Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu záseky systému, kolečko nejde vypnout

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
hrdinaj
Návštěvník
Návštěvník
Příspěvky: 198
Registrován: 14 zář 2010 19:44

Prosím o kontrolu záseky systému, kolečko nejde vypnout

#1 Příspěvek od hrdinaj »

Logfile of random's system information tool 1.10 (written by random/random)
Run by m at 2019-02-06 10:52:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 264 GB (28%) free of 954 GB
Total RAM: 8010 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:52:40, on 6.2.2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18894)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\m\Downloads\esetonlinescanner_csy.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleFirefoxHost.exe
C:\Program Files\Bandizip\updater.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
C:\Program Files\trend micro\m.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [dvd43] C:\Program Files (x86)\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SFM 4 B2 Mouse Driver] C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [KiesPDLR.exe] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-437069544-115546471-2938306295-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-437069544-115546471-2938306295-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Mediatek Wireless Utility.lnk = C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe
O4 - Global Startup: SPDriverInstall.lnk = ?
O8 - Extra context menu item: Download all with FDM - file://C:/Program Files/FreeDownloadManager.ORG/Free Download Manager/dlall.htm
O8 - Extra context menu item: Download selected with FDM - file://C:/Program Files/FreeDownloadManager.ORG/Free Download Manager/dlselected.htm
O8 - Extra context menu item: Download with FDM - file://C:/Program Files/FreeDownloadManager.ORG/Free Download Manager/dllink.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://www.samsungsetup.com
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - https://adisepo.mfcr.cz/adistc/adis/idp ... tsignx.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\elevation_service.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: InCD Helper (InCDSrv) - Nero AG - C:\Program Files (x86)\Nero\Tools\InCD\InCDSrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MediatekRegistryWriter - Mediatek Inc. - C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe
O23 - Service: MediatekRegistryWriter64 - Mediatek Inc. - C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files (x86)\Nero\Tools\InCD\NBHRegInCDSrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ralink UPnP Media Server (RaMediaServer) - Ralink - C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service2 - Unknown owner - C:\Windows\System32\SUPDSvc2.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 14 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14806 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files (x86)\Nero\Tools\InCD\InCDSrv.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"taskhost.exe"
taskeng.exe {29CE573B-267D-4239-8E9B-BDA4A2B27DA6}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe"
"C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe"
"C:\Program Files (x86)\Nero\Tools\InCD\NBHRegInCDSrv.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
taskeng.exe {CEA378EA-C7BD-4ED4-A09A-C08A3F16D210}
"C:\Program Files\Software Informer\softinfo.exe" -service
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Program Files\WinZip\WzPreloader.exe"
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
"C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" Run
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe"
"C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe" -s
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
AvastUI.exe /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe -Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe" -servicelaunch=true
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Users\m\Downloads\esetonlinescanner_csy.exe" EULA UPDATED
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="9508.0.648119334\400247890" -parentBuildID 20190124174741 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - "C:\Users\m\AppData\LocalLow\Mozilla\Temp-{8c640b68-9aa3-4fb1-b293-a7722203af41}" 9508 "\\.\pipe\gecko-crash-server-pipe.9508" 1160 gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="9508.6.1401578408\334531787" -childID 1 -isForBrowser -prefsHandle 2424 -prefMapHandle 2116 -prefsLen 1 -prefMapSize 194675 -schedulerPrefs 0001,2 -parentBuildID 20190124174741 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 9508 "\\.\pipe\gecko-crash-server-pipe.9508" 1888 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="9508.13.1650281216\431282187" -childID 2 -isForBrowser -prefsHandle 2644 -prefMapHandle 2376 -prefsLen 35 -prefMapSize 194675 -schedulerPrefs 0001,2 -parentBuildID 20190124174741 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 9508 "\\.\pipe\gecko-crash-server-pipe.9508" 2260 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="9508.20.1094869661\1684364528" -childID 3 -isForBrowser -prefsHandle 2808 -prefMapHandle 2812 -prefsLen 1362 -prefMapSize 194675 -schedulerPrefs 0001,2 -parentBuildID 20190124174741 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 9508 "\\.\pipe\gecko-crash-server-pipe.9508" 2824 tab
"C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleFirefoxHost.exe" "C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleFirefoxHost_manifest.json" firefoxdav@icloud.com
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="9508.27.1331214208\1206569201" -childID 4 -isForBrowser -prefsHandle 3040 -prefMapHandle 3036 -prefsLen 7230 -prefMapSize 194675 -schedulerPrefs 0001,2 -parentBuildID 20190124174741 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 9508 "\\.\pipe\gecko-crash-server-pipe.9508" 3696 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="9508.34.2078655397\1725588278" -childID 5 -isForBrowser -prefsHandle 7800 -prefMapHandle 7900 -prefsLen 7230 -prefMapSize 194675 -schedulerPrefs 0001,2 -parentBuildID 20190124174741 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 9508 "\\.\pipe\gecko-crash-server-pipe.9508" 7872 tab
"C:\Program Files\Bandizip\Bandizip.exe" "C:\Users\m\Downloads\fwpoptvka.zip"
"C:\Program Files\Bandizip\updater.exe"
"C:\Program Files\Bandizip\Bandizip.exe" "C:\Users\m\Downloads\fwpoptvka.zip"
"C:\Program Files\Bandizip\Bandizip.exe" "C:\Users\m\Downloads\fwpoptvka.zip"
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\m\AppData\Local\Temp\BNZ.5c5aa9a1221b0f\podia + střechy obrázek.pdf"
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" --type=renderer "C:\Users\m\AppData\Local\Temp\BNZ.5c5aa9a1221b0f\podia + střechy obrázek.pdf"
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --locale=cs_cz --backgroundcolor=16514043
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=887559062088F51FA141A168FF31D255 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=887559062088F51FA141A168FF31D255 --renderer-client-id=8 --mojo-platform-channel-handle=1632 --allow-no-sandbox-job /prefetch:1
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=3FCC82D1EA0235B79003B78D058B41B8 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=3FCC82D1EA0235B79003B78D058B41B8 --renderer-client-id=10 --mojo-platform-channel-handle=1400 --allow-no-sandbox-job /prefetch:1
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=12A38D5A3EED3C65997AE2985903E0DE --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=12A38D5A3EED3C65997AE2985903E0DE --renderer-client-id=12 --mojo-platform-channel-handle=1060 --allow-no-sandbox-job /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\m\Downloads\RSITx64(1).exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\WinThruster64-m-Notification.job - C:\Program Files\Solvusoft\WinThruster\Sync.exe

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

hrdinaj
Návštěvník
Návštěvník
Příspěvky: 198
Registrován: 14 zář 2010 19:44

Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout

#3 Příspěvek od hrdinaj »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-01-31.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-06-2019
# Duration: 00:00:17
# OS: Windows 7 Home Premium
# Cleaned: 48
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\IObit\Advanced SystemCare V7
Deleted C:\Users\m\AppData\Roaming\IObit\Advanced SystemCare V7
Deleted C:\ProgramData\IObit\Advanced SystemCare V8
Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare V8
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare V8
Deleted C:\Users\m\AppData\LocalLow\IObit\Advanced SystemCare V8
Deleted C:\Users\m\AppData\Roaming\IObit\Advanced SystemCare V8
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro
Deleted C:\Program Files\FileViewPro
Deleted C:\Users\m\AppData\Local\FileViewPro
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\m\AppData\Roaming\Seznam.cz
Deleted C:\ProgramData\Solvusoft
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solvusoft
Deleted C:\Program Files\Solvusoft
Deleted C:\Program Files (x86)\Solvusoft
Deleted C:\Users\m\AppData\Roaming\Solvusoft

***** [ Files ] *****

Deleted C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\2lies6hh.default-1435645450628\searchplugins\avg-secure-search.xml

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Run|CommonToolkitTray_Solvusoft
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Run|hshhsaaaws
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{80107F16-CB2E-42AB-AB9D-6C11540D5A8B}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{80107F16-CB2E-42AB-AB9D-6C11540D5A8B}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\FileViewPro_is1
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\61F70108E2BCBA24BAD9C61145D0A5B8
Deleted HKLM\Software\Classes\Installer\Products\61F70108E2BCBA24BAD9C61145D0A5B8
Deleted HKLM\Software\Classes\Installer\Features\61F70108E2BCBA24BAD9C61145D0A5B8
Deleted HKLM\SOFTWARE\Classes\Applications\WinThrusterSetup.exe
Deleted HKLM\Software\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Deleted HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Deleted HKLM\Software\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Deleted HKLM\Software\Classes\Interface\{0BBF19A5-BE50-4E06-A340-6777A505E490}
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cz.seznam.software.szndesktop
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cz.seznam.software.autoupdate
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\seznam-listicka-distribuce
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinThruster
Deleted HKCU\Software\Solvusoft
Deleted HKLM\Software\Solvusoft
Deleted HKLM\SOFTWARE\CLASSES\APPLICATIONS\SolvusoftTray.exe
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\WinThruster.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WinThruster.exe
Deleted HKLM\Software\Common Toolkit Suite
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5556309623D8EAC478D3B24F6A68D7B0
Deleted HKLM\Software\Classes\Installer\UpgradeCodes\5556309623D8EAC478D3B24F6A68D7B0

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email
Deleted Seznam doplněk - Esko

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5650 octets] - [06/02/2019 11:12:38]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout

#4 Příspěvek od Diallix »

Poprosim o nove logy FRST ADDITION.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

hrdinaj
Návštěvník
Návštěvník
Příspěvky: 198
Registrován: 14 zář 2010 19:44

Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout

#5 Příspěvek od hrdinaj »

Logfile of random's system information tool 1.10 (written by random/random)
Run by m at 2019-02-06 11:29:48
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 264 GB (28%) free of 954 GB
Total RAM: 8010 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:29:50, on 6.2.2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18894)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleFirefoxHost.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\m.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [dvd43] C:\Program Files (x86)\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SFM 4 B2 Mouse Driver] C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [KiesPDLR.exe] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-437069544-115546471-2938306295-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-437069544-115546471-2938306295-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Mediatek Wireless Utility.lnk = C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe
O4 - Global Startup: SPDriverInstall.lnk = ?
O8 - Extra context menu item: Download all with FDM - file://C:/Program Files/FreeDownloadManager.ORG/Free Download Manager/dlall.htm
O8 - Extra context menu item: Download selected with FDM - file://C:/Program Files/FreeDownloadManager.ORG/Free Download Manager/dlselected.htm
O8 - Extra context menu item: Download with FDM - file://C:/Program Files/FreeDownloadManager.ORG/Free Download Manager/dllink.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://www.samsungsetup.com
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - https://adisepo.mfcr.cz/adistc/adis/idp ... tsignx.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\elevation_service.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: InCD Helper (InCDSrv) - Nero AG - C:\Program Files (x86)\Nero\Tools\InCD\InCDSrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MediatekRegistryWriter - Mediatek Inc. - C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe
O23 - Service: MediatekRegistryWriter64 - Mediatek Inc. - C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files (x86)\Nero\Tools\InCD\NBHRegInCDSrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ralink UPnP Media Server (RaMediaServer) - Ralink - C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service2 - Unknown owner - C:\Windows\System32\SUPDSvc2.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 14 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14230 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files (x86)\Nero\Tools\InCD\InCDSrv.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
taskeng.exe {17FD89D8-3941-48A2-BF65-D02415BECD91}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe" -servicelaunch=true
"taskhost.exe"
taskeng.exe {CEC7959E-19C3-4886-902A-3150AE061359}
"C:\Program Files\Software Informer\softinfo.exe" -service
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Program Files\WinZip\WZUpdateNotifier.exe"
"C:\Program Files\WinZip\WzPreloader.exe"
AvastUI.exe /nogui
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" Run
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe"
"C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe" -s
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe"
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe"
"C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe"
"C:\Program Files (x86)\Nero\Tools\InCD\NBHRegInCDSrv.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4232.0.961585515\1829716907" -parentBuildID 20190124174741 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - "C:\Users\m\AppData\LocalLow\Mozilla\Temp-{8c640b68-9aa3-4fb1-b293-a7722203af41}" 4232 "\\.\pipe\gecko-crash-server-pipe.4232" 1188 gpu
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4232.6.1314501824\433852664" -childID 1 -isForBrowser -prefsHandle 2444 -prefMapHandle 2440 -prefsLen 1 -prefMapSize 194586 -schedulerPrefs 0001,2 -parentBuildID 20190124174741 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4232 "\\.\pipe\gecko-crash-server-pipe.4232" 2464 tab
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe -Embedding
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4232.20.1833496710\161464588" -childID 3 -isForBrowser -prefsHandle 2780 -prefMapHandle 2784 -prefsLen 177 -prefMapSize 194586 -schedulerPrefs 0001,2 -parentBuildID 20190124174741 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4232 "\\.\pipe\gecko-crash-server-pipe.4232" 2796 tab
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4232.27.102330887\1367784430" -childID 4 -isForBrowser -prefsHandle 3160 -prefMapHandle 3068 -prefsLen 5031 -prefMapSize 194586 -schedulerPrefs 0001,2 -parentBuildID 20190124174741 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4232 "\\.\pipe\gecko-crash-server-pipe.4232" 3124 tab
"C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleFirefoxHost.exe" "C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleFirefoxHost_manifest.json" firefoxdav@icloud.com
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4232.41.1728306628\804736786" -childID 6 -isForBrowser -prefsHandle 7396 -prefMapHandle 7452 -prefsLen 6097 -prefMapSize 194586 -schedulerPrefs 0001,2 -parentBuildID 20190124174741 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4232 "\\.\pipe\gecko-crash-server-pipe.4232" 7404 tab
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\m\Downloads\RSITx64(1).exe"

======Scheduled tasks folder======

C:\Windows\tasks\WinThruster64-m-Notification.job - C:\Program Files\Solvusoft\WinThruster\Sync.exe

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout

#6 Příspěvek od Diallix »

