortex GmbH)
S4 iteatapi; C:\Windows\system32\drivers\iteatapi.sys [35944 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.)
S4 iteraid; C:\Windows\system32\drivers\iteraid.sys [35944 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.)
S4 LSI_FC; C:\Windows\system32\drivers\lsi_fc.sys [96312 2008-01-21] (Microsoft Windows -> LSI Logic)
S4 LSI_SAS; C:\Windows\system32\drivers\lsi_sas.sys [89656 2008-01-21] (Microsoft Windows -> LSI Logic)
S4 LSI_SCSI; C:\Windows\system32\drivers\lsi_scsi.sys [96312 2008-01-21] (Microsoft Windows -> LSI Logic)
S4 megasas; C:\Windows\system32\drivers\megasas.sys [31288 2008-01-21] (Microsoft Windows -> LSI Corporation)
S4 MegaSR; C:\Windows\system32\drivers\megasr.sys [386616 2008-01-21] (Microsoft Windows -> LSI Corporation, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (Microsoft Windows Hardware Compatibility Publisher -> ATK0100)
S4 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [45160 2006-11-02] (Microsoft Windows -> IBM Corporation)
S4 ntrigdigi; C:\Windows\system32\drivers\ntrigdigi.sys [20608 2006-11-02] (Microsoft Windows -> N-trig Innovative Technologies)
S4 nvraid; C:\Windows\system32\drivers\nvraid.sys [102968 2008-01-21] (Microsoft Windows -> NVIDIA Corporation)
S4 nvstor; C:\Windows\system32\drivers\nvstor.sys [45112 2008-01-21] (Microsoft Windows -> NVIDIA Corporation)
S4 ql2300; C:\Windows\system32\drivers\ql2300.sys [1122360 2008-01-21] (Microsoft Windows -> QLogic Corporation)
S4 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [106088 2006-11-02] (Microsoft Windows -> QLogic Corporation)
R2 rimmptsk; C:\Windows\System32\DRIVERS\rimmptsk.sys [48640 2008-09-10] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 rimsptsk; C:\Windows\System32\DRIVERS\rimsptsk.sys [43008 2008-04-21] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 rismxdp; C:\Windows\System32\DRIVERS\rixdptsk.sys [38400 2007-07-30] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114368 2015-10-08] (Power Software Limited -> Power Software Ltd)
S4 secdrv; C:\Windows\system32\Drivers\secdrv.sys [20480 2006-11-02] (Microsoft Windows -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S4 SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [74808 2008-01-21] (Microsoft Windows -> Silicon Integrated Systems)
S3 smserial; C:\Windows\System32\DRIVERS\smserial.sys [1010560 2006-11-02] (Microsoft Windows -> Motorola Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [191200 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [191200 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
S4 Symc8xx; C:\Windows\system32\drivers\symc8xx.sys [35944 2006-11-02] (Microsoft Windows -> LSI Logic)
S4 Sym_hi; C:\Windows\system32\drivers\sym_hi.sys [31848 2006-11-02] (Microsoft Windows -> LSI Logic)
S4 Sym_u3; C:\Windows\system32\drivers\sym_u3.sys [34920 2006-11-02] (Microsoft Windows -> LSI Logic)
S4 uliahci; C:\Windows\system32\drivers\uliahci.sys [238648 2008-01-21] (Microsoft Windows -> ULi Electronics Inc.)
S4 UlSata; C:\Windows\system32\drivers\ulsata.sys [98408 2006-11-02] (Microsoft Windows -> Promise Technology, Inc.)
S4 ulsata2; C:\Windows\system32\drivers\ulsata2.sys [115816 2008-01-21] (Microsoft Windows -> Promise Technology, Inc.)
S3 USBMULCD; C:\Windows\System32\drivers\CM106.sys [3105280 2012-10-04] (C-MEDIA ELECTRONICS INC. -> C-Media Electronics Inc)
S4 vsmraid; C:\Windows\system32\drivers\vsmraid.sys [130616 2008-01-21] (Microsoft Windows -> VIA Technologies Inc.,Ltd)
S3 yukonwlh; C:\Windows\System32\DRIVERS\yk60x86.sys [194048 2006-11-02] (Microsoft Windows -> Marvell)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-05 18:33 - 2019-02-05 18:34 - 000024887 _____ C:\Users\Ivo Brož\Desktop\FRST.txt
2019-02-03 16:45 - 2019-02-03 16:46 - 007316688 _____ (Malwarebytes) C:\Users\Ivo Brož\Desktop\adwcleaner_7.2.7.0.exe
2019-02-03 16:10 - 2019-02-04 20:07 - 001790976 _____ (Farbar) C:\Users\Ivo Brož\Desktop\FRST.exe
2019-02-03 16:00 - 2019-02-03 16:00 - 000000863 _____ C:\Users\Public\Desktop\PotPlayer.lnk
2019-02-03 07:50 - 2019-02-03 07:50 - 000149784 _____ C:\Windows\Minidump\Mini020319-01.dmp
2019-02-03 07:50 - 2019-02-03 07:50 - 000000000 ____D C:\Windows\Minidump
2019-02-03 07:49 - 2019-02-03 07:49 - 149304508 _____ C:\Windows\MEMORY.DMP
2019-01-31 16:49 - 2019-01-31 16:49 - 000825464 _____ C:\Users\Ivo Brož\Desktop\Alien.Woosh.01.wav
2019-01-31 16:48 - 2019-01-31 16:49 - 000733304 _____ C:\Users\Ivo Brož\Desktop\Alien.Woosh.02.wav
2019-01-31 16:48 - 2019-01-31 16:48 - 000733304 _____ C:\Users\Ivo Brož\Desktop\Alien.Woosh.03.wav
2019-01-31 16:37 - 2019-01-31 16:37 - 000785664 _____ C:\Users\Ivo Brož\Desktop\Space.Ship.Fly.By.05.wav
2019-01-31 12:57 - 2019-01-31 12:57 - 000563842 _____ C:\Users\Ivo Brož\Desktop\Scanner.wav
2019-01-30 15:50 - 2019-01-30 15:50 - 000698556 _____ C:\Users\Ivo Brož\Desktop\Pruvodce_zivotem_abstinenci_0.pdf
2019-01-30 14:50 - 2019-01-30 14:54 - 000000000 ____D C:\Users\Ivo Brož\Desktop\Doklady
2019-01-26 15:47 - 2019-01-26 15:47 - 000421805 _____ C:\Users\Ivo Brož\Desktop\Palačinky.htm
2019-01-26 15:47 - 2019-01-26 15:47 - 000383115 _____ C:\Users\Ivo Brož\Desktop\Americké lívance.htm
2019-01-26 15:25 - 2019-01-26 15:47 - 000000000 ____D C:\Users\Ivo Brož\Desktop\Palačinky_soubory
2019-01-26 15:23 - 2019-01-26 15:47 - 000000000 ____D C:\Users\Ivo Brož\Desktop\Americké lívance_soubory
2019-01-26 14:52 - 2019-01-26 14:52 - 000510384 _____ C:\Users\Ivo Brož\Desktop\Rychlá bábovka.htm
2019-01-26 14:49 - 2019-01-26 14:52 - 000000000 ____D C:\Users\Ivo Brož\Desktop\Rychlá bábovka_soubory
2019-01-25 22:41 - 2019-01-25 22:41 - 000000811 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-25 16:46 - 2019-01-25 16:46 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\Daum
2019-01-24 21:40 - 2019-01-24 21:44 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\vlc
2019-01-24 21:39 - 2019-01-24 21:39 - 000000866 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-01-24 21:39 - 2019-01-24 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-01-23 17:51 - 2019-01-24 21:38 - 000000000 ____D C:\Program Files\VideoLAN
