Právě je 25 kvě 2019 21:19

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina


Pravidla fóra


Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz



Odeslat nové téma Toto téma je zamknuté. Nemůžete posílat nové příspěvky ani odpovídat na starší.  [ Příspěvků: 13 ] 
Autor Zpráva
 Předmět příspěvku: prosim o kontrolu .Pc pomaly reaguje
PříspěvekNapsal: 14 úno 2019 12:58 
Offline
Návštěvník
Návštěvník

Registrován: 27 led 2007 13:36
Příspěvky: 71
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13.02.2019
Ran by ronin (administrator) on DESKTOP-MP916VR (14-02-2019 12:06:42)
Running from C:\Users\ronin\Downloads
Loaded Profiles: ronin & postgres (Available Profiles: ronin & postgres)
Platform: Windows 10 Pro Version 1803 17134.523 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
() C:\Windows\System32\fpCSEvtSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Online Media Technologies Ltd.) C:\Program Files (x86)\AVS4YOU\AVSDVDPlayer\AVSDVDPlayer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Online Media Technologies Ltd.) C:\Program Files (x86)\AVS4YOU\AVSDVDPlayer\AVSDVDPlayer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Online Media Technologies Ltd.) C:\Program Files (x86)\AVS4YOU\AVSDVDPlayer\AVSDVDPlayer.exe
(Online Media Technologies Ltd.) C:\Program Files (x86)\AVS4YOU\AVSDVDPlayer\AVSDVDPlayer.exe
(Online Media Technologies Ltd.) C:\Program Files (x86)\AVS4YOU\AVSDVDPlayer\AVSDVDPlayer.exe
(Online Media Technologies Ltd.) C:\Program Files (x86)\AVS4YOU\AVSDVDPlayer\AVSDVDPlayer.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\Install\{1C98BEA3-1B51-4D6D-9DE1-338A9F7C57B8}\72.0.3626.109_chrome_installer.exe
(Google Inc.) C:\Windows\Temp\CR_1C4A5.tmp\setup.exe
(Google Inc.) C:\Windows\Temp\CR_1C4A5.tmp\setup.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-01-19] (IDT, Inc.) [File not signed]
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [338000 2015-06-22] (Hewlett-Packard -> Hewlett-Packard Company)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139872 2018-01-05] (Wargaming PCL -> Wargaming.net)
HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3769689683-3705519010-605967400-1005\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32-x32: [msacm.voxacm160] => C:\Windows\SysWOW64\vct3216.acm [82944 2003-05-21] (Voxware, Inc.)
HKLM\...\Drivers32-x32: [msacm.scg726] => C:\Windows\SysWOW64\scg726.acm [13239 2000-03-14] (SHARP Corporation)
HKLM\...\Drivers32-x32: [msacm.alf2cd] => C:\Windows\SysWOW64\alf2cd.acm [38912 2003-05-21] (NCT Company)
HKLM\...\Drivers32-x32: [msacm.ac3acm] => C:\Windows\SysWOW64\AC3ACM.acm [81920 2004-02-04] (fccHandler)
HKLM\...\Drivers32-x32: [vidc.dvsd] => C:\Windows\SysWOW64\mcdvd_32.dll [261632 2007-09-27] (MainConcept)
HKLM\...\Drivers32-x32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [139264 2007-09-27] ()
HKLM\...\Drivers32-x32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [638976 2007-09-27] (DivXNetworks, Inc.)
HKLM\...\Drivers32-x32: [vidc.mpg4] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2007-09-27] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.mp42] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2007-09-27] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.mp43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2007-09-27] (Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-22] (Google Inc -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\Installer\chrmstp.exe [2019-01-26] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\Users\ronin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2017-12-31]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
Startup: C:\Users\ronin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater-SVO.lnk [2018-12-28]
ShortcutTarget: RT-Updater-SVO.lnk -> C:\Ross-Tech\VCDS-SVO\VCDS.exe (Ross-Tech, LLC)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{57ac1fcd-8909-493e-add0-d751fc7ea72b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{71e207b0-2f2f-4cc7-ac27-0f2bd1b0a751}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99f179d7-d196-49da-9bfd-3d5e081c65b1}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{dc5a43a9-698a-4b5b-a3a5-177d6f6e72dc}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3769689683-3705519010-605967400-1001 -> {1E9A8010-5408-41D0-9A24-35C6E31B7C81} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)