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

hrdinaj
Návštěvník
Návštěvník
Příspěvky: 198
Registrován: 14 zář 2010 19:44

Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout

#7 Příspěvek od hrdinaj »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 4.02.2019
Ran by m (06-02-2019 11:37:40)
Running from C:\Users\m\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2014-11-03 21:10:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-437069544-115546471-2938306295-500 - Administrator - Disabled)
Guest (S-1-5-21-437069544-115546471-2938306295-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-437069544-115546471-2938306295-1003 - Limited - Enabled)
m (S-1-5-21-437069544-115546471-2938306295-1000 - Administrator - Enabled) => C:\Users\m
UpdatusUser (S-1-5-21-437069544-115546471-2938306295-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 17.00 beta (x64) (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov)
Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{CB320215-F4BD-40FD-A209-62B131DA1B82}) (Version: 99.9 - Eyeo GmbH)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Arta Software version 1.8.5 (HKLM-x32\...\ArtaSoftware_is1) (Version: - ARTALABS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 71.0.1037.98 - Autoři prohlížeče Avast Secure Browser)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Bandizip (HKLM\...\Bandizip) (Version: 6.10 - Bandisoft.com)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.7.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG5500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series) (Version: 1.02 - Canon Inc.)
Canon MG5500 series On-screen Manual (HKLM-x32\...\Canon MG5500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - )
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.4.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5666 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DVB Dream version 1.5e (HKLM-x32\...\DVB Dream_is1) (Version: - )
DVD43 v4.6.0 (HKLM-x32\...\DVD43_is1) (Version: - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ETDWare PS/2-X64 10.6.9.9_WHQL (HKLM\...\Elantech) (Version: 10.6.9.9 - ELAN Microelectronic Corp.)
Firefox Preloader (HKLM-x32\...\Firefox Preloader_is1) (Version: 1.0.366.0 - 6XGate Incorporated)
FormatFactory 3.7.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.7.0.0 - Format Factory)
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: - FreeDownloadManager.ORG)
Free MP3 Recorder 1.0 (HKLM-x32\...\{AE84E7FF-4DEC-48EC-BBA9-9A808E48DF8E}_is1) (Version: 1.0 - WordAddin Studio)
Freemore MP3 Cutter 3.8.1 (HKLM-x32\...\Freemore MP3 Cutter_is1) (Version: - FreeMoreSoft, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HOLMImpulse (HKLM\...\{97D1B7D2-4428-4B1A-B676-1C4AC877EC5B}) (Version: 01.04.0200 - HOLM Acoustics)
CHIRP (HKLM-x32\...\CHIRP) (Version: - )
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
ICQ (verze 10.0.12114) (HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\icq.desktop) (Version: 10.0.12114 - ICQ)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2669 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
IPCameraSearchTool version 1.0.0.2 (HKLM-x32\...\{4EABBC6B-B00B-41E1-AA7E-88925CDA6BDE}_is1) (Version: 1.0.0.2 - NEO)
iTunes (HKLM\...\{8C125166-94A1-4721-84CC-C9739E6EA8A7}) (Version: 12.9.3.3 - Apple Inc.)
iTV - televizní program 1.7.756 (HKLM-x32\...\iTV - televizní program_is1) (Version: - Milan Vyšata)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
JPEG Resampler Vs 5.99.99 (HKLM-x32\...\JPEG Resampler_is1) (Version: - David Macek)
KiCad 4.0.5 (HKLM-x32\...\KiCad) (Version: 4.0.5 - KiCad)
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.132 - PandoraTV)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.13 - Acer Inc.)
Lexicon Alpha Driver (HKLM\...\{AAFA253A-08A9-46A8-AB30-B4C26E578424}) (Version: 2.6 - Lexicon) Hidden
Lexicon Alpha Driver (HKLM-x32\...\Lexicon Alpha Driver) (Version: - Lexicon)
Lexicon Pantheon VST Plug-in (remove only) (HKLM-x32\...\LexiconStudio) (Version: - )
Mediatek RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.38.101 - MediatekWiFi)
MediaTek SP Driver version 5.15.24.04 (HKLM\...\MediaTek SP Driver_is1) (Version: 5.15.24.04 - MediaTek.Inc.)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2010 pro podnikatele (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 65.0 (x64 cs) (HKLM\...\Mozilla Firefox 65.0 (x64 cs)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0 - Mozilla)
MP3 Speed Changer 3.01 (HKLM-x32\...\MP3SpeedChanger_is1) (Version: - Crazy Boomerang Software)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multi-channel USB Audio v3.20.0 (HKLM-x32\...\Software_Soundcraft_SoundcraftUSBAudio_Setup) (Version: 3.20.0 - Soundcraft)
Nero InCD (HKLM\...\{59482AA7-3E30-4B5E-A52F-4101DACC2707}) (Version: 6.6.5100 - Nero AG)
Nokia Care Suite 5.0 (HKLM-x32\...\{A0841FEE-879B-4825-86AE-90B8A44021F8}) (Version: 2012.40.5.8 - Nokia)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
NVIDIA Ovladače grafiky 311.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.30 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1930.243 - Trusteer)
Opera Stable 38.0.2220.31 (HKLM-x32\...\Opera 38.0.2220.31) (Version: 38.0.2220.31 - Opera Software)
Opera Stable 57.0.3098.116 (HKLM-x32\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software)
Ovládací panel NVIDIA 311.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 311.30 - NVIDIA Corporation) Hidden
P2P BLOW PC (HKLM-x32\...\{40EF2025-5FDE-4033-AE73-942CBBC2BAFE}) (Version: 3.0.2.6 - hi)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PicosmosTools 1.3.0.0 (HKLM-x32\...\PicosmosTools) (Version: 1.3.0.0 - Free Time)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.9.0 - Prolific Technology INC)
PL-2303 Vista Driver Installer (HKLM-x32\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.2.0.0 - Prolific)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1930.243 - Trusteer) Hidden
REAPER (x64) (HKLM\...\REAPER) (Version: - )
Registrace uživatele zařízení Canon MG5500 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG5500 series) (Version: - ‭Canon Inc.)
Room EQ Wizard 5.16 (HKLM-x32\...\4549-9647-2313-4375) (Version: 5.16 - John Mulcahy)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.45.00(23.5.2014) - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.01.00:36 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
SFM 4 B2 Mouse Driver (HKLM-x32\...\{865865F2-6748-4710-99DC-5248204D8FD4}_is1) (Version: 1.0 - )
Skype verze 8.38 (HKLM-x32\...\Skype_is1) (Version: 8.38 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
Software Informer 1.4.1273.0 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
SpeakerManagement V1.3 (HKLM-x32\...\SpeakerManagement V1.3) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.0.13880 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
UC232A_Win 7_64bit (HKLM-x32\...\{437BDACD-9584-4A01-A814-27EA01B452A6}) (Version: 1.0.082 - Aten International Co., Ltd.)
UV_5R_VIP (HKLM-x32\...\ST6UNST #2) (Version: - )
VDownloader 4.1.1539 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
VirtualDJ LE (N4) (HKLM-x32\...\{70D728E5-253A-4296-8D1E-F37DADA6F3F5}) (Version: 7.0.5 - Atomix Productions)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VUPlayer (HKLM-x32\...\VUPlayer) (Version: - )
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 8.40 - NCH Software)
web control version 3.0.4.0 (HKLM-x32\...\{3D8D219C-0362-457F-B847-2FC07C2BE520}_is1) (Version: 3.0.4.0 - )
WhatsApp (HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\WhatsApp) (Version: 0.2.5371 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (01/27/2014 2.10.00) (HKLM\...\A360E2EA788FFC586113AFE1F2AABF01EBE7A248) (Version: 01/27/2014 2.10.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (01/27/2014 2.10.00) (HKLM\...\42F5D8399C4B7EB9005D88E9045ABB1A715CD59A) (Version: 01/27/2014 2.10.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Wings 3D 2.1.5 (HKLM-x32\...\Wings 3D 2.1.5) (Version: - )
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinZip 21.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410F}) (Version: 21.5.12480 - WinZip Computing, S.L. )
wOBD (HKLM-x32\...\ST6UNST #1) (Version: - )
Yamaha USB-MIDI Driver (HKLM\...\{2D488455-3E89-49EF-BA6E-92C2503DC89D}) (Version: 3.1.4.1 - Yamaha Corporation) Hidden
Yamaha USB-MIDI Driver (HKLM-x32\...\InstallShield_{2D488455-3E89-49EF-BA6E-92C2503DC89D}) (Version: 3.1.4.1 - Yamaha Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-437069544-115546471-2938306295-1000_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl64.dll (Bandisoft -> Bandisoft.com)
CustomCLSID: HKU\S-1-5-21-437069544-115546471-2938306295-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ShellIconOverlayIdentifiers-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers1: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers1: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => -> No File
ContextMenuHandlers1: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-19] (Corel Corporation -> WinZip Computing, S.L.)
ContextMenuHandlers2: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers2: [InCDShellExt] -> {09bffb91-ecda-4149-bcfd-d87a345c219e} => C:\Program Files\Nero\Tools\InCD\InCDshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers2: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers4: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers4: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-19] (Corel Corporation -> WinZip Computing, S.L.)
ContextMenuHandlers5: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-02-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-19] (Corel Corporation -> WinZip Computing, S.L.)
ContextMenuHandlers1_S-1-5-21-437069544-115546471-2938306295-1000: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers2_S-1-5-21-437069544-115546471-2938306295-1000: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers4_S-1-5-21-437069544-115546471-2938306295-1000: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers5_S-1-5-21-437069544-115546471-2938306295-1000: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C51C327-9E18-481E-8194-45FC00B1F650} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {0C996BD2-9C49-4A0F-B792-4E50A1F8D30A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {11ADFA52-B4FB-4F70-A387-BAC8CD635106} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {15819AD5-E153-4F8D-AB3F-D043A95E8890} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
Task: {287CB1BA-7C34-4DFC-B6A8-99BD24065573} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc -> Google Inc.)
Task: {543F12F2-DCA1-49D8-89A3-D49494B804DF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {55332257-EA06-49C3-82A5-BA19DEEF45DE} - System32\Tasks\WinThruster64-m-Notification => C:\Program Files\Solvusoft\WinThruster\Sync.exe <==== ATTENTION
Task: {564A30B6-AB9B-47AE-8A60-9C553EB8A1F5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc -> Google Inc.)
Task: {5A1F9590-A9BF-4081-8A48-91C09BC9AE91} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd -> Piriform Ltd)
Task: {5BC44BC8-277D-4534-A828-EC6BA64EE5B8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {69855024-184A-4E92-8E54-EEB6097BA5EA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {92C2D418-D10A-4430-B362-208E4FEC92E2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A413B4F4-B7DA-4B15-91E6-A2A1DCEDACC3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer Networking Ltd. -> Safer-Networking Ltd.)
Task: {A8C24962-0FF0-45FD-8362-252A11C00111} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {AF3B488E-FDBD-4777-88DD-4CD66D915A08} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2015-03-30] (Informer Technologies, Inc.)
Task: {B00FE2D2-28D4-4E0C-B79F-386DE6BC8099} - System32\Tasks\Opera scheduled Autoupdate 1415390993 => c:\program files (x86)\opera\launcher.exe [2019-01-09] (Opera Software AS -> Opera Software)
Task: {B4A9E5E5-C44F-4152-BD47-DE26A615A8AD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {B832EFFE-E7E7-434B-A0D3-6345A9D1EC98} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C057EADB-886A-4CF5-978A-CC5D496CED3D} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {CC4A4CC9-B09D-4644-9389-E6F4DC92729E} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2017-04-19] (WinZip)
Task: {E36B06F1-CC42-4603-99EB-2613FA943AF9} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2019-01-15] (Apple Inc. -> Apple Inc.)
Task: {F1752DA7-A09C-40AC-AE21-55E19174BA32} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\WinThruster64-m-Notification.job => C:\Program Files\Solvusoft\WinThruster\Sync.exe <==== ATTENTION

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

Shortcut: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com
Shortcut: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com

ShortcutWithArgument: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\m\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768