2019-01-22 18:21 - 2019-01-22 18:21 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\360CloudEnterprise
2019-01-22 18:16 - 2019-01-22 18:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Unlocker
2019-01-21 20:27 - 2019-01-22 17:34 - 000262522 _____ C:\Windows\ntbtlog.txt
2019-01-21 10:23 - 2019-02-05 18:33 - 000000000 ____D C:\FRST
2019-01-20 20:18 - 2018-12-12 17:33 - 000323288 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-16 18:19 - 2019-01-16 18:19 - 000001990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-16 18:19 - 2019-01-16 18:19 - 000001978 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-05 18:32 - 2016-10-30 10:53 - 000000000 ____D C:\Users\Ivo Brož\.rainlendar2
2019-02-05 18:31 - 2018-09-30 18:38 - 000000000 ____D C:\Users\Ivo Brož\AppData\Local\AVAST Software
2019-02-05 18:30 - 2008-04-17 13:36 - 000644548 _____ C:\Windows\system32\perfh005.dat
2019-02-05 18:30 - 2008-04-17 13:36 - 000137186 _____ C:\Windows\system32\perfc005.dat
2019-02-05 18:30 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\inf
2019-02-05 18:30 - 2006-11-02 11:33 - 001530430 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-05 18:14 - 2006-11-02 13:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-05 18:14 - 2006-11-02 13:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-05 18:12 - 2016-11-05 09:02 - 000000896 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-02-05 14:13 - 2015-12-09 15:43 - 000000000 ____D C:\Program Files\Dropbox
2019-02-05 11:12 - 2016-11-05 09:02 - 000000892 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-02-05 08:18 - 2016-11-17 10:32 - 000000000 ____D C:\Users\Ivo Brož\AppData\LocalLow\Mozilla
2019-02-05 08:15 - 2006-11-02 14:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-04 20:54 - 2018-12-16 19:59 - 000000000 ____D C:\Program Files\RQMONEY
2019-02-04 20:10 - 2016-01-25 11:37 - 000000000 ____D C:\Program Files\CCleaner
2019-02-04 20:09 - 2015-12-03 15:08 - 000004268 _____ C:\Windows\bthservsdp.dat
2019-02-04 20:09 - 2006-11-02 14:01 - 000032550 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-02-03 16:47 - 2015-12-09 17:18 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\uTorrent
2019-02-03 16:00 - 2016-01-29 10:50 - 000000000 ____D C:\Program Files\PotPlayer
2019-02-03 07:50 - 2015-12-03 10:46 - 000000000 ____D C:\Users\Ivo Brož
2019-01-31 15:15 - 2016-07-30 11:32 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\Audacity
2019-01-25 22:25 - 2016-01-29 10:55 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\PotPlayerMini
2019-01-22 18:22 - 2018-03-25 07:42 - 000000000 ____D C:\Program Files\360
2019-01-22 18:16 - 2018-03-23 14:52 - 000000000 ____D C:\ProgramData\IObit
2019-01-22 09:58 - 2016-09-24 10:07 - 000000000 ____D C:\Users\Public\Documents\Winstep
2019-01-21 19:32 - 2016-02-13 21:46 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-01-21 15:09 - 2016-12-11 12:10 - 000000000 ____D C:\AdwCleaner
2019-01-19 11:07 - 2017-11-21 07:16 - 000135200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-16 18:19 - 2015-12-16 03:08 - 000000000 ____D C:\Program Files\Google
2019-01-14 13:37 - 2016-08-19 13:38 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\Acrylic Wi-Fi Professional
2019-01-14 13:33 - 2016-07-25 12:50 - 000000218 _____ C:\Users\Ivo Brož\advanced_ip_scanner_MAC.bin
2019-01-09 08:24 - 2015-12-07 20:47 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2019-01-09 08:24 - 2015-12-07 20:47 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-01-09 08:24 - 2015-12-07 20:47 - 000000000 ____D C:\Windows\system32\Macromed
==================== Files in the root of some directories =======
2015-12-10 22:50 - 2018-04-07 20:41 - 000000132 _____ () C:\Users\Ivo Brož\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-12-10 19:20 - 2015-12-10 19:20 - 000023888 _____ () C:\Users\Ivo Brož\AppData\Roaming\UserTile.png
2017-08-30 15:17 - 2017-11-27 01:25 - 000001480 _____ () C:\Users\Ivo Brož\AppData\Local\Adobe Uložit pro web 12.0 Prefs
2015-12-03 10:46 - 2016-12-11 16:08 - 000007916 _____ () C:\Users\Ivo Brož\AppData\Local\d3d9caps.dat
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2019-02-05 08:22
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 4-02-2019
Ran by Ivo Brož (05-02-2019 18:34:51)
Running from C:\Users\Ivo Brož\Desktop
Microsoft® Windows Vista™ Business Service Pack 2 (X86) (2015-12-03 17:38:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-698314851-3235763532-1396065412-500 - Administrator - Disabled)
Guest (S-1-5-21-698314851-3235763532-1396065412-501 - Limited - Enabled)
Ivo Brož (S-1-5-21-698314851-3235763532-1396065412-1000 - Administrator - Enabled) => C:\Users\Ivo Brož
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.12 (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
7-Zip 16.04 (HKLM\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
AC3Filter 2.0a (HKLM\...\AC3Filter_is1) (Version: 2.0a - Alexander Vigovsky)
Acrylic Wi-Fi Home v3.1 (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\{3706FB7A-11FB-44C4-AD94-2B29878D75DC}_is1) (Version: 3.1 - Tarlogic Security S.L.)
Acrylic Wi-Fi Professional v3.0 (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\{FBD2EDDA-2B1B-49A2-9147-99CBCC5F10E5}_is1) (Version: 3.0 - Tarlogic Security S.L.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Advanced IP Scanner 2.4 (HKLM\...\{C3CF783A-5457-4989-966F-7BE08812FB71}) (Version: 2.4.2601 - Famatech)
AIMP3 (HKLM\...\AIMP3) (Version: v3.60.1502, 20.09.2015 - AIMP DevTeam)
Aktualizace NVIDIA 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
ATK Hotkey (HKLM\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0050 - ASUS)
Atomic Alarm Clock 6.20 (HKLM\...\Atomic Alarm Clock_is1) (Version: - Drive Software Company)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avidemux 2.6 - 32 bits (32-bit) (HKLM\...\Avidemux 2.6 - 32 bits) (Version: 2.6.14.160917 - )
Canon CanoScan Toolbox 5.0 (HKLM\...\CanoScan Toolbox 5.0) (Version: - )
CanoScan LiDE 70 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2411) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
Dropbox (HKLM\...\Dropbox) (Version: 48.4.58 - Dropbox, Inc.)