Chrome:
=======
CHR HomePage: Default -> hxxp://search.babylon.com/?AF=100888&ba ... 17fe1c812b
CHR StartupUrls: Default -> "hxxp://google.sk/"
CHR Profile: C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default [2019-02-14]
CHR Extension: (Prezentácie) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-21]
CHR Extension: (Dokumenty) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-21]
CHR Extension: (Disk Google) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-03]
CHR Extension: (YouTube) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-03]
CHR Extension: (Tabuľky) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-21]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-02-13]
CHR Extension: (Gmail) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-03]
CHR Extension: (Chrome Media Router) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-27]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - <no Path/update_url>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-18] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-18] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\elevation_service.exe [390552 2019-01-09] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-09-13] (Digital Wave Ltd -> Digital Wave Ltd.)
R2 fpCsEvtSvc; C:\WINDOWS\system32\fpCSEvtSvc.exe [22488 2017-05-22] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2016-05-26] (Freemake) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [684624 2015-06-22] (Hewlett-Packard -> Hewlett-Packard Company)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373760 2017-01-27] (Intel(R) pGFX -> Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] (Canon Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-01-19] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255584 2017-08-19] (Synaptics Incorporated -> Synaptics Incorporated)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [82912 2017-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation -> Microsoft Corporation)
R2 postgresql-x64-9.5; "C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe" runservice -N "postgresql-x64-9.5" -D "C:\Program Files\PostgreSQL\9.5\data" -w