==================== Loaded Modules (Whitelisted) ==============

2014-11-04 21:23 - 2013-02-20 20:24 - 000087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2019-01-17 09:23 - 2019-01-17 09:23 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-02-06 08:53 - 2019-02-06 08:53 - 006953616 _____ () C:\Program Files\AVAST Software\Avast\defs\19020506\algo64.dll
2019-01-17 09:23 - 2019-01-17 09:23 - 000550792 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2019-01-17 09:23 - 2019-01-17 09:23 - 001967496 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2019-01-17 09:24 - 2019-01-17 09:24 - 001175944 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2015-11-25 13:20 - 2011-04-11 06:26 - 000034304 _____ () C:\Windows\System32\spd__l.dll
2012-02-28 09:07 - 2012-02-28 09:07 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2019-01-17 09:24 - 2019-01-17 09:24 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-23 16:33 - 2019-01-23 16:33 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2019-01-23 16:33 - 2019-01-23 16:33 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 002160128 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avformat-57.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 012621312 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avcodec-57.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 000139264 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swresample-2.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 000484352 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avutil-55.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 002111488 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avfilter-6.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 000663040 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swscale-4.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 000071168 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\postproc-54.dll
2017-01-31 22:23 - 2016-10-13 16:36 - 065771520 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libcef.dll
2017-01-31 22:23 - 2016-10-13 16:36 - 002129920 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libglesv2.dll
2017-01-31 22:23 - 2016-10-13 16:36 - 000087040 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libegl.dll
2019-01-09 10:28 - 2018-05-14 17:58 - 000614400 _____ () C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe
2017-04-11 03:17 - 2017-04-11 03:17 - 000192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2015-01-04 19:54 - 2013-05-14 10:50 - 000140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-10-23 20:19 - 2018-09-10 15:12 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-06-02 14:51 - 2015-06-02 14:51 - 000545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2019-01-15 01:28 - 2019-01-15 01:28 - 001042744 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2018-01-05 00:14 - 2018-01-05 00:14 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2019-01-15 01:28 - 2019-01-15 01:28 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2017-05-17 17:36 - 2014-08-06 03:37 - 001203856 _____ () C:\Program Files (x86)\MediatekWiFi\Common\RaWLAPI.dll
2019-01-09 10:28 - 2018-06-15 09:11 - 000057344 _____ () C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\lan.dll
2019-01-09 10:28 - 2018-05-05 17:26 - 000040960 _____ () C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\KBHook.dll
2016-10-31 21:23 - 2014-05-13 12:04 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-10-31 21:23 - 2014-05-13 12:04 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-10-31 21:23 - 2014-05-13 12:04 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-10-31 21:23 - 2012-08-23 10:38 - 000574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-10-31 21:23 - 2012-04-03 17:06 - 000565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\samsungsetup.com -> hxxp://www.samsungsetup.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-02-06 10:52 - 000000053 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\VDownloader
HKU\S-1-5-21-437069544-115546471-2938306295-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\m\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 178.17.0.11 - 178.17.0.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Firefox Preloader.lnk => C:\Windows\pss\Firefox Preloader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Soundcraft USB Audio Control Panel Autostart.lnk => C:\Windows\pss\Soundcraft USB Audio Control Panel Autostart.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Soundcraft USB Control Panel.lnk => C:\Windows\pss\Soundcraft USB Control Panel.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^m^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk => C:\Windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk.Startup
MSCONFIG\startupreg: AvgUi => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
MSCONFIG\startupreg: BlazeServoTool => "C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe"
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MSCONFIG\startupreg: icq.desktop => "C:\Users\m\AppData\Roaming\ICQ\bin\icq.exe" /startup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: SpyEmergency => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1445AB92-FC2D-4D9A-B4B8-4B0F690A836F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B7735037-14F6-4CC4-BC1A-40E93C847C17}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D3518227-15BA-4E13-AA38-31BD481FFF72}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{47FFF7A7-F96B-4E49-9BBB-CF96369C5DB0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{E88AE31C-5FE0-4E92-BCD8-6299B913EA52}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{206325AE-8C1E-48E2-B6EF-F3A4C13FC7B0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D0AA8663-AA6E-4E92-A593-F80760D7033A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{957F6428-E58A-472D-BF64-7ABFB3117530}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FAF6C809-9CDA-4CDC-AC27-00958FB26445}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2969165D-0CEA-483E-B95B-36F3EE83DCD7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B9718987-A706-4E5E-B197-F06A46C9ADCE}] => (Allow) C:\Windows\System32\SUPDSvc2.exe (Samsung Electronics CO., LTD. -> Samsung Electronics)
FirewallRules: [{E0EF0E0B-773B-427F-8F5D-015BF05B1741}] => (Allow) C:\Windows\System32\SUPDSvc2.exe (Samsung Electronics CO., LTD. -> Samsung Electronics)
FirewallRules: [TCP Query User{F925D4D7-4FB9-470F-B561-30D4C27084EE}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe (chen jun hao -> Picosmos)
FirewallRules: [UDP Query User{DF37F468-0F30-4483-AD8A-EBF3298C0E1B}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe (chen jun hao -> Picosmos)
FirewallRules: [TCP Query User{DC6D1239-988B-48B1-A6D8-5E4451BB67DE}C:\program files (x86)\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\formatfactory\formatfactory.exe (chen jun hao -> Free Time)
FirewallRules: [UDP Query User{8784F955-8CF5-4600-8911-E98C31689AF3}C:\program files (x86)\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\formatfactory\formatfactory.exe (chen jun hao -> Free Time)
FirewallRules: [{2C28C83C-CE44-42B9-BE86-FCE7BFD36AF3}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{5842C6AB-DC34-4CD7-9DB2-5F1C39E8207C}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{F1152C46-4681-49D8-940D-FD558204923A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{7B2AD1CA-231F-4BFC-BF47-DDBF5A0B07C0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{3BB0E174-CE0C-4934-B89C-826298115763}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{CA1623C8-6835-4127-A9ED-71F213912254}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{E2C9C1C5-005D-4D45-B1AC-1874205DCC6B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{255820FD-7323-4746-994D-ADE21D827566}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{4F8AF6C3-30FE-4B47-8668-ECCB7164BA6A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe (CryptCATAdminCalcHashFromFileHandle failed to return cbHash, #2 -> Samsung Electronics Co., Ltd.)
FirewallRules: [{C1AE4854-1F07-4FB5-B5B1-612F4495D0D5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe (CryptCATAdminCalcHashFromFileHandle failed to return cbHash, #2 -> Samsung Electronics Co., Ltd.)
FirewallRules: [{89885AB9-CF7F-430E-82C6-52B0592A8550}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{F0ABDE51-B6D7-41D8-B120-7CB58E2EF63D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{766E061C-A817-44D3-9B35-723D42ACB92A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe (Samsung Electronics CO., LTD. -> ScanProcess)
FirewallRules: [{5C34C3B6-A77A-4229-8331-332D9A491609}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe (Samsung Electronics CO., LTD. -> ScanProcess)
FirewallRules: [{69569208-7DBF-453C-9995-454C45468075}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe (Samsung Electronics CO., LTD. -> Scan2PCNotify)
FirewallRules: [{23879F8F-C9F2-4EC0-AE7C-1616030A7DE2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe (Samsung Electronics CO., LTD. -> Scan2PCNotify)
FirewallRules: [{DE3E7CFE-E1BF-4A95-B2EB-DF8142344201}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{FE1A7505-155B-450F-8EA0-E96C14AAA5A2}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{5D9B9FA3-7AD0-4229-8BE6-48C8E5CB7BF6}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe ()
FirewallRules: [UDP Query User{1ED373B2-C8AF-40B9-B6E4-31FC4A6CDF43}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe ()
FirewallRules: [{5A9DAF23-1BDA-4D22-B042-5B73C51033FC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{70726B43-9489-46B2-BBE6-BBFE111FE70B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4BC76D47-DA8A-40B2-B030-0149EF164B58}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{861CA53B-C3DA-44F0-827A-D5E7ACB5CAFA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{4CB14BCD-F281-40DB-8244-27252D716E16}C:\program files (x86)\ipcamerasearchtool\searchtool.exe] => (Allow) C:\program files (x86)\ipcamerasearchtool\searchtool.exe ()
FirewallRules: [UDP Query User{BFEB0B56-1E32-4ABA-AFD9-C4F9DE4DAAC5}C:\program files (x86)\ipcamerasearchtool\searchtool.exe] => (Allow) C:\program files (x86)\ipcamerasearchtool\searchtool.exe ()
FirewallRules: [{9763EE5A-4224-4C22-8580-019A896BD084}] => (Block) C:\program files (x86)\ipcamerasearchtool\searchtool.exe ()
FirewallRules: [{482391F7-5765-4453-A227-E962EAA3775E}] => (Block) C:\program files (x86)\ipcamerasearchtool\searchtool.exe ()
FirewallRules: [{E9CB7E75-A617-4692-A21A-EEB3D262C24E}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (Softdeluxe Ltd. -> FreeDownloadManager.org)
FirewallRules: [{979B30FB-1233-4A70-B73E-4D06E4267750}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (Softdeluxe Ltd. -> FreeDownloadManager.org)
FirewallRules: [{FF7F1723-77C8-4EAD-8F57-D5AC57A5B862}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe (Ralink)
FirewallRules: [{C90EE39F-A3A7-45A2-8BCB-AE5DDCE6EC43}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe (Ralink)
FirewallRules: [{DB8965D5-20DE-4C07-8B5E-CBDAAC621692}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe (MEDIATEK INC. -> Mediatek Inc.)
FirewallRules: [TCP Query User{C462EB39-23FE-453F-93E4-EE1F68AFF93B}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{9C96CCC4-DA6F-4B64-A52E-C237FF178C63}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [TCP Query User{8758BCD8-75E3-4363-A89A-497F572C0A70}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{B1C0C7DC-5BB5-4966-9116-01E16198D1A0}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [{5C51827B-E6BE-46A9-9178-81B3F4C585CD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B0DBC307-3A18-4667-930E-962FE47E6B43}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{CFD45019-6B43-416F-A72B-53BD0257AE48}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C3F7E535-E896-4554-AD9A-32B4D49D5BAC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{CA08D84A-C7AE-4A3D-85A6-6E9A2555341D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F738F4B4-DD69-4F32-9FE6-83A00DC14AF5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F2FDE267-D526-4B44-AAFD-9C4BC8DE7BD4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{365C2984-9886-4DCE-84E8-DD0C25052502}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [UDP Query User{4B0C1C79-A5E7-4C91-83DA-F90EF6B5DFF6}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F037DB64-4874-4CD8-BCD9-DE01D6532CF8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{AF1C28C7-07F0-4635-A10A-F591363C6605}] => (Allow) c:\program files (x86)\opera\57.0.3098.106\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{C732C861-AA83-4321-87F3-376FBE461D61}] => (Allow) c:\program files (x86)\opera\57.0.3098.116\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{AB646575-766D-43DB-8D9F-6E84602A80F3}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{67B189C0-45C8-46F8-8C08-E17BA5471F2F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{A6746D53-8E30-4A4B-9708-94961D52283F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{B7F5A355-6827-4160-8C60-FAC4C100C774}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1E09FC95-4BBB-40CD-8CD0-DF2640BBB68E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{821B8B2D-DF90-49BB-BA29-F741FE5CA62A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

18-12-2018 10:20:42 Naplánovaný kontrolní bod
26-12-2018 10:22:03 Naplánovaný kontrolní bod
04-01-2019 20:55:27 Naplánovaný kontrolní bod
11-01-2019 09:16:28 Installed Rapport
21-01-2019 09:34:10 Naplánovaný kontrolní bod
28-01-2019 10:59:27 Naplánovaný kontrolní bod
05-02-2019 09:24:41 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/06/2019 11:19:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/06/2019 10:59:57 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (02/06/2019 10:20:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 65.0.0.6963, časové razítko: 0x5c34ddf7
Název chybujícího modulu: xul.dll, verze: 65.0.0.6963, časové razítko: 0x5c34df71
Kód výjimky: 0x80000003
Posun chyby: 0x00000000042d3dfc
ID chybujícího procesu: 0x770
Čas spuštění chybující aplikace: 0x01d4bdfa5889dcd1
Cesta k chybující aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Mozilla Firefox\xul.dll
ID zprávy: 7a99449b-29f0-11e9-ad22-68942328a45a

Error: (02/06/2019 10:00:37 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (02/06/2019 09:56:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/06/2019 09:02:41 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (02/06/2019 08:59:54 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (02/06/2019 08:52:52 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://ctldl.windowsupdate.com/msdownlo ... ootstl.cab>. Došlo k chybě: Neplatné údaje.
.


System errors:
=============
Error: (02/06/2019 11:19:25 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/06/2019 11:19:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Spybot-S&D 2 Scanner Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/06/2019 11:19:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Spybot-S&D 2 Scanner Service bylo dosaženo časového limitu (30000 ms).

Error: (02/06/2019 11:19:03 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 70. Stav interní chyby: 105

Error: (02/06/2019 11:18:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Apple Mobile Device Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/06/2019 11:18:43 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Apple Mobile Device Service bylo dosaženo časového limitu (30000 ms).

Error: (02/06/2019 11:12:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (02/06/2019 11:12:55 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba InCD Helper byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2015-11-27 02:55:34.420
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\ProgramData\eWMiniProe\WMiniPro.exe;folder:C:\Users\m\AppData\Roaming\istartsurf\;process:pid:1036,ProcessStart:130930626677479684;service:WdsManPro
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:

Date: 2015-11-25 16:19:33.708
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\ProgramData\eWMiniProe\WMiniPro.exe;folder:C:\Users\m\AppData\Roaming\istartsurf\;process:pid:1800,ProcessStart:130929380506725339;service:WdsManPro
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:

Date: 2015-11-24 09:34:35.982
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\ProgramData\eWMiniProe\WMiniPro.exe;process:pid:1988,ProcessStart:130918761752753436
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe

Date: 2015-08-21 08:10:44.237
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files (x86)\MiuiTab\BrowerWatchCH.dll;file:C:\Program Files (x86)\MiuiTab\BrowerWatchFF.dll;file:C:\Program Files (x86)\MiuiTab\BrowserAction.dll;file:C:\Program Files (x86)\MiuiTab\conf;file:C:\Program Files (x86)\MiuiTab\defsearchp@gmail.com!1.0.0.1039.xpi;file:C:\Program Files (x86)\MiuiTab\ffsearch_toolbar!1.0.0.1031.xpi;file:C:\Program Files (x86)\MiuiTab\IeWatchDog.dll;file:C:\Program Files (x86)\MiuiTab\install.data;file:C:\Program Files (x86)\MiuiTab\msvcp110.dll;file:C:\Program Files (x86)\MiuiTab\msvcr110.dll;file:C:\Program Files (x86)\MiuiTab\searchProvider.xml;file:C:\Program Files (x86)\MiuiTab\skin\about.png;file:C:\Program Files (x86)\MiuiTab\skin\about_bk.png;file:C:\Program Files (x86)\MiuiTab\skin\btn.png;file:C:\Program Files (x86)\MiuiTab\skin\btn_apply.png;file:C:\Program Files (x86)\MiuiTab\skin\close.png;file:C:\Program Files (x86)\MiuiTab\skin\conf.xml;file:C:\Program Files (x86)\MiuiTab\skin\conf_back.png;file:C:\Program Files (x86)\MiuiTab\skin\input_bk.png;file:C:\
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe

Date: 2015-08-21 08:04:21.468
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\ProgramData\nWinManPron\ProtectWindowsManager.exe;process:pid:1436,ProcessStart:130845279859304763
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe

Date: 2015-04-22 12:57:49.182
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

CodeIntegrity:
===================================

Date: 2016-12-27 18:27:08.665
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-27 18:27:08.579
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-27 18:26:22.818
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-10-24 10:45:08.586
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-24 10:45:08.506
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-24 10:45:08.426
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-21 20:32:02.312
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-21 20:32:02.247
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 58%
Total physical RAM: 8010.36 MB
Available physical RAM: 3361.6 MB
Total Virtual: 16018.88 MB
Available Virtual: 11073.54 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:257.95 GB) NTFS

\\?\Volume{de627543-639c-11e4-b131-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F63ECFB0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ===================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout

#8 Příspěvek od Diallix »

Este poprosim o log FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

hrdinaj
Návštěvník
Návštěvník
Příspěvky: 198
Registrován: 14 zář 2010 19:44

Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout

#9 Příspěvek od hrdinaj »

dditional scan result of Farbar Recovery Scan Tool (x64) Version:13-09-2015 02
Ran by m (2019-02-06 12:21:20)
Running from C:\Users\m\Documents\bordel plocha
Windows 7 Home Premium Service Pack 1 (X64) (2014-11-03 21:10:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-437069544-115546471-2938306295-500 - Administrator - Disabled)
Guest (S-1-5-21-437069544-115546471-2938306295-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-437069544-115546471-2938306295-1003 - Limited - Enabled)
m (S-1-5-21-437069544-115546471-2938306295-1000 - Administrator - Enabled) => C:\Users\m
UpdatusUser (S-1-5-21-437069544-115546471-2938306295-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 17.00 beta (x64) (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov)
Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{CB320215-F4BD-40FD-A209-62B131DA1B82}) (Version: 99.9 - Eyeo GmbH)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Arta Software version 1.8.5 (HKLM-x32\...\ArtaSoftware_is1) (Version: - ARTALABS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 71.0.1037.98 - Autoři prohlížeče Avast Secure Browser)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Bandizip (HKLM\...\Bandizip) (Version: 6.10 - Bandisoft.com)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.7.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG5500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series) (Version: 1.02 - Canon Inc.)
Canon MG5500 series On-screen Manual (HKLM-x32\...\Canon MG5500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - )
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.4.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5666 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DVB Dream version 1.5e (HKLM-x32\...\DVB Dream_is1) (Version: - )
DVD43 v4.6.0 (HKLM-x32\...\DVD43_is1) (Version: - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ETDWare PS/2-X64 10.6.9.9_WHQL (HKLM\...\Elantech) (Version: 10.6.9.9 - ELAN Microelectronic Corp.)
Firefox Preloader (HKLM-x32\...\Firefox Preloader_is1) (Version: 1.0.366.0 - 6XGate Incorporated)
FormatFactory 3.7.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.7.0.0 - Format Factory)
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: - FreeDownloadManager.ORG)
Free MP3 Recorder 1.0 (HKLM-x32\...\{AE84E7FF-4DEC-48EC-BBA9-9A808E48DF8E}_is1) (Version: 1.0 - WordAddin Studio)
Freemore MP3 Cutter 3.8.1 (HKLM-x32\...\Freemore MP3 Cutter_is1) (Version: - FreeMoreSoft, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.23 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HOLMImpulse (HKLM\...\{97D1B7D2-4428-4B1A-B676-1C4AC877EC5B}) (Version: 01.04.0200 - HOLM Acoustics)
CHIRP (HKLM-x32\...\CHIRP) (Version: - )
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
ICQ (verze 10.0.12114) (HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\icq.desktop) (Version: 10.0.12114 - ICQ)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2669 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
IPCameraSearchTool version 1.0.0.2 (HKLM-x32\...\{4EABBC6B-B00B-41E1-AA7E-88925CDA6BDE}_is1) (Version: 1.0.0.2 - NEO)
iTunes (HKLM\...\{8C125166-94A1-4721-84CC-C9739E6EA8A7}) (Version: 12.9.3.3 - Apple Inc.)
iTV - televizní program 1.7.756 (HKLM-x32\...\iTV - televizní program_is1) (Version: - Milan Vyšata)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
JPEG Resampler Vs 5.99.99 (HKLM-x32\...\JPEG Resampler_is1) (Version: - David Macek)
KiCad 4.0.5 (HKLM-x32\...\KiCad) (Version: 4.0.5 - KiCad)
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.132 - PandoraTV)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.13 - Acer Inc.)
Lexicon Alpha Driver (HKLM-x32\...\Lexicon Alpha Driver) (Version: - Lexicon)
Lexicon Alpha Driver (Version: 2.6 - Lexicon) Hidden
Lexicon Pantheon VST Plug-in (remove only) (HKLM-x32\...\LexiconStudio) (Version: - )
Mediatek RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.38.101 - MediatekWiFi)
MediaTek SP Driver version 5.15.24.04 (HKLM\...\MediaTek SP Driver_is1) (Version: 5.15.24.04 - MediaTek.Inc.)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2010 pro podnikatele (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 65.0 (x64 cs) (HKLM\...\Mozilla Firefox 65.0 (x64 cs)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0 - Mozilla)
MP3 Speed Changer 3.01 (HKLM-x32\...\MP3SpeedChanger_is1) (Version: - Crazy Boomerang Software)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multi-channel USB Audio v3.20.0 (HKLM-x32\...\Software_Soundcraft_SoundcraftUSBAudio_Setup) (Version: 3.20.0 - Soundcraft)
Nero InCD (HKLM\...\{59482AA7-3E30-4B5E-A52F-4101DACC2707}) (Version: 6.6.5100 - Nero AG)
Nokia Care Suite 5.0 (HKLM-x32\...\{A0841FEE-879B-4825-86AE-90B8A44021F8}) (Version: 2012.40.5.8 - Nokia)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
NVIDIA Ovladače grafiky 311.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.30 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1930.243 - Trusteer)
Opera Stable 38.0.2220.31 (HKLM-x32\...\Opera 38.0.2220.31) (Version: 38.0.2220.31 - Opera Software)
Opera Stable 57.0.3098.116 (HKLM-x32\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software)
Ovládací panel NVIDIA 311.30 (Version: 311.30 - NVIDIA Corporation) Hidden
P2P BLOW PC (HKLM-x32\...\{40EF2025-5FDE-4033-AE73-942CBBC2BAFE}) (Version: 3.0.2.6 - hi)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PicosmosTools 1.3.0.0 (HKLM-x32\...\PicosmosTools) (Version: 1.3.0.0 - Free Time)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.9.0 - Prolific Technology INC)
PL-2303 Vista Driver Installer (HKLM-x32\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.2.0.0 - Prolific)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Rapport (x32 Version: 3.5.1930.243 - Trusteer) Hidden
REAPER (x64) (HKLM\...\REAPER) (Version: - )
Registrace uživatele zařízení Canon MG5500 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG5500 series) (Version: - ‭Canon Inc.)
Room EQ Wizard 5.16 (HKLM-x32\...\4549-9647-2313-4375) (Version: 5.16 - John Mulcahy)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.45.00(23.5.2014) - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.01.00:36 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
SFM 4 B2 Mouse Driver (HKLM-x32\...\{865865F2-6748-4710-99DC-5248204D8FD4}_is1) (Version: 1.0 - )
Skype verze 8.38 (HKLM-x32\...\Skype_is1) (Version: 8.38 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Software Informer 1.4.1273.0 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
SpeakerManagement V1.3 (HKLM-x32\...\SpeakerManagement V1.3) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.0.13880 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
UC232A_Win 7_64bit (HKLM-x32\...\{437BDACD-9584-4A01-A814-27EA01B452A6}) (Version: 1.0.082 - Aten International Co., Ltd.)
UV_5R_VIP (HKLM-x32\...\ST6UNST #2) (Version: - )
VDownloader 4.1.1539 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
VirtualDJ LE (N4) (HKLM-x32\...\{70D728E5-253A-4296-8D1E-F37DADA6F3F5}) (Version: 7.0.5 - Atomix Productions)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VUPlayer (HKLM-x32\...\VUPlayer) (Version: - )
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 8.40 - NCH Software)
web control version 3.0.4.0 (HKLM-x32\...\{3D8D219C-0362-457F-B847-2FC07C2BE520}_is1) (Version: 3.0.4.0 - )
WhatsApp (HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\WhatsApp) (Version: 0.2.5371 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (01/27/2014 2.10.00) (HKLM\...\A360E2EA788FFC586113AFE1F2AABF01EBE7A248) (Version: 01/27/2014 2.10.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (01/27/2014 2.10.00) (HKLM\...\42F5D8399C4B7EB9005D88E9045ABB1A715CD59A) (Version: 01/27/2014 2.10.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Wings 3D 2.1.5 (HKLM-x32\...\Wings 3D 2.1.5) (Version: - )
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinZip 21.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410F}) (Version: 21.5.12480 - WinZip Computing, S.L. )
wOBD (HKLM-x32\...\ST6UNST #1) (Version: - )
Yamaha USB-MIDI Driver (HKLM-x32\...\InstallShield_{2D488455-3E89-49EF-BA6E-92C2503DC89D}) (Version: 3.1.4.1 - Yamaha Corporation)
Yamaha USB-MIDI Driver (Version: 3.1.4.1 - Yamaha Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-437069544-115546471-2938306295-1000_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl64.dll (Bandisoft.com)
CustomCLSID: HKU\S-1-5-21-437069544-115546471-2938306295-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()