Dropbox Update Helper (HKLM\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
eCookBook 4.5.2 (HKLM\...\{AA09EB40-138D-4331-B39D-D79CBA6A994C}_is1) (Version: 4.5.2 - Eugen Lety)
FastStone Image Viewer 5.3 (HKLM\...\FastStone Image Viewer) (Version: 5.3 - FastStone Soft)
GeoGebra 5 (HKLM\...\GeoGebra 5) (Version: 5.0.230.0 - International GeoGebra Institute)
Google Drive (HKLM\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP LaserJet 1020 Series (HKLM\...\HP LaserJet 1020 Series) (Version: - )
IObit Unlocker (HKLM\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
Java 8 Update 111 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java DB 10.6.2.1 (HKLM\...\{73EC658D-A1C6-40CA-8E86-E05821BAACE7}) (Version: 10.6.2.1 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
K-Lite Codec Pack 11.5.0 Full (HKLM\...\KLiteCodecPack_is1) (Version: 11.5.0 - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
LAV Filters 0.67 (HKLM\...\lavfilters_is1) (Version: 0.67 - Hendrik Leppkes)
MediaInfo 0.7.89 (HKLM\...\MediaInfo) (Version: 0.7.89 - MediaArea.net)
MEGAsync (HKLM\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MKVToolNix 9.9.0 (32bit) (HKLM\...\MKVToolNix) (Version: 9.9.0 - Moritz Bunkus)
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 52.9.0 ESR (x86 cs) (HKLM\...\Mozilla Firefox 52.9.0 ESR (x86 cs)) (Version: 52.9.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.9.1.6764 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 cs) (HKLM\...\Mozilla Thunderbird 52.9.1 (x86 cs)) (Version: 52.9.1 - Mozilla)
Nexus 16.9 (HKLM\...\Winstep Xtreme_is1) (Version: - )
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.90 - NVIDIA Corporation)
Ovládací panel NVIDIA 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 310.90 - NVIDIA Corporation) Hidden
PDF Settings CS5 (HKLM\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PotPlayer (HKLM\...\PotPlayer) (Version: 1.7.16291 - Kakao Corp.)
PowerISO (HKLM\...\PowerISO) (Version: 6.4 - Power Software Ltd)
Rainlendar2 (remove only) (HKLM\...\Rainlendar2) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5821 - Realtek Semiconductor Corp.)
Recepty doma (HKLM\...\Recepty doma_is1) (Version: - Martin Roubec)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.57.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.57.01 - RICOH)
Samsung Kies (HKLM\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung PC Studio 3 (HKLM\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.1.71009 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (HKLM\...\{C79A37F3-C076-48BE-B290-F4C8676ABD74}) (Version: 3.0.0.71009 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Subtitle Edit 3.4.9 (HKLM\...\SubtitleEdit_is1) (Version: 3.4.9.0 - Nikse)
SugarSync Manager (HKLM\...\SugarSync) (Version: 1.9.80.99361 - SugarSync, Inc.)
USB Multi-Channel Audio Device (HKLM\...\{71B53BA8-4BE3-49AF-BC3E-07F392006206}) (Version: 1.00.0005 - C-Media Electronics, Inc.)
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
XCell Compiler 2.3.6 (HKLM\...\XCell Compiler) (Version: 2.3.6 - DoneEx)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc. -> SugarSync, Inc.)
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-01-22] (AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc. -> SugarSync, Inc.)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files\IObit\IObit Unlocker\IObitUnlockerExtension.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-01-22] (AIMP DevTeam)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files\IObit\IObit Unlocker\IObitUnlockerExtension.dll -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2012-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc. -> SugarSync, Inc.)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files\IObit\IObit Unlocker\IObitUnlockerExtension.dll -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {006A8993-78AC-45C6-9CDB-8EEC94B7CAEC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {1A98C338-38C7-4C81-9BC8-74DD98BEC0C1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {292902AB-606E-46EE-98FF-F59D7A329613} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {3574DA2E-9638-42B0-B302-E0FC44BD852B} - System32\Tasks\AdobeAAMUpdater-1.0-broz-nb-Ivo Brož => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-12-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {415851D0-1958-40B9-B343-5BBF36E7E21C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {67C1C463-2F04-46C1-85E6-C7DC7E7EF286} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {709F5BE2-8B43-4614-BCF3-A4438986850B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {8A4AEB9C-4A3D-414C-B18A-47DC38104B57} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Microsoft Windows -> Společnost Microsoft)
Task: {92751818-17C1-4488-817A-09FABD01B171} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AFE10FAC-B0EF-48BA-BE00-570D27EAED91} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {BE5A01FD-811C-4A69-8B94-406CF3E511C2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
Task: {DBF56899-01E2-43F2-80C6-88C327E243AF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) ==============
2016-03-22 13:33 - 2013-06-07 02:06 - 001147392 _____ () C:\Program Files\Atomic Alarm Clock\Clock.dll
2014-05-01 15:15 - 2016-11-30 06:05 - 000564736 _____ () C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll
2008-08-13 20:59 - 2008-08-13 20:59 - 000100920 _____ () C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
2018-12-12 17:33 - 2018-12-12 17:33 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2019-02-05 16:21 - 2019-02-05 16:21 - 005773456 _____ () C:\Program Files\AVAST Software\Avast\defs\19020502\algo.dll
2016-01-31 09:53 - 2012-09-18 15:26 - 000169472 _____ () C:\Windows\System32\zlhp1020.dll
2016-01-31 09:54 - 2012-09-18 15:26 - 000059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2016-03-22 13:33 - 2013-04-24 18:20 - 002007040 _____ () C:\Program Files\Atomic Alarm Clock\timeserv.exe
2015-12-28 12:06 - 2003-10-23 04:17 - 000069120 _____ () C:\Users\Ivo Brož\Disk Mega\Správce\Timery\AlphaClock\aclock.exe
2016-02-20 07:59 - 2016-02-17 08:02 - 000020352 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll
2015-11-13 12:57 - 2015-11-13 12:57 - 002739240 _____ () C:\Program Files\Rainlendar2\Rainlendar2.exe
2015-08-14 07:31 - 2015-08-14 07:31 - 000252928 _____ () C:\Program Files\Rainlendar2\libical.dll
2015-08-14 07:31 - 2015-08-14 07:31 - 000051200 _____ () C:\Program Files\Rainlendar2\libicalss.dll
2014-05-04 11:48 - 2014-05-04 11:48 - 000197632 _____ () C:\Program Files\Rainlendar2\lua52.dll
2015-11-13 12:57 - 2015-11-13 12:57 - 000068136 _____ () C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
2015-11-13 12:58 - 2015-11-13 12:58 - 000235560 _____ () C:\Program Files\Rainlendar2\plugins\GoogleCalendarPlugin.dll
2014-05-04 11:49 - 2014-05-04 11:49 - 000027648 _____ () C:\Program Files\Rainlendar2\lfs.dll
2017-11-12 16:23 - 2012-06-08 20:40 - 001086176 _____ () C:\Program Files\Winstep\wodTelnetDLX.dll
2017-11-21 07:15 - 2017-11-21 07:15 - 048936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2019-02-05 16:21 - 000000877 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Samsung\Samsung PC Studio 3\
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.150.237 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{08DD6062-1E2E-451B-B20A-60F7C9FFDBA9}] => (Allow) LPort=80
FirewallRules: [{B273ED47-F80D-406A-8F16-347EC8EC5446}] => (Allow) LPort=80
FirewallRules: [{4FB3F07B-0DCA-4802-87AC-EDA5D601DFA3}] => (Allow) LPort=80
FirewallRules: [TCP Query User{DD36DB1F-250E-41A5-A85B-EF47F7ACC859}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.)
FirewallRules: [UDP Query User{DA72B481-3B69-48D1-9F28-0424C9153B59}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.)
FirewallRules: [TCP Query User{583183BD-09D8-4E27-8881-A8EA81ACAF36}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.)
FirewallRules: [UDP Query User{2B79F693-9213-46F9-AE06-9FFCDA0323BD}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.)
FirewallRules: [{DE774DC2-BD32-4AC5-8DEA-92A29216FF8C}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CE2F8922-23C5-476B-B1CD-98AFB31BC2F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DEEC08F7-A0B9-43A2-BB48-092997BAD930}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{0E27ED6F-61DB-4900-9BAA-A27CCED0D5B9}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{62B1331D-7951-4A39-801E-53C7D203B7A8}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [{03CC05EC-281A-4BEB-88D0-B21E4B0754E6}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe (Tarlogic Security SL -> Tarlogic Security S.L.)