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP Inc. -> HP)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-06] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249672 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [208192 2016-01-20] (Broadcom Corporation -> Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7480496 2013-09-13] (Broadcom Corporation -> Broadcom Corporation)
S3 btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [224560 2016-01-20] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwavdt; C:\WINDOWS\system32\DRIVERS\btwavdt.sys [244952 2017-04-10] (Broadcom Corporation -> Broadcom Corporation.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP Inc. -> HP)
R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr64.sys [37112 2015-06-17] (Hewlett-Packard Company -> Hewlett-Packard Company)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2018-04-07] (Martin Malik - REALiX -> REALiX(tm))
S3 ksapi64; C:\WINDOWS\system32\drivers\ksapi64.sys [89776 2018-02-08] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [52832 2018-07-02] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S3 RT-USB; C:\WINDOWS\system32\drivers\RT-USB64.SYS [97152 2014-05-12] (Ross-Tech, LLC -> Ross-Tech LLC)
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [782816 2017-05-15] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51288 2017-08-19] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1063520 2017-02-23] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [551936 2014-01-19] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-14 12:06 - 2019-02-14 12:16 - 000023959 _____ C:\Users\ronin\Downloads\FRST.txt
2019-02-14 12:06 - 2019-02-14 12:06 - 000000000 ____D C:\FRST
2019-02-14 11:36 - 2019-02-14 12:04 - 002433536 _____ (Farbar) C:\Users\ronin\Downloads\FRST64.exe
2019-02-14 11:33 - 2019-02-14 11:33 - 000103398 _____ C:\Users\ronin\Downloads\Nepotvrdené 94365.crdownload
2019-02-14 11:33 - 2019-02-14 11:33 - 000103398 _____ C:\Users\ronin\Downloads\Nepotvrdené 919437.crdownload
2019-02-14 11:33 - 2019-02-14 11:33 - 000103398 _____ C:\Users\ronin\Downloads\Nepotvrdené 777362.crdownload
2019-02-14 11:33 - 2019-02-14 11:33 - 000103398 _____ C:\Users\ronin\Downloads\Nepotvrdené 733025.crdownload
2019-02-14 11:33 - 2019-02-14 11:33 - 000103398 _____ C:\Users\ronin\Downloads\Nepotvrdené 353422.crdownload
2019-02-14 11:33 - 2019-02-14 11:33 - 000103398 _____ C:\Users\ronin\Downloads\Nepotvrdené 18811.crdownload
2019-02-14 11:12 - 2019-02-14 11:12 - 000002028 _____ C:\Users\ronin\Documents\cc_20190214_111240.reg
2019-02-14 11:02 - 2019-02-14 11:04 - 019341880 _____ (Piriform Software Ltd) C:\Users\ronin\Downloads\ccsetup552.exe
2019-02-13 16:37 - 2019-02-13 16:39 - 149536768 _____ C:\Users\ronin\Downloads\Nepotvrdené 173405.crdownload
2019-02-13 16:36 - 2019-02-13 16:38 - 209084280 _____ C:\Users\ronin\Downloads\PowerDVD_18.0.1619.62_Trial_DVD180301-13.exe
2019-02-13 16:32 - 2019-02-13 16:33 - 012184200 _____ C:\Users\ronin\Downloads\CyberLink_PowerDVD_Downloader.exe
2019-02-13 16:25 - 2019-02-13 16:25 - 000784884 _____ C:\WINDOWS\system32\PerfStringBackup.TMP
2019-02-13 16:07 - 2019-02-14 11:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2019-02-13 16:07 - 2019-02-14 11:16 - 000000000 ____D C:\Program Files (x86)\AVS4YOU
2019-02-13 16:07 - 2007-09-27 14:22 - 000638976 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divx.dll
2019-02-13 16:07 - 2007-09-27 14:22 - 000524288 _____ C:\WINDOWS\SysWOW64\xvidcore.dll
2019-02-13 16:07 - 2007-09-27 14:22 - 000413760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg4c32.dll
2019-02-13 16:07 - 2007-09-27 14:22 - 000261632 _____ (MainConcept) C:\WINDOWS\SysWOW64\mcdvd_32.dll
2019-02-13 16:07 - 2007-09-27 14:22 - 000139264 _____ C:\WINDOWS\SysWOW64\xvidvfw.dll
2019-02-13 16:07 - 2004-09-06 16:06 - 000053248 _____ C:\WINDOWS\SysWOW64\xvid.ax
2019-02-13 16:07 - 2004-02-04 21:11 - 000081920 _____ (fccHandler) C:\WINDOWS\SysWOW64\AC3ACM.acm
2019-02-13 16:07 - 2003-05-22 12:26 - 000221215 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divxdec.ax
2019-02-13 16:07 - 2003-05-21 23:50 - 000156910 _____ C:\WINDOWS\WMSysPr8.prx
2019-02-13 16:07 - 2003-05-21 23:50 - 000082944 _____ (Voxware, Inc.) C:\WINDOWS\SysWOW64\vct3216.acm
2019-02-13 16:07 - 2003-05-21 23:50 - 000038912 _____ (NCT Company) C:\WINDOWS\SysWOW64\alf2cd.acm
2019-02-13 16:07 - 2003-05-21 12:50 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2019-02-13 16:07 - 2003-03-25 05:49 - 000098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\SysWOW64\L3CODECX.AX
2019-02-13 16:07 - 2002-01-05 15:48 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70.dll
2019-02-13 16:07 - 2002-01-05 14:40 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp70.dll
2019-02-13 16:07 - 2000-03-14 20:55 - 000013239 _____ (SHARP Corporation) C:\WINDOWS\SysWOW64\Scg726.acm
2019-02-13 16:05 - 2019-02-13 16:06 - 026895592 _____ (Online Media Technologies Ltd. ) C:\Users\ronin\Downloads\AVSDVDPlayer.exe
2019-02-13 15:59 - 2019-02-13 15:59 - 000249672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-02-13 15:55 - 2019-02-13 15:55 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-01-19 18:57 - 2019-01-19 18:57 - 000009388 _____ C:\Users\ronin\Documents\cc_20190119_185720.reg
2019-01-18 23:28 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-18 23:28 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-18 23:28 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-18 23:28 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-18 23:28 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-18 23:28 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-18 23:28 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-18 23:28 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-18 23:28 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-18 23:28 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-18 23:28 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-18 23:28 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-18 23:28 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-18 23:28 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-18 23:28 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-18 23:28 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-18 23:28 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-18 23:28 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-18 23:28 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-18 23:28 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-18 23:28 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-18 23:28 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-18 23:28 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-18 23:28 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-18 23:28 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-18 23:28 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-18 23:28 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-18 23:28 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-18 23:28 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-18 23:28 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-18 23:28 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-18 23:28 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-18 23:28 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-18 23:28 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-18 23:28 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-18 23:28 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-18 23:28 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-18 23:28 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-18 23:28 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-18 