==================== Restore Points =========================

18-12-2018 10:20:42 Naplánovaný kontrolní bod
26-12-2018 10:22:03 Naplánovaný kontrolní bod
04-01-2019 20:55:27 Naplánovaný kontrolní bod
11-01-2019 09:16:28 Installed Rapport
21-01-2019 09:34:10 Naplánovaný kontrolní bod
28-01-2019 10:59:27 Naplánovaný kontrolní bod
05-02-2019 09:24:41 Naplánovaný kontrolní bod

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-02-06 10:52 - 00000053 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C51C327-9E18-481E-8194-45FC00B1F650} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-23] (AVAST Software)
Task: {0C996BD2-9C49-4A0F-B792-4E50A1F8D30A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-02-05] (Piriform Software Ltd)
Task: {11ADFA52-B4FB-4F70-A387-BAC8CD635106} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {15819AD5-E153-4F8D-AB3F-D043A95E8890} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-17] (AVAST Software)
Task: {287CB1BA-7C34-4DFC-B6A8-99BD24065573} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {543F12F2-DCA1-49D8-89A3-D49494B804DF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {55332257-EA06-49C3-82A5-BA19DEEF45DE} - System32\Tasks\WinThruster64-m-Notification => C:\Program Files\Solvusoft\WinThruster\Sync.exe <==== ATTENTION
Task: {564A30B6-AB9B-47AE-8A60-9C553EB8A1F5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5A1F9590-A9BF-4081-8A48-91C09BC9AE91} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {5BC44BC8-277D-4534-A828-EC6BA64EE5B8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-20] (AVAST Software)
Task: {69855024-184A-4E92-8E54-EEB6097BA5EA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {92C2D418-D10A-4430-B362-208E4FEC92E2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {A413B4F4-B7DA-4B15-91E6-A2A1DCEDACC3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {A8C24962-0FF0-45FD-8362-252A11C00111} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {AF3B488E-FDBD-4777-88DD-4CD66D915A08} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2015-03-30] (Informer Technologies, Inc.)
Task: {B00FE2D2-28D4-4E0C-B79F-386DE6BC8099} - System32\Tasks\Opera scheduled Autoupdate 1415390993 => c:\program files (x86)\opera\launcher.exe [2019-01-09] (Opera Software)
Task: {B4A9E5E5-C44F-4152-BD47-DE26A615A8AD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {B832EFFE-E7E7-434B-A0D3-6345A9D1EC98} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {C057EADB-886A-4CF5-978A-CC5D496CED3D} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-23] (AVAST Software)
Task: {CC4A4CC9-B09D-4644-9389-E6F4DC92729E} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2017-04-19] (WinZip)
Task: {DA097D21-849C-4E7A-9FA3-935B4B633408} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2017-10-18] (Microsoft Corporation)
Task: {E36B06F1-CC42-4603-99EB-2613FA943AF9} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2019-01-15] (Apple Inc.)
Task: {F1752DA7-A09C-40AC-AE21-55E19174BA32} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\WinThruster64-m-Notification.job => C:\Program Files\Solvusoft\WinThruster\Sync.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2014-11-04 21:23 - 2013-02-20 20:24 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2019-01-17 09:23 - 2019-01-17 09:23 - 00667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-02-06 08:53 - 2019-02-06 08:53 - 06953616 _____ () C:\Program Files\AVAST Software\Avast\defs\19020506\algo64.dll
2019-01-17 09:23 - 2019-01-17 09:23 - 00550792 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2019-01-17 09:23 - 2019-01-17 09:23 - 01967496 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2019-01-17 09:24 - 2019-01-17 09:24 - 01175944 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2015-11-25 13:20 - 2011-04-11 06:26 - 00034304 _____ () C:\Windows\System32\spd__l.dll
2012-02-28 09:07 - 2012-02-28 09:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2019-01-17 09:24 - 2019-01-17 09:24 - 93695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-23 16:33 - 2019-01-23 16:33 - 01356088 _____ () C:\Program Files\iTunes\libxml2.dll
2019-01-23 16:33 - 2019-01-23 16:33 - 00088888 _____ () C:\Program Files\iTunes\zlib1.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 02160128 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avformat-57.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 12621312 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avcodec-57.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 00139264 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swresample-2.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 00484352 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avutil-55.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 02111488 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avfilter-6.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 00663040 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swscale-4.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 00071168 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\postproc-54.dll
2017-01-31 22:23 - 2016-10-13 16:36 - 65771520 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libcef.dll
2017-01-31 22:23 - 2016-10-13 16:36 - 02129920 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libglesv2.dll
2017-01-31 22:23 - 2016-10-13 16:36 - 00087040 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libegl.dll
2019-01-09 10:28 - 2018-05-14 17:58 - 00614400 _____ () C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe
2017-04-11 03:17 - 2017-04-11 03:17 - 00192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2015-01-04 19:54 - 2013-05-14 10:50 - 00140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-10-23 20:19 - 2018-09-10 15:12 - 00085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2019-01-17 09:23 - 2019-01-17 09:23 - 00667016 _____ () c:\Program Files\AVAST Software\Avast\StreamBack.dll
2015-06-02 14:51 - 2015-06-02 14:51 - 00545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2019-01-15 01:28 - 2019-01-15 01:28 - 01042744 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2018-01-05 00:14 - 2018-01-05 00:14 - 00076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2019-01-15 01:28 - 2019-01-15 01:28 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2017-05-17 17:36 - 2014-08-06 03:37 - 01203856 _____ () C:\Program Files (x86)\MediatekWiFi\Common\RaWLAPI.dll
2019-01-09 10:28 - 2018-06-15 09:11 - 00057344 _____ () C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\lan.dll
2019-01-09 10:28 - 2018-05-05 17:26 - 00040960 _____ () C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\KBHook.dll
2016-10-31 21:23 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-10-31 21:23 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-10-31 21:23 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-10-31 21:23 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-10-31 21:23 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\samsungsetup.com -> hxxp://www.samsungsetup.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-437069544-115546471-2938306295-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\m\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 178.17.0.11 - 178.17.0.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Firefox Preloader.lnk => C:\Windows\pss\Firefox Preloader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Soundcraft USB Audio Control Panel Autostart.lnk => C:\Windows\pss\Soundcraft USB Audio Control Panel Autostart.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Soundcraft USB Control Panel.lnk => C:\Windows\pss\Soundcraft USB Control Panel.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^m^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk => C:\Windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk.Startup
MSCONFIG\startupreg: AvgUi => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
MSCONFIG\startupreg: BlazeServoTool => "C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe"
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MSCONFIG\startupreg: icq.desktop => "C:\Users\m\AppData\Roaming\ICQ\bin\icq.exe" /startup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: SpyEmergency => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1445AB92-FC2D-4D9A-B4B8-4B0F690A836F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B7735037-14F6-4CC4-BC1A-40E93C847C17}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D3518227-15BA-4E13-AA38-31BD481FFF72}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{47FFF7A7-F96B-4E49-9BBB-CF96369C5DB0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{E88AE31C-5FE0-4E92-BCD8-6299B913EA52}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{206325AE-8C1E-48E2-B6EF-F3A4C13FC7B0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{D0AA8663-AA6E-4E92-A593-F80760D7033A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{957F6428-E58A-472D-BF64-7ABFB3117530}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{FAF6C809-9CDA-4CDC-AC27-00958FB26445}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2969165D-0CEA-483E-B95B-36F3EE83DCD7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B9718987-A706-4E5E-B197-F06A46C9ADCE}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [{E0EF0E0B-773B-427F-8F5D-015BF05B1741}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [TCP Query User{F925D4D7-4FB9-470F-B561-30D4C27084EE}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe
FirewallRules: [UDP Query User{DF37F468-0F30-4483-AD8A-EBF3298C0E1B}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe
FirewallRules: [TCP Query User{DC6D1239-988B-48B1-A6D8-5E4451BB67DE}C:\program files (x86)\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{8784F955-8CF5-4600-8911-E98C31689AF3}C:\program files (x86)\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\formatfactory\formatfactory.exe
FirewallRules: [{2C28C83C-CE44-42B9-BE86-FCE7BFD36AF3}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{5842C6AB-DC34-4CD7-9DB2-5F1C39E8207C}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{F1152C46-4681-49D8-940D-FD558204923A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{7B2AD1CA-231F-4BFC-BF47-DDBF5A0B07C0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{3BB0E174-CE0C-4934-B89C-826298115763}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{CA1623C8-6835-4127-A9ED-71F213912254}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{E2C9C1C5-005D-4D45-B1AC-1874205DCC6B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{255820FD-7323-4746-994D-ADE21D827566}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{4F8AF6C3-30FE-4B47-8668-ECCB7164BA6A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{C1AE4854-1F07-4FB5-B5B1-612F4495D0D5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{89885AB9-CF7F-430E-82C6-52B0592A8550}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{F0ABDE51-B6D7-41D8-B120-7CB58E2EF63D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{766E061C-A817-44D3-9B35-723D42ACB92A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{5C34C3B6-A77A-4229-8331-332D9A491609}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{69569208-7DBF-453C-9995-454C45468075}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{23879F8F-C9F2-4EC0-AE7C-1616030A7DE2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{DE3E7CFE-E1BF-4A95-B2EB-DF8142344201}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{FE1A7505-155B-450F-8EA0-E96C14AAA5A2}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [TCP Query User{5D9B9FA3-7AD0-4229-8BE6-48C8E5CB7BF6}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{1ED373B2-C8AF-40B9-B6E4-31FC4A6CDF43}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{5A9DAF23-1BDA-4D22-B042-5B73C51033FC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{70726B43-9489-46B2-BBE6-BBFE111FE70B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4BC76D47-DA8A-40B2-B030-0149EF164B58}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{861CA53B-C3DA-44F0-827A-D5E7ACB5CAFA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{4CB14BCD-F281-40DB-8244-27252D716E16}C:\program files (x86)\ipcamerasearchtool\searchtool.exe] => (Allow) C:\program files (x86)\ipcamerasearchtool\searchtool.exe
FirewallRules: [UDP Query User{BFEB0B56-1E32-4ABA-AFD9-C4F9DE4DAAC5}C:\program files (x86)\ipcamerasearchtool\searchtool.exe] => (Allow) C:\program files (x86)\ipcamerasearchtool\searchtool.exe
FirewallRules: [{9763EE5A-4224-4C22-8580-019A896BD084}] => (Block) C:\program files (x86)\ipcamerasearchtool\searchtool.exe
FirewallRules: [{482391F7-5765-4453-A227-E962EAA3775E}] => (Block) C:\program files (x86)\ipcamerasearchtool\searchtool.exe
FirewallRules: [{E9CB7E75-A617-4692-A21A-EEB3D262C24E}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
FirewallRules: [{979B30FB-1233-4A70-B73E-4D06E4267750}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
FirewallRules: [{FF7F1723-77C8-4EAD-8F57-D5AC57A5B862}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe
FirewallRules: [{C90EE39F-A3A7-45A2-8BCB-AE5DDCE6EC43}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe
FirewallRules: [{DB8965D5-20DE-4C07-8B5E-CBDAAC621692}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe
FirewallRules: [TCP Query User{C462EB39-23FE-453F-93E4-EE1F68AFF93B}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe
FirewallRules: [UDP Query User{9C96CCC4-DA6F-4B64-A52E-C237FF178C63}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe
FirewallRules: [TCP Query User{8758BCD8-75E3-4363-A89A-497F572C0A70}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe
FirewallRules: [UDP Query User{B1C0C7DC-5BB5-4966-9116-01E16198D1A0}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe
FirewallRules: [{5C51827B-E6BE-46A9-9178-81B3F4C585CD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{B0DBC307-3A18-4667-930E-962FE47E6B43}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{CFD45019-6B43-416F-A72B-53BD0257AE48}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{C3F7E535-E896-4554-AD9A-32B4D49D5BAC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CA08D84A-C7AE-4A3D-85A6-6E9A2555341D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F738F4B4-DD69-4F32-9FE6-83A00DC14AF5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F2FDE267-D526-4B44-AAFD-9C4BC8DE7BD4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{365C2984-9886-4DCE-84E8-DD0C25052502}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe
FirewallRules: [UDP Query User{4B0C1C79-A5E7-4C91-83DA-F90EF6B5DFF6}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe
FirewallRules: [{F037DB64-4874-4CD8-BCD9-DE01D6532CF8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{AF1C28C7-07F0-4635-A10A-F591363C6605}] => (Allow) c:\program files (x86)\opera\57.0.3098.106\opera.exe
FirewallRules: [{C732C861-AA83-4321-87F3-376FBE461D61}] => (Allow) c:\program files (x86)\opera\57.0.3098.116\opera.exe
FirewallRules: [{AB646575-766D-43DB-8D9F-6E84602A80F3}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{67B189C0-45C8-46F8-8C08-E17BA5471F2F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{A6746D53-8E30-4A4B-9708-94961D52283F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{B7F5A355-6827-4160-8C60-FAC4C100C774}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{1E09FC95-4BBB-40CD-8CD0-DF2640BBB68E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{821B8B2D-DF90-49BB-BA29-F741FE5CA62A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/06/2019 11:59:54 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (02/06/2019 11:19:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2019 10:59:57 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (02/06/2019 10:20:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 65.0.0.6963, časové razítko: 0x5c34ddf7
Název chybujícího modulu: xul.dll, verze: 65.0.0.6963, časové razítko: 0x5c34df71
Kód výjimky: 0x80000003
Posun chyby: 0x00000000042d3dfc
ID chybujícího procesu: 0x770
Čas spuštění chybující aplikace: 0xfirefox.exe0
Cesta k chybující aplikaci: firefox.exe1
Cesta k chybujícímu modulu: firefox.exe2
ID zprávy: firefox.exe3