FirewallRules: [{1F1A5A56-AA1F-47B4-8733-3B57654860F6}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe (Tarlogic Security SL -> Tarlogic Security S.L.)
FirewallRules: [{1E0AA980-0B4B-46F1-BB8F-AE80D9CD5E40}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{57622297-F076-4654-8D29-F77D549215D2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{62F07C6D-43D9-4BB6-B3AE-3006F15FF0F0}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{64C4E2B3-6157-4F8D-9490-71ABD433DB24}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [TCP Query User{08E96C80-D5CC-4816-AB74-2F79918D1346}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [UDP Query User{FD23FA26-F72A-44A4-8CDA-A29EE1F0CCA0}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [TCP Query User{AEEEBF1B-B63B-419F-82DC-82FA54D36845}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [UDP Query User{D7140E4C-C781-4BC7-B9E7-ED7D0F23DBDA}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [{02EFEA7A-004D-4AC5-A87B-428406B2271E}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{79CA22F6-0B16-44C3-8777-D41D83E9A2EF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{F6987523-D159-487E-801C-64C072D57CF4}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{39789F12-1381-4CBC-8D61-FD0B6AEF7043}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{A2581BC8-DD79-423B-816E-303087E30B50}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{40C642FD-2269-405E-89A2-33792ADD9A68}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
==================== Restore Points =========================
05-02-2019 09:55:42 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/05/2019 08:20:34 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\IVO BROŽ\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\RXBGIG8Q.DEFAULT\SAFEBROWSING-TO_DELETE> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (02/05/2019 08:20:33 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\IVO BROŽ\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\RXBGIG8Q.DEFAULT\SAFEBROWSING> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (02/05/2019 08:20:33 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\IVO BROŽ\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\RXBGIG8Q.DEFAULT\SAFEBROWSING> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (02/05/2019 08:16:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/05/2019 03:26:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/04/2019 08:12:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/04/2019 08:07:57 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\IVO BROŽ\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\RXBGIG8Q.DEFAULT\SAFEBROWSING-TO_DELETE> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (02/04/2019 08:07:56 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\IVO BROŽ\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\RXBGIG8Q.DEFAULT\SAFEBROWSING-TO_DELETE> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
System errors:
=============
Error: (02/05/2019 08:18:53 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY)
Description: Event-ID 1001
Error: (02/05/2019 08:16:15 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom
Error: (02/05/2019 08:15:06 AM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT AUTHORITY)
Description: Event-ID 412
Error: (02/05/2019 08:14:53 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (8:14:01, 5.2.2019) bylo neočekávané.
Error: (02/05/2019 03:30:21 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY)
Description: Event-ID 1001
Error: (02/05/2019 03:28:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/05/2019 03:28:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Google Update (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (02/05/2019 03:26:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswbIDSAgent neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
CodeIntegrity:
===================================
Date: 2017-11-26 20:16:33.748
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:33.551
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:33.353
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:33.123
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:32.732
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.1.7601.17514_none_7194784c1e85df7d\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:32.536
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.1.7601.17514_none_7194784c1e85df7d\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:32.336
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.1.7601.17514_none_7194784c1e85df7d\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:32.103
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.1.7601.17514_none_7194784c1e85df7d\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
Percentage of memory in use: 72%
Total physical RAM: 3070.16 MB
Available physical RAM: 842.54 MB
Total Virtual: 6355.34 MB
Available Virtual: 3878.88 MB
==================== Drives ================================
Drive c: (VistaOS) (Fixed) (Total:298.09 GB) (Free:1.62 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (SSD) (Fixed) (Total:111.79 GB) (Free:5.64 GB) NTFS
Drive e: (My CDROM) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 03DA0763)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: 92A1476C)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 4-02-2019
Ran by Ivo Brož (administrator) on BROZ-NB (05-02-2019 18:33:46)
Running from C:\Users\Ivo Brož\Desktop
Loaded Profiles: Ivo Brož (Available Profiles: Ivo Brož)
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\WDC.exe
() C:\Program Files\Atomic Alarm Clock\timeserv.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Winstep Software Technologies) C:\Program Files\Winstep\WsxService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\Users\Ivo Brož\Disk Mega\Správce\Timery\AlphaClock\aclock.exe
(Drive Software Company) C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(Winstep Software Technologies) C:\Program Files\Winstep\Nexus.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7289376 2015-12-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [98304 2009-04-01] (ASUS)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2015-12-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [Cm106Sound] => RunDll32 cm106.cpl,CMICtrlWnd
HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960248 2015-10-26] (Shenzhen Wondershare Information Technology Co., Ltd. -> )
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [3642688 2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [Alpha Clock] => C:\Users\Ivo Brož\Disk Mega\Správce\Timery\AlphaClock\aclock.exe [69120 2003-10-23] ()
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [AtomicAlarmClock6] => C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe [3621376 2016-03-22] (Drive Software Company)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1021736 2016-01-08] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [2739240 2015-11-13] (Rainy -> )
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [NeXuS-Ultimate] => C:\Program Files\Winstep\Nexus.exe [14688896 2016-10-06] (Winstep Software Technologies)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\MountPoints2: {1fd2caed-200b-11e9-b1d7-002243c6c20d} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2006-11-02] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\system32\ac3filter.acm [1075200 2012-04-09] ()
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2019-01-16] (Google Inc -> Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\USB Multi-Channel Audio Device – zástupce.lnk [2016-01-20]
ShortcutTarget: USB Multi-Channel Audio Device – zástupce.lnk -> (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.150.237 192.168.1.1
Tcpip\..\Interfaces\{8F985A02-AFC7-4F31-9AEB-B906A326FEEF}: [DhcpNameServer] 192.168.150.237 192.168.1.1
Tcpip\..\Interfaces\{E4F7D5EC-A14C-4D43-80CC-AD22C07F8A51}: [DhcpNameServer] 10.111.0.1 10.114.1.1 91.221.212.198
Internet Explorer:
==================
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131230232319602000&GUID=8055860F-EFF5-4C63-9C53-171B90716F95
SearchScopes: HKU\S-1-5-21-698314851-3235763532-1396065412-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-11] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-11] (Oracle America, Inc. -> Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-00111-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: rxbgig8q.default
FF ProfilePath: C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default [2019-02-05]
FF Homepage: Mozilla\Firefox\Profiles\rxbgig8q.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\rxbgig8q.default -> is enabled.