23:28 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-18 23:28 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-18 23:28 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-18 23:28 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-18 23:28 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-18 23:28 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-18 23:28 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-18 23:28 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-18 23:28 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-18 23:28 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-18 23:28 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-18 23:28 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-18 23:28 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-18 23:28 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-18 23:28 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-18 23:28 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-18 23:28 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-18 23:28 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-18 23:28 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-18 23:28 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-18 23:28 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-18 23:28 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-18 23:28 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-18 23:28 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-18 23:28 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-18 23:28 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-18 23:28 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-18 23:28 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-18 23:28 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-18 23:28 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-18 23:28 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-18 23:28 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-18 23:28 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-18 23:28 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-18 23:28 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-18 23:28 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-18 23:27 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-18 23:27 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-18 23:27 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-18 23:27 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-18 23:27 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-18 23:27 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-18 23:27 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-18 23:27 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-18 23:27 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-18 23:27 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-18 23:27 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-18 23:27 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-18 21:39 - 2019-02-13 15:54 - 000225680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-14 12:35 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-14 12:04 - 2018-06-10 17:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-14 11:22 - 2017-08-30 22:00 - 000000000 ____D C:\Users\ronin\AppData\Local\ElevatedDiagnostics
2019-02-14 11:09 - 2018-10-04 21:23 - 000000000 ____D C:\Users\ronin\AppData\Local\CrashDumps
2019-02-14 11:06 - 2018-09-08 11:30 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-02-14 11:06 - 2018-04-07 09:54 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-02-14 11:06 - 2018-04-07 09:54 - 000000000 ____D C:\Program Files\CCleaner
2019-02-14 10:43 - 2017-08-19 20:17 - 000000000 ____D C:\ProgramData\CanonIJPLM
2019-02-14 10:40 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-02-14 10:27 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-14 10:27 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-13 16:28 - 2017-09-05 17:46 - 000000000 ____D C:\Users\ronin\AppData\Roaming\vlc
2019-02-13 16:26 - 2017-11-10 14:53 - 000000000 ____D C:\Users\ronin\AppData\Roaming\dvdcss
2019-02-13 16:25 - 2017-07-26 22:08 - 000670874 _____ C:\WINDOWS\system32\perfh01B.dat
2019-02-13 16:25 - 2017-07-26 22:08 - 000197104 _____ C:\WINDOWS\system32\perfc01B.dat
2019-02-13 16:19 - 2018-11-26 17:17 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-02-13 16:19 - 2018-06-10 17:48 - 000003384 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-02-13 16:19 - 2018-06-10 17:48 - 000003160 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-02-13 16:19 - 2018-06-10 17:48 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-02-13 16:19 - 2018-06-10 17:48 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-02-13 16:18 - 2018-06-10 17:48 - 000002818 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-MP916VR-ronin
2019-02-13 16:13 - 2017-07-01 22:35 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-02-13 16:13 - 2017-07-01 22:35 - 000000000 __SHD C:\Users\ronin\IntelGraphicsProfiles
2019-02-13 16:11 - 2018-06-10 17:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-13 16:11 - 2018-06-10 17:23 - 000234136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-13 16:11 - 2017-07-01 22:53 - 000000000 ____D C:\ProgramData\Synaptics
2019-02-13 16:10 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-02-13 16:04 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-13 15:58 - 2018-06-10 17:48 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-02-13 15:55 - 2018-10-12 15:21 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-02-13 15:55 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-02-13 15:55 - 2017-07-24 21:44 - 000474456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-02-13 15:55 - 2017-07-24 21:44 - 000379952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-02-13 15:55 - 2017-07-24 21:44 - 000216784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-02-13 15:55 - 2017-07-24 21:44 - 000167304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-02-13 15:55 - 2017-07-24 21:44 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-02-13 15:55 - 2017-07-24 21:44 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-02-13 15:54 - 2019-01-06 19:30 - 000320696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-02-13 15:54 - 2019-01-06 19:30 - 000196072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-02-13 15:54 - 2019-01-06 19:30 - 000057960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-02-13 15:54 - 2019-01-06 19:30 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-02-13 15:54 - 2017-11-17 20:52 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-02-13 15:54 - 2017-07-24 21:44 - 001034432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-02-10 14:42 - 2018-06-24 09:33 - 000000000 ____D C:\ProgramData\Packages
2019-02-09 15:16 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-02-03 12:53 - 2018-07-09 15:23 - 000000000 ____D C:\Users\ronin\Desktop\Enduro vyjazd
2019-01-26 20:03 - 2018-04-18 19:45 - 000002510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-01-26 20:03 - 2018-04-18 19:45 - 000002475 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-01-19 19:08 - 2018-06-10 17:28 - 000000000 ____D C:\Users\ronin
2019-01-19 18:03 - 2018-06-10 17:38 - 001722536 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-19 00:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-19 00:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-18 21:46 - 2017-07-02 00:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-18 21:40 - 2017-07-02 00:41 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-18 21:27 - 2018-11-16 20:02 - 000000000 ____D C:\Program Files\rempl