Error: (02/06/2019 10:00:37 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (02/06/2019 09:56:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2019 09:02:41 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (02/06/2019 08:59:54 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (02/06/2019 08:52:52 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://ctldl.windowsupdate.com/msdownlo ... ootstl.cab>. Došlo k chybě: Neplatné údaje.
.

Error: (02/05/2019 07:59:54 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.


System errors:
=============
Error: (02/06/2019 11:19:25 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníSpuštění{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)

Error: (02/06/2019 11:19:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Spybot-S&D 2 Scanner Service neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (02/06/2019 11:19:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Spybot-S&D 2 Scanner Service bylo dosaženo časového limitu (30000 ms).

Error: (02/06/2019 11:19:03 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 70. Stav interní chyby: 105

Error: (02/06/2019 11:18:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Apple Mobile Device Service neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (02/06/2019 11:18:43 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Apple Mobile Device Service bylo dosaženo časového limitu (30000 ms).

Error: (02/06/2019 11:12:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (02/06/2019 11:12:55 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba InCD Helper byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/06/2019 11:12:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Apple Mobile Device Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (02/06/2019 11:12:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dritek WMI Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 3000 milisekund: Restartovat službu.


Microsoft Office:
=========================
Error: (02/06/2019 11:59:54 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (02/06/2019 11:19:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2019 10:59:57 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (02/06/2019 10:20:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: firefox.exe65.0.0.69635c34ddf7xul.dll65.0.0.69635c34df718000000300000000042d3dfc77001d4bdfa5889dcd1C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll7a99449b-29f0-11e9-ad22-68942328a45a

Error: (02/06/2019 10:00:37 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (02/06/2019 09:56:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2019 09:02:41 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (02/06/2019 08:59:54 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (02/06/2019 08:52:52 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://ctldl.windowsupdate.com/msdownlo ... abNeplatné údaje.

Error: (02/05/2019 07:59:54 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
(NULL)(NULL)(NULL)(NULL)(NULL)


CodeIntegrity:
===================================
Date: 2016-12-27 18:27:08.665
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-27 18:27:08.579
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-27 18:26:22.818
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-10-24 10:45:08.586
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-24 10:45:08.506
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-24 10:45:08.426
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-21 20:32:02.312
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-21 20:32:02.247
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-21 20:32:01.832
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-21 20:32:01.760
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 61%
Total physical RAM: 8010.36 MB
Available physical RAM: 3064.87 MB
Total Virtual: 16018.88 MB
Available Virtual: 10690.69 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:257.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F63ECFB0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout

#10 Příspěvek od Diallix »

Ja potrbujem aj ten druhy log FRST.log
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

hrdinaj
Návštěvník
Návštěvník
Příspěvky: 198
Registrován: 14 zář 2010 19:44

Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout

#11 Příspěvek od hrdinaj »

Doufám, že ten je ten správný : Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-09-2015 02
Ran by m (administrator) on M-PC (06-02-2019 12:27:26)
Running from C:\Users\m\Documents\bordel plocha
Loaded Profiles: m & UpdatusUser (Available Profiles: m & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Nero AG) C:\Program Files (x86)\Nero\Tools\InCD\InCDSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(WinZip) C:\Program Files\WinZip\WZUpdateNotifier.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(FreeDownloadManager.org) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
() C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe
(Nero AG) C:\Program Files (x86)\Nero\Tools\InCD\NBHRegInCDSrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleFirefoxHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-17] (AVAST Software)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [1878016 2017-04-19] (WinZip)
HKLM\...\Run: [WinZip PreLoader] => C:\Program Files\WinZip\WzPreloader.exe [124360 2017-04-19] (WinZip Computing, S.L.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1106512 2012-03-02] (Dritek System Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [dvd43] => C:\Program Files (x86)\dvd43\dvd43_tray.exe [827904 2009-10-23] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM-x32\...\Run: [SFM 4 B2 Mouse Driver] => C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe [614400 2018-05-14] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-17] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10431176 2017-01-20] (FreeDownloadManager.org)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-01] (Apple Inc.)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1023664 2016-11-16] (Samsung)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-10-01] (Apple Inc.)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-10-01] (Apple Inc.)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-02-20] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-02-20] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software)
ShellIconOverlayIdentifiers: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG)
ShellIconOverlayIdentifiers-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mediatek Wireless Utility.lnk [2017-05-17]
ShortcutTarget: Mediatek Wireless Utility.lnk -> C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe (Mediatek Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SPDriverInstall.lnk [2016-09-17]
ShortcutTarget: SPDriverInstall.lnk -> C:\Program Files\MediaTek\SP Driver\SPDriverInstall (No File)
Startup: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2017-03-06]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 178.17.0.11 178.17.0.12
Tcpip\..\Interfaces\{464C6660-F1BE-4595-B543-DE14D7A085CE}: [DhcpNameServer] 109.205.75.22
Tcpip\..\Interfaces\{6F01AEF7-0D77-47A4-B029-C65780083693}: [DhcpNameServer] 178.17.0.11 178.17.0.12

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930854286339096&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-437069544-115546471-2938306295-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-437069544-115546471-2938306295-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-437069544-115546471-2938306295-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 0AD95A27AF13D04D9447BD9B2E2B0761 URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 28F55112567F11A7DBADE182EB0E2AFF URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 6561DF71FFA8F9C488FEF0C602C8F88A URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 8B2130DBC0AEAA85CBFB5E9FEC1C1479 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12] (Adblock Plus)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-18] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-18] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Adblock Plus)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
DPF: HKLM-x32 {F680B28A-3AEE-4C88-93ED-45AE9215C128} hxxps://adisepo.mfcr.cz/adistc/adis/idpr_pub/xspa/bin/cryptsignx.cab

FireFox:
========
FF ProfilePath: C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204
FF NewTab: hxxps://www.amazon.com/gp/bit/amazonserp/ref=bi ... 4_CZ_ff_nt_
FF SearchEngineOrder.1: Amazon
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @google.com/lowebplugin -> C:\Windows\system32\nplowebplugin.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\m\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2017-10-04]
FF Extension: No Name - C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204\Extensions\firefoxdav@icloud.com.xpi [2017-11-12]
FF Extension: No Name - C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204\Extensions\sp@avast.com.xpi [2017-05-10]
FF Extension: No Name - C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204\Extensions\wrc@avast.com.xpi [2017-05-10]
FF Extension: No Name - C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-13]
FF Extension: No Name - C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-27]

Chrome:
=======
CHR Profile: C:\Users\m\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-24]
CHR Extension: (Dokumenty) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-07]
CHR Extension: (Disk Google) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-07]
CHR Extension: (IBM Security Rapport) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2018-07-24]
CHR Extension: (Seznam doplněk - Email) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-10-24]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-10-24]
CHR Extension: (YouTube) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-07]
CHR Extension: (Vyhledávání Google) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-07]
CHR Extension: (Avast SafePrice
Srovnání, výhodné nabídky, kupóny) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-07-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-27]
CHR Extension: (Avast Online Security) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-07]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-10-24]
CHR Extension: (Gmail) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-07]
CHR Extension: (Chrome Media Router) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-24]
CHR HKU\S-1-5-21-437069544-115546471-2938306295-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR StartupUrls: "hxxp://www.seznam.cz/?clid=6826"]},"sessions":{"last_session_number":"2"},"speeddial":{"bookmarks_folder_guid":"2EC7F4FB-C78E-4F61-A095-7DE3904D2A7C","imported_to_bookmarks":true,"partners":{"blacklist":{"hxxp://www.facebook.com/":"20171003","hxxp://w ... ctionaries":["cs"