FF Extension: (FaviconizeTab) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\faviconizetab@espion.just-size.jp.xpi [2016-11-17] [Legacy]
FF Extension: (To Google Translate) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2018-07-15]
FF Extension: (Avast Passwords) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2019-01-11]
FF Extension: (WebToPDF) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\manish.p05@gmail.com.xpi [2017-08-12] [Legacy]
FF Extension: (Print Edit) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\printedit@DW-dev.xpi [2018-03-23] [Legacy]
FF Extension: (Save as PDF) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2017-11-11]
FF Extension: (Google Translator for Firefox) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\translator@zoli.bod.xpi [2018-03-25] [Legacy]
FF Extension: (Avast Online Security) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\wrc@avast.com.xpi [2019-01-29]
FF Extension: (FxIF) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi [2016-08-06] [Legacy]
FF Extension: (FireTray) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{9533f794-00b4-4354-aa15-c2bbda6989f8} [2016-08-06] [Legacy]
FF Extension: (Tab Mix Plus) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-09-01] [Legacy]
FF Extension: (Web2PDF converter) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{e8f509f0-b677-11de-8a39-0800200c9a66}.xpi [2016-08-06] [Legacy]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-12-07] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Windows\system32\npdeployJava1.dll [2016-12-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-11] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default [2019-01-21]
CHR Extension: (Prezentace) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-16]
CHR Extension: (Dokumenty) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-16]
CHR Extension: (Disk Google) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-16]
CHR Extension: (YouTube) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-16]
CHR Extension: (Tabulky) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-16]
CHR Extension: (Gmail) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-16]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [100920 2008-08-13] (ASUSTeK Computer Inc. -> )
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6799632 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R2 AtomicAlarmClock; C:\Program Files\Atomic Alarm Clock\timeserv.exe [2007040 2013-04-24] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [43344 2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [931200 2016-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Windows -> Microsoft Corporation)
R2 Winstep Xtreme Service; C:\Program Files\Winstep\WsxService.exe [774656 2016-06-07] (Winstep Software Technologies) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [422968 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
S4 adpahci; C:\Windows\system32\drivers\adpahci.sys [300600 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
S4 adpu320; C:\Windows\system32\drivers\adpu320.sys [149560 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
S4 aic78xx; C:\Windows\system32\drivers\djsvs.sys [71272 2006-11-02] (Microsoft Windows -> Adaptec, Inc.)
S4 aliide; C:\Windows\system32\drivers\aliide.sys [17464 2008-01-21] (Microsoft Windows -> Acer Laboratories Inc.)
S4 arc; C:\Windows\system32\drivers\arc.sys [79416 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
S4 arcsas; C:\Windows\system32\drivers\arcsas.sys [79928 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167480 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188976 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165384 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284256 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57904 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [183176 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42736 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135200 2019-01-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr.sys [70640 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784560 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397992 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R3 aswStmXP; C:\Windows\System32\drivers\aswStmXP.sys [146584 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310200 2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [1183744 2009-09-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 BrFiltLo; C:\Windows\system32\drivers\brfiltlo.sys [13568 2006-11-02] (Microsoft Windows -> Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\drivers\brfiltup.sys [5248 2006-11-02] (Microsoft Windows -> Brother Industries, Ltd.)
S4 Brserid; C:\Windows\system32\drivers\brserid.sys [71808 2006-11-02] (Microsoft Windows -> Brother Industries Ltd.)
S4 BrSerWdm; C:\Windows\system32\drivers\brserwdm.sys [62336 2006-11-02] (Microsoft Windows -> Brother Industries Ltd.)
S4 BrUsbMdm; C:\Windows\system32\drivers\brusbmdm.sys [12160 2006-11-02] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\system32\drivers\brusbser.sys [11904 2006-11-02] (Microsoft Windows -> Brother Industries Ltd.)
S4 cmdide; C:\Windows\system32\drivers\cmdide.sys [19000 2008-01-21] (Microsoft Windows -> CMD Technology, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [99296 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 E1G60; C:\Windows\System32\DRIVERS\E1G60I32.sys [118784 2008-01-21] (Microsoft Windows -> Intel Corporation)
S4 elxstor; C:\Windows\system32\drivers\elxstor.sys [342584 2008-01-21] (Microsoft Windows -> Emulex)
S4 HpCISSs; C:\Windows\system32\drivers\hpcisss.sys [40504 2008-01-21] (Microsoft Windows -> Hewlett-Packard Company)
S4 iaStorV; C:\Windows\system32\drivers\iastorv.sys [235064 2008-01-21] (Microsoft Windows -> Intel Corporation)
S4 iirsp; C:\Windows\system32\drivers\iirsp.sys [41576 2006-11-02] (Microsoft Windows -> Intel Corp./ICP vortex GmbH)
S4 iteatapi; C:\Windows\system32\drivers\iteatapi.sys [35944 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.)
S4 iteraid; C:\Windows\system32\drivers\iteraid.sys [35944 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.)
S4 LSI_FC; C:\Windows\system32\drivers\lsi_fc.sys [96312 2008-01-21] (Microsoft Windows -> LSI Logic)
S4 LSI_SAS; C:\Windows\system32\drivers\lsi_sas.sys [89656 2008-01-21] (Microsoft Windows -> LSI Logic)
S4 LSI_SCSI; C:\Windows\system32\drivers\lsi_scsi.sys [96312 2008-01-21] (Microsoft Windows -> LSI Logic)
S4 megasas; C:\Windows\system32\drivers\megasas.sys [31288 2008-01-21] (Microsoft Windows -> LSI Corporation)
S4 MegaSR; C:\Windows\system32\drivers\megasr.sys [386616 2008-01-21] (Microsoft Windows -> LSI Corporation, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (Microsoft Windows Hardware Compatibility Publisher -> ATK0100)
S4 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [45160 2006-11-02] (Microsoft Windows -> IBM Corporation)
S4 ntrigdigi; C:\Windows\system32\drivers\ntrigdigi.sys [20608 2006-11-02] (Microsoft Windows -> N-trig Innovative Technologies)
S4 nvraid; C:\Windows\system32\drivers\nvraid.sys [102968 2008-01-21] (Microsoft Windows -> NVIDIA Corporation)
S4 nvstor; C:\Windows\system32\drivers\nvstor.sys [45112 2008-01-21] (Microsoft Windows -> NVIDIA Corporation)
S4 ql2300; C:\Windows\system32\drivers\ql2300.sys [1122360 2008-01-21] (Microsoft Windows -> QLogic Corporation)
S4 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [106088 2006-11-02] (Microsoft Windows -> QLogic Corporation)
R2 rimmptsk; C:\Windows\System32\DRIVERS\rimmptsk.sys [48640 2008-09-10] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 rimsptsk; C:\Windows\System32\DRIVERS\rimsptsk.sys [43008 2008-04-21] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 rismxdp; C:\Windows\System32\DRIVERS\rixdptsk.sys [38400 2007-07-30] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114368 2015-10-08] (Power Software Limited -> Power Software Ltd)
S4 secdrv; C:\Windows\system32\Drivers\secdrv.sys [20480 2006-11-02] (Microsoft Windows -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S4 SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [74808 2008-01-21] (Microsoft Windows -> Silicon Integrated Systems)
S3 smserial; C:\Windows\System32\DRIVERS\smserial.sys [1010560 2006-11-02] (Microsoft Windows -> Motorola Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [191200 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [191200 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
S4 Symc8xx; C:\Windows\system32\drivers\symc8xx.sys [35944 2006-11-02] (Microsoft Windows -> LSI Logic)
S4 Sym_hi; C:\Windows\system32\drivers\sym_hi.sys [31848 2006-11-02] (Microsoft Windows -> LSI Logic)
S4 Sym_u3; C:\Windows\system32\drivers\sym_u3.sys [34920 2006-11-02] (Microsoft Windows -> LSI Logic)
S4 uliahci; C:\Windows\system32\drivers\uliahci.sys [238648 2008-01-21] (Microsoft Windows -> ULi Electronics Inc.)
S4 UlSata; C:\Windows\system32\drivers\ulsata.sys [98408 2006-11-02] (Microsoft Windows -> Promise Technology, Inc.)
S4 ulsata2; C:\Windows\system32\drivers\ulsata2.sys [115816 2008-01-21] (Microsoft Windows -> Promise Technology, Inc.)