==================== Files in the root of some directories =======

2018-01-30 20:16 - 2019-01-13 21:07 - 000007680 _____ () C:\Users\ronin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-30 19:11 - 2018-09-30 19:11 - 000000000 _____ () C:\Users\ronin\AppData\Local\oobelibMkey.log
2017-08-06 21:24 - 2017-08-06 21:24 - 000000017 _____ () C:\Users\ronin\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-10 17:23

==================== End of FRST.txt ============================


Nahoru
 Profil  
 
PříspěvekNapsal: 14 úno 2019 13:42 
Offline
Rádce
Rádce
Uživatelský avatar

Registrován: 27 dub 2008 10:34
Příspěvky: 1616
Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

_________________
¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.


Nahoru
 Profil  
 
PříspěvekNapsal: 14 úno 2019 16:07 
Offline
Návštěvník
Návštěvník

Registrován: 27 led 2007 13:36
Příspěvky: 71
# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-02-12.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-14-2019
# Duration: 00:00:11
# OS: Windows 10 Pro
# Cleaned: 27
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\DriverToolkit
Deleted C:\Users\ronin\AppData\Local\DriverToolkit
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\ronin\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\Tasks\DRIVERTOOLKIT AUTORUN.job
Deleted C:\Windows\System32\Tasks\DRIVERTOOLKIT AUTORUN

***** [ Registry ] *****

Deleted HKCU\Software\csastats
Deleted HKCU\Software\DriverToolkit
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E84DFAE2-07C4-46B7-87F9-8EC53E7013DD}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DRIVERTOOLKIT AUTORUN
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm

***** [ Chromium (and derivatives) ] *****

Deleted fjbbjfdilbioabojmcplalojlmdngbjl
Deleted pelmeidfhdlhlbjimpabfcbnnojbboma
Deleted Seznam doplněk - Esko

***** [ Chromium URLs ] *****

Deleted http://search.babylon.com/?AF=100888&ba ... 17fe1c812b
Deleted Search the web (Babylon)
Deleted http://search.babylon.com/?AF=100888&ba ... 17fe1c812b
Deleted Search the web (Babylon)
Deleted webssearches
Deleted webssearches
Deleted Web Search
Deleted webssearches
Deleted webssearches
Deleted Softonic EN

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3048 octets] - [14/02/2019 15:59:18]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########


Nahoru
 Profil  
 
PříspěvekNapsal: 14 úno 2019 16:33 
Offline
Rádce
Rádce
Uživatelský avatar

Registrován: 27 dub 2008 10:34
Příspěvky: 1616
Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.