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-17] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-23] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-17] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-23] (AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\elevation_service.exe [390552 2019-01-09] (AVAST Software)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [443872 2018-12-12] (Google Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-04-11] () [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 InCDSrv; C:\Program Files (x86)\Nero\Tools\InCD\InCDSrv.exe [1420592 2009-10-16] (Nero AG)
R2 MediatekRegistryWriter; C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe [401040 2014-07-31] (Mediatek Inc.)
R2 MediatekRegistryWriter64; C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe [454288 2014-07-31] (Mediatek Inc.)
R2 NeroRegInCDSrv; C:\Program Files (x86)\Nero\Tools\InCD\NBHRegInCDSrv.exe [53560 2009-10-16] (Nero AG)
S3 RaMediaServer; C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5264888 2018-12-26] (IBM Corp.)
S3 Samsung UPD Service2; C:\Windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11786992 2018-11-14] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-17] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-17] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [223056 2019-01-21] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-17] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-17] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-17] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-17] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-17] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166792 2019-01-21] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-17] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-17] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-17] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-17] (AVAST Software)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-07] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-11] (REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-04-11] (Huawei Technologies Co., Ltd.)
R3 InCDFs; C:\Windows\System32\DRIVERS\InCDFs.sys [168984 2009-10-16] (Nero AG)
R3 InCDPass; C:\Windows\System32\DRIVERS\InCDPass.sys [60952 2009-10-16] (Nero AG)
R1 InCDRec; C:\Windows\System32\DRIVERS\InCDRec.sys [22040 2009-10-16] (Nero AG)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2016-01-05] (ITE )
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2212496 2014-07-04] (MediaTek Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc.)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [501256 2018-12-26] (IBM Corp.)
R1 RapportCerberus_1930247; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1930247.sys [1657968 2019-01-11] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [725192 2018-12-26] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [461768 2018-12-26] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [604752 2018-09-06] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [758168 2018-12-26] (IBM Corp.)
S3 ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [167936 2013-10-22] (ATEN)
S3 SoundcraftUSBAudio; C:\Windows\System32\DRIVERS\SoundcraftUSBAudio_x64.sys [269312 2015-09-03] ()
S3 SoundcraftUSBAudioks; C:\Windows\System32\DRIVERS\SoundcraftUSBAudioks_x64.sys [50688 2015-09-03] ()
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 YMIDUSBW; C:\Windows\System32\drivers\ymidusbx64.sys [43744 2015-07-28] (Yamaha Corporation)
S3 Ser2pl; system32\DRIVERS\ser2pl64.sys [X]
S3 SmbDrv; system32\DRIVERS\Smb_driver.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-06 11:35 - 2019-02-06 11:35 - 02433024 _____ (Farbar) C:\Users\m\Downloads\FRST64.exe
2019-02-06 11:09 - 2019-02-06 11:09 - 07316688 _____ (Malwarebytes) C:\Users\m\Downloads\adwcleaner_7.2.7.0.exe
2019-02-06 10:52 - 2019-02-06 10:52 - 01222144 _____ C:\Users\m\Downloads\RSITx64(1).exe
2019-02-06 10:30 - 2019-02-06 10:31 - 00491363 _____ C:\Users\m\Downloads\fwpoptvka.zip
2019-02-06 10:16 - 2019-02-06 10:16 - 00322056 _____ (Mozilla) C:\Users\m\Downloads\Firefox Installer.exe
2019-02-06 10:14 - 2019-02-06 10:15 - 00712678 _____ C:\Users\m\Desktop\Záložky 2019.html
2019-02-05 18:04 - 2019-02-05 18:04 - 08595456 _____ C:\Users\m\Downloads\PI TRUSS AND STAGE(CRYSTAL WANG)(1).xls
2019-02-05 18:02 - 2019-02-05 18:02 - 00252681 _____ C:\Users\m\Downloads\prilohy_54516.zip
2019-02-05 12:38 - 2019-02-05 12:39 - 00000000 ____D C:\Users\m\Desktop\chris rea
2019-02-05 12:33 - 2019-02-05 12:34 - 164698825 _____ C:\Users\m\Downloads\Chris Rea_mp3.rar
2019-02-04 18:39 - 2019-02-04 18:53 - 616799430 _____ C:\Users\m\Downloads\Amatérské rádio PE 2018.rar
2019-02-04 18:39 - 2019-02-04 18:50 - 421465641 _____ C:\Users\m\Downloads\Amatérské rádio 2017.rar
2019-02-02 17:06 - 2019-02-02 17:43 - 2070805738 _____ C:\Users\m\Desktop\Bohemian Rhapsody CZ TITULKY 2018 NOVINKA Queen Freddie Mercury Rami Malek Lucy Boynton Rapsody Rapsodi české titulky RODINNÝ RODINNÁ DRAMA DRÁMA HUDEBNÍ HUDOBNÝ ŽIVOTOPISNÍ ŽIVOTOPISNÝ.avi
2019-02-02 15:15 - 2019-02-02 15:28 - 992362682 _____ C:\Users\m\Desktop\Po cem muzi touzi 2018 CZ.avi
2019-01-29 11:04 - 2019-01-29 11:04 - 03868748 _____ C:\Users\m\Downloads\SiCompact_v3_3_Build6(2).zip
2019-01-29 10:27 - 2019-01-29 10:33 - 176181196 _____ C:\Users\m\Downloads\uiupdate-k-3.0.7865-ui24v2.zip
2019-01-29 08:49 - 2019-01-29 08:49 - 00163315 _____ C:\Users\m\Downloads\zprava_643661555_prijata.zfo
2019-01-28 09:33 - 2019-01-28 09:33 - 00001111 _____ C:\Users\m\Desktop\Hrdina silnicní 2018.xml
2019-01-28 09:08 - 2019-01-28 09:08 - 00001707 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-01-28 09:08 - 2019-01-28 09:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-01-28 09:08 - 2019-01-28 09:08 - 00000000 ____D C:\Program Files\iPod
2019-01-28 09:07 - 2019-01-28 09:08 - 00000000 ____D C:\Program Files\iTunes
2019-01-28 08:59 - 2019-01-28 08:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2019-01-25 09:01 - 2019-01-25 09:01 - 00000523 _____ C:\Users\m\Desktop\kara.JPEG.lnk
2019-01-25 09:00 - 2019-01-25 09:02 - 00093301 _____ C:\Users\m\Desktop\kara.JPEG
2019-01-24 09:29 - 2019-01-24 09:29 - 00006209 _____ C:\Users\m\Desktop\J. Hrdina KH 4.Q 18.xml
2019-01-21 23:40 - 2019-01-22 09:21 - 00642705 _____ C:\Users\m\Downloads\Součet Fidlovačka Listopad + Prosinec 2.pages
2019-01-21 10:55 - 2019-01-21 10:55 - 00223056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-21 10:34 - 2019-01-21 10:38 - 269393736 _____ (Apple Inc.) C:\Users\m\Downloads\iTunes64Setup(3).exe
2019-01-17 13:49 - 2019-01-17 13:49 - 03998157 _____ C:\Users\m\Downloads\prilohy_171933.zip
2019-01-17 11:16 - 2019-01-17 11:16 - 00278016 _____ C:\Users\m\Desktop\PI-hrdinaj 0726-czech republiky-HQLITE.xls
2019-01-17 09:25 - 2019-01-17 09:23 - 00361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-17 09:25 - 2019-01-17 09:23 - 00320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-17 09:25 - 2019-01-17 09:23 - 00196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-17 09:25 - 2019-01-17 09:23 - 00058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-17 09:25 - 2019-01-17 09:23 - 00037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-01-12 16:37 - 2019-01-12 16:37 - 08595456 _____ C:\Users\m\Downloads\PI TRUSS AND STAGE(CRYSTAL WANG).xls
2019-01-10 05:00 - 2019-01-10 05:00 - 00000000 ___HD C:\$AV_ASW
2019-01-09 10:28 - 2019-01-09 10:28 - 00001820 _____ C:\Users\Public\Desktop\SFM 4 B2 Mouse Driver.lnk
2019-01-09 10:28 - 2019-01-09 10:28 - 00000000 ____D C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse
2019-01-09 10:28 - 2019-01-09 10:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFM 4 B2 Mouse
2019-01-09 08:50 - 2019-01-09 08:50 - 00368128 _____ C:\Users\m\Downloads\faktura Weinas 12-2018(1).xls
2019-01-08 23:43 - 2019-01-08 23:43 - 00027136 _____ C:\Users\m\Downloads\梅捷克 Jaromir (LHM20180912)(3).xls
2019-01-08 23:31 - 2019-01-08 23:31 - 00027136 _____ C:\Users\m\Downloads\faktura gisen 12.18.xls
2019-01-08 22:42 - 2019-01-08 22:42 - 00027136 _____ C:\Users\m\Downloads\梅捷克 Jaromir (LHM20180912)(2).xls
2019-01-08 22:37 - 2019-01-08 22:37 - 00078741 _____ C:\Users\m\Downloads\544(1).tiff
2019-01-08 21:10 - 2019-01-08 21:10 - 00646960 _____ C:\Users\m\Downloads\prilohy_166409.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-06 12:27 - 2015-09-14 12:41 - 00000000 ____D C:\FRST
2019-02-06 12:21 - 2015-03-26 09:00 - 00000000 ____D C:\Users\m\Documents\bordel plocha
2019-02-06 11:38 - 2016-10-02 08:57 - 00056908 _____ C:\Users\m\Downloads\FRST.txt
2019-02-06 11:38 - 2015-09-14 12:42 - 00068343 _____ C:\Users\m\Downloads\Addition.txt
2019-02-06 11:29 - 2015-12-15 18:37 - 00000000 ____D C:\Program Files\trend micro
2019-02-06 11:25 - 2011-04-12 09:34 - 00668792 _____ C:\Windows\system32\perfh005.dat
2019-02-06 11:25 - 2011-04-12 09:34 - 00141420 _____ C:\Windows\system32\perfc005.dat
2019-02-06 11:25 - 2009-07-14 06:13 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-06 11:25 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-06 11:25 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-06 11:20 - 2014-11-03 22:11 - 02068798 _____ C:\Windows\WindowsUpdate.log
2019-02-06 11:19 - 2018-11-25 20:06 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2019-02-06 11:19 - 2017-01-31 22:23 - 00000000 ____D C:\Users\m\AppData\Local\Free Download Manager
2019-02-06 11:18 - 2017-11-12 18:47 - 00000000 ___RD C:\Users\m\iCloudDrive
2019-02-06 11:17 - 2018-10-11 07:52 - 00003334 _____ C:\Windows\setupact.log
2019-02-06 11:17 - 2017-06-27 13:42 - 00000368 _____ C:\Windows\Tasks\WinThruster64-m-Notification.job
2019-02-06 11:17 - 2017-05-06 09:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-02-06 11:17 - 2017-01-29 12:25 - 01103650 _____ C:\Windows\PFRO.log
2019-02-06 11:17 - 2014-11-07 20:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-06 11:17 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-06 11:12 - 2015-12-15 20:40 - 00000000 ____D C:\AdwCleaner
2019-02-06 11:12 - 2014-11-13 18:57 - 00000000 ____D C:\Users\m\AppData\Roaming\IObit
2019-02-06 11:12 - 2014-11-13 18:57 - 00000000 ____D C:\ProgramData\IObit
2019-02-06 10:21 - 2014-11-07 20:43 - 00000000 ____D C:\ProgramData\Mozilla
2019-02-06 10:20 - 2015-05-13 19:01 - 00000000 ____D C:\Users\m\AppData\Local\CrashDumps
2019-02-06 10:19 - 2014-11-07 20:43 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-02-06 10:19 - 2014-11-07 20:43 - 00001147 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-02-06 10:03 - 2017-05-15 19:53 - 06980216 _____ (ESET spol. s r.o.) C:\Users\m\Downloads\esetonlinescanner_csy.exe
2019-02-05 17:57 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2019-02-05 13:46 - 2014-11-07 21:06 - 00000000 ____D C:\Program Files\CCleaner
2019-02-05 08:31 - 2017-03-03 08:11 - 00004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-02-04 18:44 - 2017-08-30 12:45 - 00000000 ____D C:\Windows\AutoKMS
2019-02-04 18:43 - 2016-07-07 18:52 - 00151552 _____ C:\Windows\KMSEmulator.exe
2019-02-04 12:44 - 2018-03-17 10:47 - 00004512 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-02-04 12:44 - 2018-03-07 10:17 - 00004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-02-04 12:44 - 2017-06-27 13:42 - 00003416 _____ C:\Windows\System32\Tasks\WinThruster64-m-Notification
2019-02-04 12:44 - 2017-05-15 13:58 - 00003380 _____ C:\Windows\System32\Tasks\WinZip Update Notifier
2019-02-04 12:44 - 2015-12-15 11:34 - 00004500 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-02-04 12:44 - 2015-12-15 11:33 - 00003838 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1415390993
2019-02-04 12:44 - 2015-12-03 18:40 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-02-04 12:44 - 2015-06-24 10:31 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-02-04 12:44 - 2015-05-28 12:27 - 00004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-02-04 12:44 - 2015-05-17 17:52 - 00003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-02-04 12:44 - 2015-05-17 17:52 - 00003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-02-04 12:44 - 2015-05-10 22:25 - 00003282 _____ C:\Windows\System32\Tasks\SoftwareInformerService
2019-02-04 12:44 - 2014-11-07 21:06 - 00002764 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-02-04 12:44 - 2014-11-05 07:39 - 00003520 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2019-02-04 10:33 - 2018-08-31 08:28 - 00001306 _____ C:\Users\Public\Desktop\Skype.lnk
2019-02-04 10:33 - 2018-08-31 08:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-02-02 15:37 - 2015-11-25 16:08 - 00262123 _____ C:\Users\m\AppData\Roaming\Error.log
2019-01-30 09:33 - 2016-02-09 18:55 - 00000000 ____D C:\Users\m\scany
2019-01-21 11:03 - 2017-11-12 18:47 - 00000000 ____D C:\Users\m\AppData\Local\C55D15D0-4E46-4797-82FF-7B3F63036861.aplzod
2019-01-21 11:02 - 2014-11-11 11:45 - 00000000 ____D C:\Users\m\AppData\Local\Apple Computer
2019-01-21 10:55 - 2016-10-02 18:09 - 00166792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-17 09:24 - 2017-11-21 08:38 - 00203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-17 09:24 - 2017-10-17 11:13 - 00239808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 00474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 00380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 00218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 00111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 00088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 00046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-17 09:23 - 2018-10-23 08:08 - 00042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-17 09:23 - 2016-10-02 18:09 - 01034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-01-16 15:06 - 2018-04-23 20:56 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-01-15 11:36 - 2018-09-24 09:02 - 00000493 _____ C:\Windows\system32\debug.log
2019-01-15 09:37 - 2018-04-23 20:54 - 00000000 ____D C:\Users\m\AppData\Local\AVAST Software
2019-01-13 20:00 - 2015-01-04 19:47 - 00000000 ____D C:\ProgramData\CanonIJPLM
2019-01-11 09:42 - 2014-11-07 21:09 - 00000000 ____D C:\Program Files (x86)\Opera
2019-01-11 09:19 - 2017-10-04 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2019-01-10 05:00 - 2018-12-23 19:37 - 00000000 ____D C:\Program Files (x86)\iTV
2019-01-09 12:30 - 2014-11-07 20:49 - 00842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-01-09 12:30 - 2014-11-07 20:49 - 00175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-09 12:30 - 2014-11-07 20:49 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2019-01-09 12:30 - 2014-11-07 20:49 - 00000000 ____D C:\Windows\system32\Macromed
2019-01-08 23:29 - 2018-12-05 13:31 - 00027136 _____ C:\Users\m\Downloads\PROFORMA INVOICE to Mirek CZ-M-12052018.xls
2019-01-08 21:20 - 2018-07-02 13:15 - 00001312 _____ C:\Users\m\Desktop\Gisen 07.2018.xls.lnk

==================== Files in the root of some directories =======

2015-10-21 19:28 - 2015-08-27 15:48 - 0444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2015-11-25 16:08 - 2019-02-02 15:37 - 0262123 _____ () C:\Users\m\AppData\Roaming\Error.log
2016-02-07 19:34 - 2016-02-07 19:34 - 0000017 _____ () C:\Users\m\AppData\Local\resmon.resmoncfg
2016-01-05 08:13 - 2016-03-08 22:15 - 0002548 _____ () C:\ProgramData\LmeUSB.log
2016-01-05 08:13 - 2016-03-08 22:15 - 0002550 _____ () C:\ProgramData\LSDmbTH.log

Some files in TEMP:
====================
C:\Users\m\AppData\Local\Temp\cmunst_.exe
C:\Users\m\AppData\Local\Temp\jre-8u191-windows-au.exe
C:\Users\m\AppData\Local\Temp\jre-8u201-windows-au.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2019-02-03 17:28

==================== End of FRST.txt ============================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout

#12 Příspěvek od Diallix »

:arrow: Odinstaluje SpyBot

:arrow: Otestujt na virustotal.com tento subor a vysldok skopirujte sem:
C:\Windows\System32\DRIVERS\ser2at64.sys


:arrow: Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
CreateRestorePoint:

C:\Program Files\Bonjour

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc.)
HKLM\...\Run: [WinZip PreLoader] => C:\Program Files\WinZip\WzPreloader.exe [124360 2017-04-19] (WinZip Computing, S.L.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1023664 2016-11-16] (Samsung)
ShellIconOverlayIdentifiers: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG)
ShortcutTarget: SPDriverInstall.lnk -> C:\Program Files\MediaTek\SP Driver\SPDriverInstall (No File)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF NewTab: hxxps://www.amazon.com/gp/bit/amazonser ... _CZ_ff_nt_
FF Plugin-x32: @google.com/lowebplugin -> C:\Windows\system32\nplowebplugin.dll [No File]
FF Extension: No Name - C:\Users\m\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2017-10-04]
FF Extension: No Name - C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204\Extensions\firefoxdav@icloud.com.xpi [2017-11-12]
FF Extension: No Name - C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204\Extensions\sp@avast.com.xpi [2017-05-10]
FF Extension: No Name - C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204\Extensions\wrc@avast.com.xpi [2017-05-10]
FF Extension: No Name - C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-13]
FF Extension: No Name - C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-27]
S3 Ser2pl; system32\DRIVERS\ser2pl64.sys [X]
S3 SmbDrv; system32\DRIVERS\Smb_driver.sys [X]
2019-02-04 12:44 - 2015-05-17 17:52 - 00003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-02-04 12:44 - 2015-05-17 17:52 - 00003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
Task: {287CB1BA-7C34-4DFC-B6A8-99BD24065573} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {55332257-EA06-49C3-82A5-BA19DEEF45DE} - System32\Tasks\WinThruster64-m-Notification => C:\Program Files\Solvusoft\WinThruster\Sync.exe <==== ATTENTION
Task: {69855024-184A-4E92-8E54-EEB6097BA5EA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {A413B4F4-B7DA-4B15-91E6-A2A1DCEDACC3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: C:\Windows\Tasks\WinThruster64-m-Notification.job => C:\Program Files\Solvusoft\WinThruster\Sync.exe <==== ATTENTION
MSCONFIG\startupreg: SpyEmergency => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
FirewallRules: [{B9718987-A706-4E5E-B197-F06A46C9ADCE}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [{E0EF0E0B-773B-427F-8F5D-015BF05B1741}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [{5A9DAF23-1BDA-4D22-B042-5B73C51033FC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{70726B43-9489-46B2-BBE6-BBFE111FE70B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4BC76D47-DA8A-40B2-B030-0149EF164B58}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{861CA53B-C3DA-44F0-827A-D5E7ACB5CAFA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

EmptyTemp:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

hrdinaj
Návštěvník
Návštěvník
Příspěvky: 198
Registrován: 14 zář 2010 19:44

Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout

#13 Příspěvek od hrdinaj »

Fix result of Farbar Recovery Scan Tool (x64) Version: 4.02.2019
Ran by m (06-02-2019 14:07:02) Run:2
Running from C:\Users\m\Desktop
Loaded Profiles: m & UpdatusUser (Available Profiles: m & UpdatusUser)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