S3 USBMULCD; C:\Windows\System32\drivers\CM106.sys [3105280 2012-10-04] (C-MEDIA ELECTRONICS INC. -> C-Media Electronics Inc)
S4 vsmraid; C:\Windows\system32\drivers\vsmraid.sys [130616 2008-01-21] (Microsoft Windows -> VIA Technologies Inc.,Ltd)
S3 yukonwlh; C:\Windows\System32\DRIVERS\yk60x86.sys [194048 2006-11-02] (Microsoft Windows -> Marvell)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-05 18:33 - 2019-02-05 18:34 - 000024887 _____ C:\Users\Ivo Brož\Desktop\FRST.txt
2019-02-03 16:45 - 2019-02-03 16:46 - 007316688 _____ (Malwarebytes) C:\Users\Ivo Brož\Desktop\adwcleaner_7.2.7.0.exe
2019-02-03 16:10 - 2019-02-04 20:07 - 001790976 _____ (Farbar) C:\Users\Ivo Brož\Desktop\FRST.exe
2019-02-03 16:00 - 2019-02-03 16:00 - 000000863 _____ C:\Users\Public\Desktop\PotPlayer.lnk
2019-02-03 07:50 - 2019-02-03 07:50 - 000149784 _____ C:\Windows\Minidump\Mini020319-01.dmp
2019-02-03 07:50 - 2019-02-03 07:50 - 000000000 ____D C:\Windows\Minidump
2019-02-03 07:49 - 2019-02-03 07:49 - 149304508 _____ C:\Windows\MEMORY.DMP
2019-01-31 16:49 - 2019-01-31 16:49 - 000825464 _____ C:\Users\Ivo Brož\Desktop\Alien.Woosh.01.wav
2019-01-31 16:48 - 2019-01-31 16:49 - 000733304 _____ C:\Users\Ivo Brož\Desktop\Alien.Woosh.02.wav
2019-01-31 16:48 - 2019-01-31 16:48 - 000733304 _____ C:\Users\Ivo Brož\Desktop\Alien.Woosh.03.wav
2019-01-31 16:37 - 2019-01-31 16:37 - 000785664 _____ C:\Users\Ivo Brož\Desktop\Space.Ship.Fly.By.05.wav
2019-01-31 12:57 - 2019-01-31 12:57 - 000563842 _____ C:\Users\Ivo Brož\Desktop\Scanner.wav
2019-01-30 15:50 - 2019-01-30 15:50 - 000698556 _____ C:\Users\Ivo Brož\Desktop\Pruvodce_zivotem_abstinenci_0.pdf
2019-01-30 14:50 - 2019-01-30 14:54 - 000000000 ____D C:\Users\Ivo Brož\Desktop\Doklady
2019-01-26 15:47 - 2019-01-26 15:47 - 000421805 _____ C:\Users\Ivo Brož\Desktop\Palačinky.htm
2019-01-26 15:47 - 2019-01-26 15:47 - 000383115 _____ C:\Users\Ivo Brož\Desktop\Americké lívance.htm
2019-01-26 15:25 - 2019-01-26 15:47 - 000000000 ____D C:\Users\Ivo Brož\Desktop\Palačinky_soubory
2019-01-26 15:23 - 2019-01-26 15:47 - 000000000 ____D C:\Users\Ivo Brož\Desktop\Americké lívance_soubory
2019-01-26 14:52 - 2019-01-26 14:52 - 000510384 _____ C:\Users\Ivo Brož\Desktop\Rychlá bábovka.htm
2019-01-26 14:49 - 2019-01-26 14:52 - 000000000 ____D C:\Users\Ivo Brož\Desktop\Rychlá bábovka_soubory
2019-01-25 22:41 - 2019-01-25 22:41 - 000000811 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-25 16:46 - 2019-01-25 16:46 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\Daum
2019-01-24 21:40 - 2019-01-24 21:44 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\vlc
2019-01-24 21:39 - 2019-01-24 21:39 - 000000866 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-01-24 21:39 - 2019-01-24 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-01-23 17:51 - 2019-01-24 21:38 - 000000000 ____D C:\Program Files\VideoLAN
2019-01-22 18:21 - 2019-01-22 18:21 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\360CloudEnterprise
2019-01-22 18:16 - 2019-01-22 18:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Unlocker
2019-01-21 20:27 - 2019-01-22 17:34 - 000262522 _____ C:\Windows\ntbtlog.txt
2019-01-21 10:23 - 2019-02-05 18:33 - 000000000 ____D C:\FRST
2019-01-20 20:18 - 2018-12-12 17:33 - 000323288 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-16 18:19 - 2019-01-16 18:19 - 000001990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-16 18:19 - 2019-01-16 18:19 - 000001978 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-05 18:32 - 2016-10-30 10:53 - 000000000 ____D C:\Users\Ivo Brož\.rainlendar2
2019-02-05 18:31 - 2018-09-30 18:38 - 000000000 ____D C:\Users\Ivo Brož\AppData\Local\AVAST Software
2019-02-05 18:30 - 2008-04-17 13:36 - 000644548 _____ C:\Windows\system32\perfh005.dat
2019-02-05 18:30 - 2008-04-17 13:36 - 000137186 _____ C:\Windows\system32\perfc005.dat
2019-02-05 18:30 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\inf
2019-02-05 18:30 - 2006-11-02 11:33 - 001530430 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-05 18:14 - 2006-11-02 13:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-05 18:14 - 2006-11-02 13:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-05 18:12 - 2016-11-05 09:02 - 000000896 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-02-05 14:13 - 2015-12-09 15:43 - 000000000 ____D C:\Program Files\Dropbox
2019-02-05 11:12 - 2016-11-05 09:02 - 000000892 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-02-05 08:18 - 2016-11-17 10:32 - 000000000 ____D C:\Users\Ivo Brož\AppData\LocalLow\Mozilla
2019-02-05 08:15 - 2006-11-02 14:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-04 20:54 - 2018-12-16 19:59 - 000000000 ____D C:\Program Files\RQMONEY
2019-02-04 20:10 - 2016-01-25 11:37 - 000000000 ____D C:\Program Files\CCleaner
2019-02-04 20:09 - 2015-12-03 15:08 - 000004268 _____ C:\Windows\bthservsdp.dat
2019-02-04 20:09 - 2006-11-02 14:01 - 000032550 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-02-03 16:47 - 2015-12-09 17:18 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\uTorrent
2019-02-03 16:00 - 2016-01-29 10:50 - 000000000 ____D C:\Program Files\PotPlayer
2019-02-03 07:50 - 2015-12-03 10:46 - 000000000 ____D C:\Users\Ivo Brož
2019-01-31 15:15 - 2016-07-30 11:32 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\Audacity
2019-01-25 22:25 - 2016-01-29 10:55 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\PotPlayerMini
2019-01-22 18:22 - 2018-03-25 07:42 - 000000000 ____D C:\Program Files\360
2019-01-22 18:16 - 2018-03-23 14:52 - 000000000 ____D C:\ProgramData\IObit
2019-01-22 09:58 - 2016-09-24 10:07 - 000000000 ____D C:\Users\Public\Documents\Winstep
2019-01-21 19:32 - 2016-02-13 21:46 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-01-21 15:09 - 2016-12-11 12:10 - 000000000 ____D C:\AdwCleaner
2019-01-19 11:07 - 2017-11-21 07:16 - 000135200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-16 18:19 - 2015-12-16 03:08 - 000000000 ____D C:\Program Files\Google
2019-01-14 13:37 - 2016-08-19 13:38 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\Acrylic Wi-Fi Professional
2019-01-14 13:33 - 2016-07-25 12:50 - 000000218 _____ C:\Users\Ivo Brož\advanced_ip_scanner_MAC.bin
2019-01-09 08:24 - 2015-12-07 20:47 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2019-01-09 08:24 - 2015-12-07 20:47 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-01-09 08:24 - 2015-12-07 20:47 - 000000000 ____D C:\Windows\system32\Macromed
==================== Files in the root of some directories =======
2015-12-10 22:50 - 2018-04-07 20:41 - 000000132 _____ () C:\Users\Ivo Brož\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-12-10 19:20 - 2015-12-10 19:20 - 000023888 _____ () C:\Users\Ivo Brož\AppData\Roaming\UserTile.png
2017-08-30 15:17 - 2017-11-27 01:25 - 000001480 _____ () C:\Users\Ivo Brož\AppData\Local\Adobe Uložit pro web 12.0 Prefs
2015-12-03 10:46 - 2016-12-11 16:08 - 000007916 _____ () C:\Users\Ivo Brož\AppData\Local\d3d9caps.dat
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2019-02-05 08:22
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 4-02-2019
Ran by Ivo Brož (05-02-2019 18:34:51)
Running from C:\Users\Ivo Brož\Desktop
Microsoft® Windows Vista™ Business Service Pack 2 (X86) (2015-12-03 17:38:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-698314851-3235763532-1396065412-500 - Administrator - Disabled)
Guest (S-1-5-21-698314851-3235763532-1396065412-501 - Limited - Enabled)
Ivo Brož (S-1-5-21-698314851-3235763532-1396065412-1000 - Administrator - Enabled) => C:\Users\Ivo Brož
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.12 (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
7-Zip 16.04 (HKLM\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
AC3Filter 2.0a (HKLM\...\AC3Filter_is1) (Version: 2.0a - Alexander Vigovsky)
Acrylic Wi-Fi Home v3.1 (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\{3706FB7A-11FB-44C4-AD94-2B29878D75DC}_is1) (Version: 3.1 - Tarlogic Security S.L.)