_________________
¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.


Nahoru
 Profil  
 
PříspěvekNapsal: 14 úno 2019 19:12 
Offline
Návštěvník
Návštěvník

Registrován: 27 led 2007 13:36
Příspěvky: 71
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13.02.2019
Ran by ronin (administrator) on DESKTOP-MP916VR (14-02-2019 18:48:40)
Running from C:\Users\ronin\Downloads
Loaded Profiles: ronin & postgres (Available Profiles: ronin & postgres)
Platform: Windows 10 Pro Version 1803 17134.523 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Windows\System32\fpCSEvtSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-01-19] (IDT, Inc.) [File not signed]
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [338000 2015-06-22] (Hewlett-Packard -> Hewlett-Packard Company)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139872 2018-01-05] (Wargaming PCL -> Wargaming.net)
HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3769689683-3705519010-605967400-1005\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32-x32: [msacm.voxacm160] => C:\Windows\SysWOW64\vct3216.acm [82944 2003-05-21] (Voxware, Inc.)
HKLM\...\Drivers32-x32: [msacm.scg726] => C:\Windows\SysWOW64\scg726.acm [13239 2000-03-14] (SHARP Corporation)
HKLM\...\Drivers32-x32: [msacm.alf2cd] => C:\Windows\SysWOW64\alf2cd.acm [38912 2003-05-21] (NCT Company)
HKLM\...\Drivers32-x32: [msacm.ac3acm] => C:\Windows\SysWOW64\AC3ACM.acm [81920 2004-02-04] (fccHandler)
HKLM\...\Drivers32-x32: [vidc.dvsd] => C:\Windows\SysWOW64\mcdvd_32.dll [261632 2007-09-27] (MainConcept)
HKLM\...\Drivers32-x32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [139264 2007-09-27] ()
HKLM\...\Drivers32-x32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [638976 2007-09-27] (DivXNetworks, Inc.)
HKLM\...\Drivers32-x32: [vidc.mpg4] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2007-09-27] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.mp42] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2007-09-27] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.mp43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2007-09-27] (Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-22] (Google Inc -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\Installer\chrmstp.exe [2019-01-26] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\Users\ronin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2017-12-31]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
Startup: C:\Users\ronin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater-SVO.lnk [2018-12-28]
ShortcutTarget: RT-Updater-SVO.lnk -> C:\Ross-Tech\VCDS-SVO\VCDS.exe (Ross-Tech, LLC)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{57ac1fcd-8909-493e-add0-d751fc7ea72b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{71e207b0-2f2f-4cc7-ac27-0f2bd1b0a751}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99f179d7-d196-49da-9bfd-3d5e081c65b1}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{dc5a43a9-698a-4b5b-a3a5-177d6f6e72dc}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3769689683-3705519010-605967400-1001 -> {1E9A8010-5408-41D0-9A24-35C6E31B7C81} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxp://google.sk/"
CHR Profile: C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default [2019-02-14]
CHR Extension: (Prezentácie) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-21]
CHR Extension: (Dokumenty) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-21]
CHR Extension: (Disk Google) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-03]
CHR Extension: (YouTube) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-03]
CHR Extension: (Tabuľky) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-21]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (Gmail) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-03]
CHR Extension: (Chrome Media Router) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-27]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - <no Path/update_url>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-18] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-18] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\elevation_service.exe [390552 2019-01-09] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-09-13] (Digital Wave Ltd -> Digital Wave Ltd.)
R2 fpCsEvtSvc; C:\WINDOWS\system32\fpCSEvtSvc.exe [22488 2017-05-22] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2016-05-26] (Freemake) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [684624 2015-06-22] (Hewlett-Packard -> Hewlett-Packard Company)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373760 2017-01-27] (Intel(R) pGFX -> Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] (Canon Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-01-19] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255584 2017-08-19] (Synaptics Incorporated -> Synaptics Incorporated)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [82912 2017-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation -> Microsoft Corporation)
R2 postgresql-x64-9.5; "C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe" runservice -N "postgresql-x64-9.5" -D "C:\Program Files\PostgreSQL\9.5\data" -w