C:\Program Files\Bonjour

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc.)
HKLM\...\Run: [WinZip PreLoader] => C:\Program Files\WinZip\WzPreloader.exe [124360 2017-04-19] (WinZip Computing, S.L.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1023664 2016-11-16] (Samsung)
ShellIconOverlayIdentifiers: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG)
ShortcutTarget: SPDriverInstall.lnk -> C:\Program Files\MediaTek\SP Driver\SPDriverInstall (No File)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF NewTab: hxxps://www.amazon.com/gp/bit/amazonser ... _CZ_ff_nt_
FF Plugin-x32: @google.com/lowebplugin -> C:\Windows\system32\nplowebplugin.dll [No File]
FF Extension: No Name - C:\Users\m\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2017-10-04]
FF Extension: No Name - C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204\Extensions\firefoxdav@icloud.com.xpi [2017-11-12]
FF Extension: No Name - C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204\Extensions\sp@avast.com.xpi [2017-05-10]
FF Extension: No Name - C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204\Extensions\wrc@avast.com.xpi [2017-05-10]
FF Extension: No Name - C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-13]
FF Extension: No Name - C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-27]
S3 Ser2pl; system32\DRIVERS\ser2pl64.sys [X]
S3 SmbDrv; system32\DRIVERS\Smb_driver.sys [X]
2019-02-04 12:44 - 2015-05-17 17:52 - 00003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-02-04 12:44 - 2015-05-17 17:52 - 00003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
Task: {287CB1BA-7C34-4DFC-B6A8-99BD24065573} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {55332257-EA06-49C3-82A5-BA19DEEF45DE} - System32\Tasks\WinThruster64-m-Notification => C:\Program Files\Solvusoft\WinThruster\Sync.exe <==== ATTENTION
Task: {69855024-184A-4E92-8E54-EEB6097BA5EA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {A413B4F4-B7DA-4B15-91E6-A2A1DCEDACC3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: C:\Windows\Tasks\WinThruster64-m-Notification.job => C:\Program Files\Solvusoft\WinThruster\Sync.exe <==== ATTENTION
MSCONFIG\startupreg: SpyEmergency => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
FirewallRules: [{B9718987-A706-4E5E-B197-F06A46C9ADCE}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [{E0EF0E0B-773B-427F-8F5D-015BF05B1741}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [{5A9DAF23-1BDA-4D22-B042-5B73C51033FC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{70726B43-9489-46B2-BBE6-BBFE111FE70B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4BC76D47-DA8A-40B2-B030-0149EF164B58}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{861CA53B-C3DA-44F0-827A-D5E7ACB5CAFA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
"C:\Program Files\Bonjour" => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper" => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\WinZip PreLoader" => not found
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => not found
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] => Error: No automatic fix found for this entry.
"HKU\S-1-5-21-437069544-115546471-2938306295-1000\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPDLR.exe" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\NBHShellExt => not found
HKLM\Software\Classes\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60} => not found
"C:\Program Files\MediaTek\SP Driver\SPDriverInstall" => not found
HKLM\SOFTWARE\Policies\Google => not found
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
"HKU\S-1-5-21-437069544-115546471-2938306295-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => not found
FF NewTab: hxxps://www.amazon.com/gp/bit/amazonser ... _CZ_ff_nt_ => "C:\Users\m\AppData\Roaming\FF NewTab: hxxps://www.amazon.com/gp/bit/amazonser ... _CZ_ff_nt_\prefs.js" not found
HKLM\Software\Wow6432Node\MozillaPlugins\@google.com/lowebplugin => not found
Could not move "C:\Users\m\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi" => Scheduled to move on reboot.
"C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204\Extensions\firefoxdav@icloud.com.xpi" => not found
"C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204\Extensions\sp@avast.com.xpi" => not found
C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204\Extensions\wrc@avast.com.xpi => moved successfully
C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi => moved successfully
C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi => moved successfully
HKLM\System\CurrentControlSet\Services\Ser2pl => removed successfully
Ser2pl => service removed successfully
HKLM\System\CurrentControlSet\Services\SmbDrv => removed successfully
SmbDrv => service removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{287CB1BA-7C34-4DFC-B6A8-99BD24065573}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{287CB1BA-7C34-4DFC-B6A8-99BD24065573}" => removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{55332257-EA06-49C3-82A5-BA19DEEF45DE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55332257-EA06-49C3-82A5-BA19DEEF45DE}" => removed successfully
C:\Windows\System32\Tasks\WinThruster64-m-Notification => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinThruster64-m-Notification" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{69855024-184A-4E92-8E54-EEB6097BA5EA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69855024-184A-4E92-8E54-EEB6097BA5EA}" => removed successfully
C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Scan the system" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A413B4F4-B7DA-4B15-91E6-A2A1DCEDACC3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A413B4F4-B7DA-4B15-91E6-A2A1DCEDACC3}" => removed successfully
C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Check for updates" => removed successfully
C:\Windows\Tasks\WinThruster64-m-Notification.job => moved successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SpyEmergency => removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SpybotPostWindows10UpgradeReInstall => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B9718987-A706-4E5E-B197-F06A46C9ADCE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E0EF0E0B-773B-427F-8F5D-015BF05B1741}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5A9DAF23-1BDA-4D22-B042-5B73C51033FC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{70726B43-9489-46B2-BBE6-BBFE111FE70B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4BC76D47-DA8A-40B2-B030-0149EF164B58}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{861CA53B-C3DA-44F0-827A-D5E7ACB5CAFA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22247896 B
Java, Flash, Steam htmlcache => 1271 B
Windows/system/drivers => 3618789 B
Edge => 0 B
Chrome => 35338698 B
Firefox => 1092595132 B
Opera => 20768301 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 6820 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 7676274 B
LocalService => 0 B
NetworkService => 0 B
m => 940579425 B
UpdatusUser => 0 B

RecycleBin => 138817283 B
EmptyTemp: => 2.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 06-02-2019 14:18:57)

C:\Users\m\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi => Could not move

==== End of Fixlog 14:18:57 ====

hrdinaj
Návštěvník
Návštěvník
Příspěvky: 198
Registrován: 14 zář 2010 19:44

Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout

#14 Příspěvek od hrdinaj »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 4.02.2019
Ran by m (06-02-2019 14:25:37)
Running from C:\Users\m\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-11-03 21:10:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-437069544-115546471-2938306295-500 - Administrator - Disabled)
Guest (S-1-5-21-437069544-115546471-2938306295-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-437069544-115546471-2938306295-1003 - Limited - Enabled)
m (S-1-5-21-437069544-115546471-2938306295-1000 - Administrator - Enabled) => C:\Users\m
UpdatusUser (S-1-5-21-437069544-115546471-2938306295-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 17.00 beta (x64) (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov)
Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{CB320215-F4BD-40FD-A209-62B131DA1B82}) (Version: 99.9 - Eyeo GmbH)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Arta Software version 1.8.5 (HKLM-x32\...\ArtaSoftware_is1) (Version: - ARTALABS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 71.0.1037.98 - Autoři prohlížeče Avast Secure Browser)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Bandizip (HKLM\...\Bandizip) (Version: 6.10 - Bandisoft.com)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.7.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG5500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series) (Version: 1.02 - Canon Inc.)
Canon MG5500 series On-screen Manual (HKLM-x32\...\Canon MG5500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - )
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.4.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5666 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DVB Dream version 1.5e (HKLM-x32\...\DVB Dream_is1) (Version: - )
DVD43 v4.6.0 (HKLM-x32\...\DVD43_is1) (Version: - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ETDWare PS/2-X64 10.6.9.9_WHQL (HKLM\...\Elantech) (Version: 10.6.9.9 - ELAN Microelectronic Corp.)
Firefox Preloader (HKLM-x32\...\Firefox Preloader_is1) (Version: 1.0.366.0 - 6XGate Incorporated)
FormatFactory 3.7.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.7.0.0 - Format Factory)
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: - FreeDownloadManager.ORG)
Free MP3 Recorder 1.0 (HKLM-x32\...\{AE84E7FF-4DEC-48EC-BBA9-9A808E48DF8E}_is1) (Version: 1.0 - WordAddin Studio)
Freemore MP3 Cutter 3.8.1 (HKLM-x32\...\Freemore MP3 Cutter_is1) (Version: - FreeMoreSoft, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HOLMImpulse (HKLM\...\{97D1B7D2-4428-4B1A-B676-1C4AC877EC5B}) (Version: 01.04.0200 - HOLM Acoustics)
CHIRP (HKLM-x32\...\CHIRP) (Version: - )
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
ICQ (verze 10.0.12114) (HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\icq.desktop) (Version: 10.0.12114 - ICQ)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2669 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
IPCameraSearchTool version 1.0.0.2 (HKLM-x32\...\{4EABBC6B-B00B-41E1-AA7E-88925CDA6BDE}_is1) (Version: 1.0.0.2 - NEO)
iTunes (HKLM\...\{8C125166-94A1-4721-84CC-C9739E6EA8A7}) (Version: 12.9.3.3 - Apple Inc.)
iTV - televizní program 1.7.756 (HKLM-x32\...\iTV - televizní program_is1) (Version: - Milan Vyšata)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
JPEG Resampler Vs 5.99.99 (HKLM-x32\...\JPEG Resampler_is1) (Version: - David Macek)
KiCad 4.0.5 (HKLM-x32\...\KiCad) (Version: 4.0.5 - KiCad)
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.132 - PandoraTV)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.13 - Acer Inc.)
Lexicon Alpha Driver (HKLM\...\{AAFA253A-08A9-46A8-AB30-B4C26E578424}) (Version: 2.6 - Lexicon) Hidden
Lexicon Alpha Driver (HKLM-x32\...\Lexicon Alpha Driver) (Version: - Lexicon)
Lexicon Pantheon VST Plug-in (remove only) (HKLM-x32\...\LexiconStudio) (Version: - )
Mediatek RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.38.101 - MediatekWiFi)
MediaTek SP Driver version 5.15.24.04 (HKLM\...\MediaTek SP Driver_is1) (Version: 5.15.24.04 - MediaTek.Inc.)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2010 pro podnikatele (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 65.0 (x64 cs) (HKLM\...\Mozilla Firefox 65.0 (x64 cs)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0 - Mozilla)
MP3 Speed Changer 3.01 (HKLM-x32\...\MP3SpeedChanger_is1) (Version: - Crazy Boomerang Software)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multi-channel USB Audio v3.20.0 (HKLM-x32\...\Software_Soundcraft_SoundcraftUSBAudio_Setup) (Version: 3.20.0 - Soundcraft)
Nero InCD (HKLM\...\{59482AA7-3E30-4B5E-A52F-4101DACC2707}) (Version: 6.6.5100 - Nero AG)
Nokia Care Suite 5.0 (HKLM-x32\...\{A0841FEE-879B-4825-86AE-90B8A44021F8}) (Version: 2012.40.5.8 - Nokia)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
NVIDIA Ovladače grafiky 311.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.30 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1930.243 - Trusteer)
Opera Stable 38.0.2220.31 (HKLM-x32\...\Opera 38.0.2220.31) (Version: 38.0.2220.31 - Opera Software)
Opera Stable 57.0.3098.116 (HKLM-x32\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software)
Ovládací panel NVIDIA 311.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 311.30 - NVIDIA Corporation) Hidden
P2P BLOW PC (HKLM-x32\...\{40EF2025-5FDE-4033-AE73-942CBBC2BAFE}) (Version: 3.0.2.6 - hi)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PicosmosTools 1.3.0.0 (HKLM-x32\...\PicosmosTools) (Version: 1.3.0.0 - Free Time)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.9.0 - Prolific Technology INC)
PL-2303 Vista Driver Installer (HKLM-x32\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.2.0.0 - Prolific)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1930.243 - Trusteer) Hidden
REAPER (x64) (HKLM\...\REAPER) (Version: - )
Registrace uživatele zařízení Canon MG5500 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG5500 series) (Version: - ‭Canon Inc.)
Room EQ Wizard 5.16 (HKLM-x32\...\4549-9647-2313-4375) (Version: 5.16 - John Mulcahy)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.45.00(23.5.2014) - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.01.00:36 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
SFM 4 B2 Mouse Driver (HKLM-x32\...\{865865F2-6748-4710-99DC-5248204D8FD4}_is1) (Version: 1.0 - )
Skype verze 8.38 (HKLM-x32\...\Skype_is1) (Version: 8.38 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
Software Informer 1.4.1273.0 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
SpeakerManagement V1.3 (HKLM-x32\...\SpeakerManagement V1.3) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.0.13880 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
UC232A_Win 7_64bit (HKLM-x32\...\{437BDACD-9584-4A01-A814-27EA01B452A6}) (Version: 1.0.082 - Aten International Co., Ltd.)
UV_5R_VIP (HKLM-x32\...\ST6UNST #2) (Version: - )
VDownloader 4.1.1539 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
VirtualDJ LE (N4) (HKLM-x32\...\{70D728E5-253A-4296-8D1E-F37DADA6F3F5}) (Version: 7.0.5 - Atomix Productions)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VUPlayer (HKLM-x32\...\VUPlayer) (Version: - )
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 8.40 - NCH Software)
web control version 3.0.4.0 (HKLM-x32\...\{3D8D219C-0362-457F-B847-2FC07C2BE520}_is1) (Version: 3.0.4.0 - )
WhatsApp (HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\WhatsApp) (Version: 0.2.5371 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (01/27/2014 2.10.00) (HKLM\...\A360E2EA788FFC586113AFE1F2AABF01EBE7A248) (Version: 01/27/2014 2.10.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (01/27/2014 2.10.00) (HKLM\...\42F5D8399C4B7EB9005D88E9045ABB1A715CD59A) (Version: 01/27/2014 2.10.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Wings 3D 2.1.5 (HKLM-x32\...\Wings 3D 2.1.5) (Version: - )
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinZip 21.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410F}) (Version: 21.5.12480 - WinZip Computing, S.L. )
wOBD (HKLM-x32\...\ST6UNST #1) (Version: - )
Yamaha USB-MIDI Driver (HKLM\...\{2D488455-3E89-49EF-BA6E-92C2503DC89D}) (Version: 3.1.4.1 - Yamaha Corporation) Hidden
Yamaha USB-MIDI Driver (HKLM-x32\...\InstallShield_{2D488455-3E89-49EF-BA6E-92C2503DC89D}) (Version: 3.1.4.1 - Yamaha Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-437069544-115546471-2938306295-1000_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl64.dll (Bandisoft -> Bandisoft.com)
CustomCLSID: HKU\S-1-5-21-437069544-115546471-2938306295-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers1: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers1: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => -> No File
ContextMenuHandlers1-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers1-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1-x32: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-19] (Corel Corporation -> WinZip Computing, S.L.)
ContextMenuHandlers2: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers2: [InCDShellExt] -> {09bffb91-ecda-4149-bcfd-d87a345c219e} => C:\Program Files\Nero\Tools\InCD\InCDshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers2-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers4: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers4-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers4-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-19] (Corel Corporation -> WinZip Computing, S.L.)
ContextMenuHandlers5: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-02-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers6-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6-x32: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6-x32: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-19] (Corel Corporation -> WinZip Computing, S.L.)
ContextMenuHandlers1_S-1-5-21-437069544-115546471-2938306295-1000: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers2_S-1-5-21-437069544-115546471-2938306295-1000: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers4_S-1-5-21-437069544-115546471-2938306295-1000: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers5_S-1-5-21-437069544-115546471-2938306295-1000: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C51C327-9E18-481E-8194-45FC00B1F650} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {0C996BD2-9C49-4A0F-B792-4E50A1F8D30A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {11ADFA52-B4FB-4F70-A387-BAC8CD635106} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {15819AD5-E153-4F8D-AB3F-D043A95E8890} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
Task: {543F12F2-DCA1-49D8-89A3-D49494B804DF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {564A30B6-AB9B-47AE-8A60-9C553EB8A1F5} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {5A1F9590-A9BF-4081-8A48-91C09BC9AE91} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd -> Piriform Ltd)
Task: {5BC44BC8-277D-4534-A828-EC6BA64EE5B8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {92C2D418-D10A-4430-B362-208E4FEC92E2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A8C24962-0FF0-45FD-8362-252A11C00111} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {AF3B488E-FDBD-4777-88DD-4CD66D915A08} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2015-03-30] (Informer Technologies, Inc.)
Task: {B00FE2D2-28D4-4E0C-B79F-386DE6BC8099} - System32\Tasks\Opera scheduled Autoupdate 1415390993 => c:\program files (x86)\opera\launcher.exe [2019-01-09] (Opera Software AS -> Opera Software)
Task: {B4A9E5E5-C44F-4152-BD47-DE26A615A8AD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {B832EFFE-E7E7-434B-A0D3-6345A9D1EC98} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C057EADB-886A-4CF5-978A-CC5D496CED3D} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {CC4A4CC9-B09D-4644-9389-E6F4DC92729E} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2017-04-19] (WinZip)
Task: {E36B06F1-CC42-4603-99EB-2613FA943AF9} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2019-01-15] (Apple Inc. -> Apple Inc.)
Task: {F1752DA7-A09C-40AC-AE21-55E19174BA32} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