Acrylic Wi-Fi Professional v3.0 (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\{FBD2EDDA-2B1B-49A2-9147-99CBCC5F10E5}_is1) (Version: 3.0 - Tarlogic Security S.L.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Advanced IP Scanner 2.4 (HKLM\...\{C3CF783A-5457-4989-966F-7BE08812FB71}) (Version: 2.4.2601 - Famatech)
AIMP3 (HKLM\...\AIMP3) (Version: v3.60.1502, 20.09.2015 - AIMP DevTeam)
Aktualizace NVIDIA 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
ATK Hotkey (HKLM\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0050 - ASUS)
Atomic Alarm Clock 6.20 (HKLM\...\Atomic Alarm Clock_is1) (Version: - Drive Software Company)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avidemux 2.6 - 32 bits (32-bit) (HKLM\...\Avidemux 2.6 - 32 bits) (Version: 2.6.14.160917 - )
Canon CanoScan Toolbox 5.0 (HKLM\...\CanoScan Toolbox 5.0) (Version: - )
CanoScan LiDE 70 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2411) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
Dropbox (HKLM\...\Dropbox) (Version: 48.4.58 - Dropbox, Inc.)
Dropbox Update Helper (HKLM\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
eCookBook 4.5.2 (HKLM\...\{AA09EB40-138D-4331-B39D-D79CBA6A994C}_is1) (Version: 4.5.2 - Eugen Lety)
FastStone Image Viewer 5.3 (HKLM\...\FastStone Image Viewer) (Version: 5.3 - FastStone Soft)
GeoGebra 5 (HKLM\...\GeoGebra 5) (Version: 5.0.230.0 - International GeoGebra Institute)
Google Drive (HKLM\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP LaserJet 1020 Series (HKLM\...\HP LaserJet 1020 Series) (Version: - )
IObit Unlocker (HKLM\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
Java 8 Update 111 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java DB 10.6.2.1 (HKLM\...\{73EC658D-A1C6-40CA-8E86-E05821BAACE7}) (Version: 10.6.2.1 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
K-Lite Codec Pack 11.5.0 Full (HKLM\...\KLiteCodecPack_is1) (Version: 11.5.0 - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
LAV Filters 0.67 (HKLM\...\lavfilters_is1) (Version: 0.67 - Hendrik Leppkes)
MediaInfo 0.7.89 (HKLM\...\MediaInfo) (Version: 0.7.89 - MediaArea.net)
MEGAsync (HKLM\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MKVToolNix 9.9.0 (32bit) (HKLM\...\MKVToolNix) (Version: 9.9.0 - Moritz Bunkus)
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 52.9.0 ESR (x86 cs) (HKLM\...\Mozilla Firefox 52.9.0 ESR (x86 cs)) (Version: 52.9.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.9.1.6764 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 cs) (HKLM\...\Mozilla Thunderbird 52.9.1 (x86 cs)) (Version: 52.9.1 - Mozilla)
Nexus 16.9 (HKLM\...\Winstep Xtreme_is1) (Version: - )
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.90 - NVIDIA Corporation)
Ovládací panel NVIDIA 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 310.90 - NVIDIA Corporation) Hidden
PDF Settings CS5 (HKLM\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PotPlayer (HKLM\...\PotPlayer) (Version: 1.7.16291 - Kakao Corp.)
PowerISO (HKLM\...\PowerISO) (Version: 6.4 - Power Software Ltd)
Rainlendar2 (remove only) (HKLM\...\Rainlendar2) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5821 - Realtek Semiconductor Corp.)
Recepty doma (HKLM\...\Recepty doma_is1) (Version: - Martin Roubec)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.57.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.57.01 - RICOH)
Samsung Kies (HKLM\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung PC Studio 3 (HKLM\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.1.71009 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (HKLM\...\{C79A37F3-C076-48BE-B290-F4C8676ABD74}) (Version: 3.0.0.71009 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Subtitle Edit 3.4.9 (HKLM\...\SubtitleEdit_is1) (Version: 3.4.9.0 - Nikse)
SugarSync Manager (HKLM\...\SugarSync) (Version: 1.9.80.99361 - SugarSync, Inc.)
USB Multi-Channel Audio Device (HKLM\...\{71B53BA8-4BE3-49AF-BC3E-07F392006206}) (Version: 1.00.0005 - C-Media Electronics, Inc.)
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
XCell Compiler 2.3.6 (HKLM\...\XCell Compiler) (Version: 2.3.6 - DoneEx)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc. -> SugarSync, Inc.)