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP Inc. -> HP)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-06] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249672 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [208192 2016-01-20] (Broadcom Corporation -> Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7480496 2013-09-13] (Broadcom Corporation -> Broadcom Corporation)
S3 btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [224560 2016-01-20] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwavdt; C:\WINDOWS\system32\DRIVERS\btwavdt.sys [244952 2017-04-10] (Broadcom Corporation -> Broadcom Corporation.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP Inc. -> HP)
R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr64.sys [37112 2015-06-17] (Hewlett-Packard Company -> Hewlett-Packard Company)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2018-04-07] (Martin Malik - REALiX -> REALiX(tm))
S3 ksapi64; C:\WINDOWS\system32\drivers\ksapi64.sys [89776 2018-02-08] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [52832 2018-07-02] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S3 RT-USB; C:\WINDOWS\system32\drivers\RT-USB64.SYS [97152 2014-05-12] (Ross-Tech, LLC -> Ross-Tech LLC)
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [782816 2017-05-15] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51288 2017-08-19] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1063520 2017-02-23] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [551936 2014-01-19] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-14 15:56 - 2019-02-14 16:00 - 000000000 ____D C:\AdwCleaner
2019-02-14 15:54 - 2019-02-14 15:54 - 007316688 _____ (Malwarebytes) C:\Users\ronin\Downloads\adwcleaner_7.2.7.0.exe
2019-02-14 12:38 - 2019-02-14 12:52 - 000044155 _____ C:\Users\ronin\Downloads\Addition.txt
2019-02-14 12:06 - 2019-02-14 18:49 - 000022634 _____ C:\Users\ronin\Downloads\FRST.txt
2019-02-14 12:06 - 2019-02-14 18:48 - 000000000 ____D C:\FRST
2019-02-14 11:36 - 2019-02-14 12:04 - 002433536 _____ (Farbar) C:\Users\ronin\Downloads\FRST64.exe
2019-02-14 11:33 - 2019-02-14 11:33 - 000103398 _____ C:\Users\ronin\Downloads\Nepotvrdené 94365.crdownload
2019-02-14 11:33 - 2019-02-14 11:33 - 000103398 _____ C:\Users\ronin\Downloads\Nepotvrdené 919437.crdownload
2019-02-14 11:33 - 2019-02-14 11:33 - 000103398 _____ C:\Users\ronin\Downloads\Nepotvrdené 777362.crdownload
2019-02-14 11:33 - 2019-02-14 11:33 - 000103398 _____ C:\Users\ronin\Downloads\Nepotvrdené 733025.crdownload
2019-02-14 11:33 - 2019-02-14 11:33 - 000103398 _____ C:\Users\ronin\Downloads\Nepotvrdené 353422.crdownload
2019-02-14 11:33 - 2019-02-14 11:33 - 000103398 _____ C:\Users\ronin\Downloads\Nepotvrdené 18811.crdownload
2019-02-14 11:12 - 2019-02-14 11:12 - 000002028 _____ C:\Users\ronin\Documents\cc_20190214_111240.reg
2019-02-14 11:02 - 2019-02-14 11:04 - 019341880 _____ (Piriform Software Ltd) C:\Users\ronin\Downloads\ccsetup552.exe
2019-02-13 16:37 - 2019-02-13 16:39 - 149536768 _____ C:\Users\ronin\Downloads\Nepotvrdené 173405.crdownload
2019-02-13 16:36 - 2019-02-13 16:38 - 209084280 _____ C:\Users\ronin\Downloads\PowerDVD_18.0.1619.62_Trial_DVD180301-13.exe
2019-02-13 16:32 - 2019-02-13 16:33 - 012184200 _____ C:\Users\ronin\Downloads\CyberLink_PowerDVD_Downloader.exe
2019-02-13 16:07 - 2019-02-14 11:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2019-02-13 16:07 - 2019-02-14 11:16 - 000000000 ____D C:\Program Files (x86)\AVS4YOU
2019-02-13 16:07 - 2007-09-27 14:22 - 000638976 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divx.dll
2019-02-13 16:07 - 2007-09-27 14:22 - 000524288 _____ C:\WINDOWS\SysWOW64\xvidcore.dll
2019-02-13 16:07 - 2007-09-27 14:22 - 000413760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg4c32.dll
2019-02-13 16:07 - 2007-09-27 14:22 - 000261632 _____ (MainConcept) C:\WINDOWS\SysWOW64\mcdvd_32.dll
2019-02-13 16:07 - 2007-09-27 14:22 - 000139264 _____ C:\WINDOWS\SysWOW64\xvidvfw.dll
2019-02-13 16:07 - 2004-09-06 16:06 - 000053248 _____ C:\WINDOWS\SysWOW64\xvid.ax
2019-02-13 16:07 - 2004-02-04 21:11 - 000081920 _____ (fccHandler) C:\WINDOWS\SysWOW64\AC3ACM.acm
2019-02-13 16:07 - 2003-05-22 12:26 - 000221215 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divxdec.ax
2019-02-13 16:07 - 2003-05-21 23:50 - 000156910 _____ C:\WINDOWS\WMSysPr8.prx
2019-02-13 16:07 - 2003-05-21 23:50 - 000082944 _____ (Voxware, Inc.) C:\WINDOWS\SysWOW64\vct3216.acm
2019-02-13 16:07 - 2003-05-21 23:50 - 000038912 _____ (NCT Company) C:\WINDOWS\SysWOW64\alf2cd.acm
2019-02-13 16:07 - 2003-05-21 12:50 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2019-02-13 16:07 - 2003-03-25 05:49 - 000098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\SysWOW64\L3CODECX.AX
2019-02-13 16:07 - 2002-01-05 15:48 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70.dll
2019-02-13 16:07 - 2002-01-05 14:40 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp70.dll
2019-02-13 16:07 - 2000-03-14 20:55 - 000013239 _____ (SHARP Corporation) C:\WINDOWS\SysWOW64\Scg726.acm
2019-02-13 16:05 - 2019-02-13 16:06 - 026895592 _____ (Online Media Technologies Ltd. ) C:\Users\ronin\Downloads\AVSDVDPlayer.exe
2019-02-13 15:59 - 2019-02-13 15:59 - 000249672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-02-13 15:55 - 2019-02-13 15:55 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-01-19 18:57 - 2019-01-19 18:57 - 000009388 _____ C:\Users\ronin\Documents\cc_20190119_185720.reg