Shortcut: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com
Shortcut: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com

ShortcutWithArgument: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\m\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768

==================== Loaded Modules (Whitelisted) ==============

2014-11-04 21:23 - 2013-02-20 20:24 - 000087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2019-01-17 09:23 - 2019-01-17 09:23 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-02-06 08:53 - 2019-02-06 08:53 - 006953616 _____ () C:\Program Files\AVAST Software\Avast\defs\19020506\algo64.dll
2019-01-17 09:23 - 2019-01-17 09:23 - 000550792 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2019-01-17 09:24 - 2019-01-17 09:24 - 001175944 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2019-01-17 09:23 - 2019-01-17 09:23 - 001967496 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2015-11-25 13:20 - 2011-04-11 06:26 - 000034304 _____ () C:\Windows\System32\spd__l.dll
2019-01-15 01:27 - 2019-01-15 01:27 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-01-05 00:14 - 2018-01-05 00:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-04-11 03:17 - 2017-04-11 03:17 - 000192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2015-01-04 19:54 - 2013-05-14 10:50 - 000140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2012-02-28 09:07 - 2012-02-28 09:07 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2019-01-17 09:24 - 2019-01-17 09:24 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 002160128 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avformat-57.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 012621312 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avcodec-57.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 000139264 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swresample-2.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 000484352 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avutil-55.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 002111488 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avfilter-6.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 000663040 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swscale-4.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 000071168 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\postproc-54.dll
2017-01-31 22:23 - 2016-10-13 16:36 - 065771520 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libcef.dll
2017-01-31 22:23 - 2016-10-13 16:36 - 002129920 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libglesv2.dll
2017-01-31 22:23 - 2016-10-13 16:36 - 000087040 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libegl.dll
2014-10-23 20:19 - 2018-09-10 15:12 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2019-01-09 10:28 - 2018-05-14 17:58 - 000614400 _____ () C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe
2015-06-02 14:51 - 2015-06-02 14:51 - 000545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2016-10-31 21:23 - 2014-05-13 12:04 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-10-31 21:23 - 2014-05-13 12:04 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-10-31 21:23 - 2014-05-13 12:04 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-10-31 21:23 - 2012-08-23 10:38 - 000574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-10-31 21:23 - 2012-04-03 17:06 - 000565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2019-01-15 01:28 - 2019-01-15 01:28 - 001042744 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2018-01-05 00:14 - 2018-01-05 00:14 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-17 17:36 - 2014-08-06 03:37 - 001203856 _____ () C:\Program Files (x86)\MediatekWiFi\Common\RaWLAPI.dll
2019-01-15 01:28 - 2019-01-15 01:28 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2019-01-09 10:28 - 2018-06-15 09:11 - 000057344 _____ () C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\lan.dll
2019-01-09 10:28 - 2018-05-05 17:26 - 000040960 _____ () C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\KBHook.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\samsungsetup.com -> hxxp://www.samsungsetup.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-02-06 10:52 - 000000053 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\VDownloader
HKU\S-1-5-21-437069544-115546471-2938306295-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\m\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 178.17.0.11 - 178.17.0.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Firefox Preloader.lnk => C:\Windows\pss\Firefox Preloader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Soundcraft USB Audio Control Panel Autostart.lnk => C:\Windows\pss\Soundcraft USB Audio Control Panel Autostart.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Soundcraft USB Control Panel.lnk => C:\Windows\pss\Soundcraft USB Control Panel.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^m^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk => C:\Windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk.Startup
MSCONFIG\startupreg: AvgUi => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
MSCONFIG\startupreg: BlazeServoTool => "C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe"
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MSCONFIG\startupreg: icq.desktop => "C:\Users\m\AppData\Roaming\ICQ\bin\icq.exe" /startup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1445AB92-FC2D-4D9A-B4B8-4B0F690A836F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B7735037-14F6-4CC4-BC1A-40E93C847C17}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D3518227-15BA-4E13-AA38-31BD481FFF72}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{47FFF7A7-F96B-4E49-9BBB-CF96369C5DB0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{E88AE31C-5FE0-4E92-BCD8-6299B913EA52}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{206325AE-8C1E-48E2-B6EF-F3A4C13FC7B0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D0AA8663-AA6E-4E92-A593-F80760D7033A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{957F6428-E58A-472D-BF64-7ABFB3117530}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FAF6C809-9CDA-4CDC-AC27-00958FB26445}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2969165D-0CEA-483E-B95B-36F3EE83DCD7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{F925D4D7-4FB9-470F-B561-30D4C27084EE}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe (chen jun hao -> Picosmos)
FirewallRules: [UDP Query User{DF37F468-0F30-4483-AD8A-EBF3298C0E1B}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe (chen jun hao -> Picosmos)
FirewallRules: [TCP Query User{DC6D1239-988B-48B1-A6D8-5E4451BB67DE}C:\program files (x86)\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\formatfactory\formatfactory.exe (chen jun hao -> Free Time)
FirewallRules: [UDP Query User{8784F955-8CF5-4600-8911-E98C31689AF3}C:\program files (x86)\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\formatfactory\formatfactory.exe (chen jun hao -> Free Time)
FirewallRules: [{2C28C83C-CE44-42B9-BE86-FCE7BFD36AF3}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{5842C6AB-DC34-4CD7-9DB2-5F1C39E8207C}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{F1152C46-4681-49D8-940D-FD558204923A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{7B2AD1CA-231F-4BFC-BF47-DDBF5A0B07C0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{3BB0E174-CE0C-4934-B89C-826298115763}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{CA1623C8-6835-4127-A9ED-71F213912254}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{E2C9C1C5-005D-4D45-B1AC-1874205DCC6B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{255820FD-7323-4746-994D-ADE21D827566}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{4F8AF6C3-30FE-4B47-8668-ECCB7164BA6A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe (CryptCATAdminCalcHashFromFileHandle failed to return cbHash, #2 -> Samsung Electronics Co., Ltd.)
FirewallRules: [{C1AE4854-1F07-4FB5-B5B1-612F4495D0D5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe (CryptCATAdminCalcHashFromFileHandle failed to return cbHash, #2 -> Samsung Electronics Co., Ltd.)
FirewallRules: [{89885AB9-CF7F-430E-82C6-52B0592A8550}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{F0ABDE51-B6D7-41D8-B120-7CB58E2EF63D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{766E061C-A817-44D3-9B35-723D42ACB92A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe (Samsung Electronics CO., LTD. -> ScanProcess)
FirewallRules: [{5C34C3B6-A77A-4229-8331-332D9A491609}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe (Samsung Electronics CO., LTD. -> ScanProcess)
FirewallRules: [{69569208-7DBF-453C-9995-454C45468075}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe (Samsung Electronics CO., LTD. -> Scan2PCNotify)
FirewallRules: [{23879F8F-C9F2-4EC0-AE7C-1616030A7DE2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe (Samsung Electronics CO., LTD. -> Scan2PCNotify)
FirewallRules: [{DE3E7CFE-E1BF-4A95-B2EB-DF8142344201}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{FE1A7505-155B-450F-8EA0-E96C14AAA5A2}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{5D9B9FA3-7AD0-4229-8BE6-48C8E5CB7BF6}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe ()
FirewallRules: [UDP Query User{1ED373B2-C8AF-40B9-B6E4-31FC4A6CDF43}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe ()
FirewallRules: [TCP Query User{4CB14BCD-F281-40DB-8244-27252D716E16}C:\program files (x86)\ipcamerasearchtool\searchtool.exe] => (Allow) C:\program files (x86)\ipcamerasearchtool\searchtool.exe ()
FirewallRules: [UDP Query User{BFEB0B56-1E32-4ABA-AFD9-C4F9DE4DAAC5}C:\program files (x86)\ipcamerasearchtool\searchtool.exe] => (Allow) C:\program files (x86)\ipcamerasearchtool\searchtool.exe ()
FirewallRules: [{9763EE5A-4224-4C22-8580-019A896BD084}] => (Block) C:\program files (x86)\ipcamerasearchtool\searchtool.exe ()
FirewallRules: [{482391F7-5765-4453-A227-E962EAA3775E}] => (Block) C:\program files (x86)\ipcamerasearchtool\searchtool.exe ()
FirewallRules: [{E9CB7E75-A617-4692-A21A-EEB3D262C24E}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (Softdeluxe Ltd. -> FreeDownloadManager.org)
FirewallRules: [{979B30FB-1233-4A70-B73E-4D06E4267750}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (Softdeluxe Ltd. -> FreeDownloadManager.org)
FirewallRules: [{FF7F1723-77C8-4EAD-8F57-D5AC57A5B862}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe (Ralink)
FirewallRules: [{C90EE39F-A3A7-45A2-8BCB-AE5DDCE6EC43}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe (Ralink)
FirewallRules: [{DB8965D5-20DE-4C07-8B5E-CBDAAC621692}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe (MEDIATEK INC. -> Mediatek Inc.)
FirewallRules: [TCP Query User{C462EB39-23FE-453F-93E4-EE1F68AFF93B}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{9C96CCC4-DA6F-4B64-A52E-C237FF178C63}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [TCP Query User{8758BCD8-75E3-4363-A89A-497F572C0A70}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{B1C0C7DC-5BB5-4966-9116-01E16198D1A0}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [{5C51827B-E6BE-46A9-9178-81B3F4C585CD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B0DBC307-3A18-4667-930E-962FE47E6B43}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{CFD45019-6B43-416F-A72B-53BD0257AE48}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C3F7E535-E896-4554-AD9A-32B4D49D5BAC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{CA08D84A-C7AE-4A3D-85A6-6E9A2555341D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F738F4B4-DD69-4F32-9FE6-83A00DC14AF5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F2FDE267-D526-4B44-AAFD-9C4BC8DE7BD4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{365C2984-9886-4DCE-84E8-DD0C25052502}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [UDP Query User{4B0C1C79-A5E7-4C91-83DA-F90EF6B5DFF6}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F037DB64-4874-4CD8-BCD9-DE01D6532CF8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{AF1C28C7-07F0-4635-A10A-F591363C6605}] => (Allow) c:\program files (x86)\opera\57.0.3098.106\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{C732C861-AA83-4321-87F3-376FBE461D61}] => (Allow) c:\program files (x86)\opera\57.0.3098.116\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{AB646575-766D-43DB-8D9F-6E84602A80F3}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{67B189C0-45C8-46F8-8C08-E17BA5471F2F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{A6746D53-8E30-4A4B-9708-94961D52283F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{B7F5A355-6827-4160-8C60-FAC4C100C774}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1E09FC95-4BBB-40CD-8CD0-DF2640BBB68E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{821B8B2D-DF90-49BB-BA29-F741FE5CA62A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

26-12-2018 10:22:03 Naplánovaný kontrolní bod
04-01-2019 20:55:27 Naplánovaný kontrolní bod
11-01-2019 09:16:28 Installed Rapport
21-01-2019 09:34:10 Naplánovaný kontrolní bod
28-01-2019 10:59:27 Naplánovaný kontrolní bod
05-02-2019 09:24:41 Naplánovaný kontrolní bod
06-02-2019 13:30:12 Restore Point Created by FRST
06-02-2019 14:07:05 Restore Point Created by FRST

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/06/2019 02:18:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/06/2019 02:07:04 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {2cc58155-6a4a-4827-87ca-1a7f6e2d07e8}

Error: (02/06/2019 02:03:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/06/2019 01:59:54 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (02/06/2019 01:37:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/06/2019 01:30:11 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {f1c74c4f-d971-4ef5-ac0c-bfec1e9fdae7}

Error: (02/06/2019 12:59:54 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (02/06/2019 11:59:54 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.


System errors:
=============
Error: (02/06/2019 02:20:21 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 70. Stav interní chyby: 105

Error: (02/06/2019 02:19:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/06/2019 02:11:43 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: Nelze spustit server DCOM: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}. Došlo k chybě:
%%5 = Přístup byl odepřen.
při provádění příkazu:
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/06/2019 02:07:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba InCD Helper byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/06/2019 02:07:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (02/06/2019 02:07:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (02/06/2019 02:07:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (02/06/2019 02:07:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Update Service Daemon byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2015-11-27 02:55:34.420
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\ProgramData\eWMiniProe\WMiniPro.exe;folder:C:\Users\m\AppData\Roaming\istartsurf\;process:pid:1036,ProcessStart:130930626677479684;service:WdsManPro
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:

Date: 2015-11-25 16:19:33.708
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\ProgramData\eWMiniProe\WMiniPro.exe;folder:C:\Users\m\AppData\Roaming\istartsurf\;process:pid:1800,ProcessStart:130929380506725339;service:WdsManPro
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:

Date: 2015-11-24 09:34:35.982
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\ProgramData\eWMiniProe\WMiniPro.exe;process:pid:1988,ProcessStart:130918761752753436
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe

Date: 2015-08-21 08:10:44.237
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files (x86)\MiuiTab\BrowerWatchCH.dll;file:C:\Program Files (x86)\MiuiTab\BrowerWatchFF.dll;file:C:\Program Files (x86)\MiuiTab\BrowserAction.dll;file:C:\Program Files (x86)\MiuiTab\conf;file:C:\Program Files (x86)\MiuiTab\defsearchp@gmail.com!1.0.0.1039.xpi;file:C:\Program Files (x86)\MiuiTab\ffsearch_toolbar!1.0.0.1031.xpi;file:C:\Program Files (x86)\MiuiTab\IeWatchDog.dll;file:C:\Program Files (x86)\MiuiTab\install.data;file:C:\Program Files (x86)\MiuiTab\msvcp110.dll;file:C:\Program Files (x86)\MiuiTab\msvcr110.dll;file:C:\Program Files (x86)\MiuiTab\searchProvider.xml;file:C:\Program Files (x86)\MiuiTab\skin\about.png;file:C:\Program Files (x86)\MiuiTab\skin\about_bk.png;file:C:\Program Files (x86)\MiuiTab\skin\btn.png;file:C:\Program Files (x86)\MiuiTab\skin\btn_apply.png;file:C:\Program Files (x86)\MiuiTab\skin\close.png;file:C:\Program Files (x86)\MiuiTab\skin\conf.xml;file:C:\Program Files (x86)\MiuiTab\skin\conf_back.png;file:C:\Program Files (x86)\MiuiTab\skin\input_bk.png;file:C:\
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe

Date: 2015-08-21 08:04:21.468
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\ProgramData\nWinManPron\ProtectWindowsManager.exe;process:pid:1436,ProcessStart:130845279859304763
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe

Date: 2015-04-22 12:57:49.182
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

CodeIntegrity:
===================================

Date: 2016-12-27 18:27:08.665
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-27 18:27:08.579
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-27 18:26:22.818
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-10-24 10:45:08.586
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-24 10:45:08.506
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-24 10:45:08.426
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-21 20:32:02.312
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-21 20:32:02.247
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 52%
Total physical RAM: 8010.36 MB
Available physical RAM: 3776.64 MB
Total Virtual: 16018.88 MB
Available Virtual: 11503.13 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:261.44 GB) NTFS

\\?\Volume{de627543-639c-11e4-b131-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F63ECFB0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout

#15 Příspěvek od Diallix »

:arrow: Odinstaluje SpyBot

:arrow: Otestujte na virustotal.com tento subor a vysledok skopirujte sem:
C:\Windows\System32\DRIVERS\ser2at64.sys
:arrow: Poprosim o novy log FRST
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Odpovědět