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-01-22] (AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc. -> SugarSync, Inc.)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files\IObit\IObit Unlocker\IObitUnlockerExtension.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-01-22] (AIMP DevTeam)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files\IObit\IObit Unlocker\IObitUnlockerExtension.dll -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2012-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc. -> SugarSync, Inc.)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files\IObit\IObit Unlocker\IObitUnlockerExtension.dll -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {006A8993-78AC-45C6-9CDB-8EEC94B7CAEC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {1A98C338-38C7-4C81-9BC8-74DD98BEC0C1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {292902AB-606E-46EE-98FF-F59D7A329613} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {3574DA2E-9638-42B0-B302-E0FC44BD852B} - System32\Tasks\AdobeAAMUpdater-1.0-broz-nb-Ivo Brož => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-12-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {415851D0-1958-40B9-B343-5BBF36E7E21C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {67C1C463-2F04-46C1-85E6-C7DC7E7EF286} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {709F5BE2-8B43-4614-BCF3-A4438986850B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {8A4AEB9C-4A3D-414C-B18A-47DC38104B57} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Microsoft Windows -> Společnost Microsoft)
Task: {92751818-17C1-4488-817A-09FABD01B171} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AFE10FAC-B0EF-48BA-BE00-570D27EAED91} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {BE5A01FD-811C-4A69-8B94-406CF3E511C2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-12-12] (AVAST Software s.r.o. -> AVAST Software)
Task: {DBF56899-01E2-43F2-80C6-88C327E243AF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) ==============
2016-03-22 13:33 - 2013-06-07 02:06 - 001147392 _____ () C:\Program Files\Atomic Alarm Clock\Clock.dll
2014-05-01 15:15 - 2016-11-30 06:05 - 000564736 _____ () C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll
2008-08-13 20:59 - 2008-08-13 20:59 - 000100920 _____ () C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
2018-12-12 17:33 - 2018-12-12 17:33 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2019-02-05 16:21 - 2019-02-05 16:21 - 005773456 _____ () C:\Program Files\AVAST Software\Avast\defs\19020502\algo.dll
2016-01-31 09:53 - 2012-09-18 15:26 - 000169472 _____ () C:\Windows\System32\zlhp1020.dll
2016-01-31 09:54 - 2012-09-18 15:26 - 000059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2016-03-22 13:33 - 2013-04-24 18:20 - 002007040 _____ () C:\Program Files\Atomic Alarm Clock\timeserv.exe
2015-12-28 12:06 - 2003-10-23 04:17 - 000069120 _____ () C:\Users\Ivo Brož\Disk Mega\Správce\Timery\AlphaClock\aclock.exe
2016-02-20 07:59 - 2016-02-17 08:02 - 000020352 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll
2015-11-13 12:57 - 2015-11-13 12:57 - 002739240 _____ () C:\Program Files\Rainlendar2\Rainlendar2.exe
2015-08-14 07:31 - 2015-08-14 07:31 - 000252928 _____ () C:\Program Files\Rainlendar2\libical.dll
2015-08-14 07:31 - 2015-08-14 07:31 - 000051200 _____ () C:\Program Files\Rainlendar2\libicalss.dll
2014-05-04 11:48 - 2014-05-04 11:48 - 000197632 _____ () C:\Program Files\Rainlendar2\lua52.dll
2015-11-13 12:57 - 2015-11-13 12:57 - 000068136 _____ () C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
2015-11-13 12:58 - 2015-11-13 12:58 - 000235560 _____ () C:\Program Files\Rainlendar2\plugins\GoogleCalendarPlugin.dll
2014-05-04 11:49 - 2014-05-04 11:49 - 000027648 _____ () C:\Program Files\Rainlendar2\lfs.dll
2017-11-12 16:23 - 2012-06-08 20:40 - 001086176 _____ () C:\Program Files\Winstep\wodTelnetDLX.dll
2017-11-21 07:15 - 2017-11-21 07:15 - 048936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2019-02-05 16:21 - 000000877 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Samsung\Samsung PC Studio 3\
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.150.237 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{08DD6062-1E2E-451B-B20A-60F7C9FFDBA9}] => (Allow) LPort=80
FirewallRules: [{B273ED47-F80D-406A-8F16-347EC8EC5446}] => (Allow) LPort=80
FirewallRules: [{4FB3F07B-0DCA-4802-87AC-EDA5D601DFA3}] => (Allow) LPort=80
FirewallRules: [TCP Query User{DD36DB1F-250E-41A5-A85B-EF47F7ACC859}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.)
FirewallRules: [UDP Query User{DA72B481-3B69-48D1-9F28-0424C9153B59}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.)
FirewallRules: [TCP Query User{583183BD-09D8-4E27-8881-A8EA81ACAF36}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.)
FirewallRules: [UDP Query User{2B79F693-9213-46F9-AE06-9FFCDA0323BD}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.)
FirewallRules: [{DE774DC2-BD32-4AC5-8DEA-92A29216FF8C}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CE2F8922-23C5-476B-B1CD-98AFB31BC2F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DEEC08F7-A0B9-43A2-BB48-092997BAD930}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{0E27ED6F-61DB-4900-9BAA-A27CCED0D5B9}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{62B1331D-7951-4A39-801E-53C7D203B7A8}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [{03CC05EC-281A-4BEB-88D0-B21E4B0754E6}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe (Tarlogic Security SL -> Tarlogic Security S.L.)
FirewallRules: [{1F1A5A56-AA1F-47B4-8733-3B57654860F6}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe (Tarlogic Security SL -> Tarlogic Security S.L.)
FirewallRules: [{1E0AA980-0B4B-46F1-BB8F-AE80D9CD5E40}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{57622297-F076-4654-8D29-F77D549215D2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{62F07C6D-43D9-4BB6-B3AE-3006F15FF0F0}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{64C4E2B3-6157-4F8D-9490-71ABD433DB24}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [TCP Query User{08E96C80-D5CC-4816-AB74-2F79918D1346}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [UDP Query User{FD23FA26-F72A-44A4-8CDA-A29EE1F0CCA0}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [TCP Query User{AEEEBF1B-B63B-419F-82DC-82FA54D36845}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [UDP Query User{D7140E4C-C781-4BC7-B9E7-ED7D0F23DBDA}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [{02EFEA7A-004D-4AC5-A87B-428406B2271E}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{79CA22F6-0B16-44C3-8777-D41D83E9A2EF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{F6987523-D159-487E-801C-64C072D57CF4}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{39789F12-1381-4CBC-8D61-FD0B6AEF7043}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{A2581BC8-DD79-423B-816E-303087E30B50}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{40C642FD-2269-405E-89A2-33792ADD9A68}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
==================== Restore Points =========================
05-02-2019 09:55:42 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/05/2019 08:20:34 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\IVO BROŽ\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\RXBGIG8Q.DEFAULT\SAFEBROWSING-TO_DELETE> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (02/05/2019 08:20:33 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\IVO BROŽ\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\RXBGIG8Q.DEFAULT\SAFEBROWSING> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (02/05/2019 08:20:33 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\IVO BROŽ\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\RXBGIG8Q.DEFAULT\SAFEBROWSING> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (02/05/2019 08:16:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/05/2019 03:26:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/04/2019 08:12:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/04/2019 08:07:57 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\IVO BROŽ\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\RXBGIG8Q.DEFAULT\SAFEBROWSING-TO_DELETE> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (02/04/2019 08:07:56 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\IVO BROŽ\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\RXBGIG8Q.DEFAULT\SAFEBROWSING-TO_DELETE> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
System errors:
=============
Error: (02/05/2019 08:18:53 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY)
Description: Event-ID 1001
Error: (02/05/2019 08:16:15 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom
Error: (02/05/2019 08:15:06 AM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT AUTHORITY)
Description: Event-ID 412
Error: (02/05/2019 08:14:53 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (8:14:01, 5.2.2019) bylo neočekávané.
Error: (02/05/2019 03:30:21 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY)
Description: Event-ID 1001
Error: (02/05/2019 03:28:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/05/2019 03:28:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Google Update (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (02/05/2019 03:26:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswbIDSAgent neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
CodeIntegrity:
===================================
Date: 2017-11-26 20:16:33.748
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:33.551
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:33.353
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:33.123
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:32.732
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.1.7601.17514_none_7194784c1e85df7d\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:32.536
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.1.7601.17514_none_7194784c1e85df7d\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:32.336
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.1.7601.17514_none_7194784c1e85df7d\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-26 20:16:32.103
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.1.7601.17514_none_7194784c1e85df7d\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
Percentage of memory in use: 72%
Total physical RAM: 3070.16 MB
Available physical RAM: 842.54 MB
Total Virtual: 6355.34 MB
Available Virtual: 3878.88 MB
==================== Drives ================================
Drive c: (VistaOS) (Fixed) (Total:298.09 GB) (Free:1.62 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (SSD) (Fixed) (Total:111.79 GB) (Free:5.64 GB) NTFS
Drive e: (My CDROM) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 03DA0763)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: 92A1476C)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Dík, Ivo.
Re: Samovolné restarty NB
Mozete mi napisat, aky program/programy zatazuju system najviac?
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Přispějete na provoz fóra?