2019-01-18 23:28 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-18 23:28 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-18 23:28 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-18 23:28 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-18 23:28 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-18 23:28 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-18 23:28 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-18 23:28 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-18 23:28 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-18 23:28 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-18 23:28 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-18 23:28 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-18 23:28 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-18 23:28 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-18 23:28 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-18 23:28 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-18 23:28 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-18 23:28 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-18 23:28 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-18 23:28 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-18 23:28 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-18 23:28 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-18 23:28 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-18 23:28 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-18 23:28 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-18 23:28 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-18 23:28 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-18 23:28 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-18 23:28 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-18 23:28 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-18 23:28 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-18 23:28 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-18 23:28 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-18 23:28 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-18 23:28 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-18 23:28 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-18 23:28 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-18 23:28 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-18 23:28 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-18 23:28 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-18 23:28 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-18 23:28 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-18 23:28 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-18 23:28 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-18 23:28 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-18 23:28 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-18 23:28 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-18 23:28 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-18 23:28 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-18 23:28 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-18 23:28 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-18 23:28 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-18 23:28 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-18 23:28 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-18 23:28 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-18 23:28 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-18 23:28 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-18 23:28 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-18 23:28 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-18 23:28 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-18 23:28 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-18 23:28 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-18 23:28 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-18 23:28 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-18 23:28 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-18 23:28 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-18 23:28 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-18 23:28 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-18 23:28 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-18 23:28 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-18 23:28 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-18 23:28 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-18 23:28 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-18 23:28 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-18 23:28 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-18 23:27 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-18 23:27 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-18 23:27 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-18 23:27 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-18 23:27 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-18 23:27 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-18 23:27 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-18 23:27 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-18 23:27 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-18 23:27 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-18 23:27 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-18 23:27 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-18 21:39 - 2019-02-13 15:54 - 000225680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-14 18:40 - 2018-11-26 17:17 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-02-14 18:40 - 2018-09-08 11:30 - 000002988 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-02-14 18:40 - 2018-06-10 17:48 - 000003384 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-02-14 18:40 - 2018-06-10 17:48 - 000003160 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-02-14 18:40 - 2018-06-10 17:48 - 000002818 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-MP916VR-ronin
2019-02-14 18:40 - 2018-06-10 17:48 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-02-14 18:40 - 2018-06-10 17:48 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-02-14 18:40 - 2018-06-10 17:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-14 18:40 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-14 18:40 - 2017-09-05 17:46 - 000000000 ____D C:\Users\ronin\AppData\Roaming\vlc
2019-02-14 16:52 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-14 16:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-14 16:25 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-14 16:25 - 2017-07-02 00:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-14 16:21 - 2017-07-02 00:41 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-14 16:08 - 2017-07-28 19:25 - 000000000 ____D C:\Users\ronin\AppData\Roaming\Notepad++
2019-02-14 16:07 - 2018-06-10 17:38 - 001722536 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-14 16:07 - 2017-07-26 22:08 - 000685656 _____ C:\WINDOWS\system32\perfh01B.dat
2019-02-14 16:07 - 2017-07-26 22:08 - 000201508 _____ C:\WINDOWS\system32\perfc01B.dat
2019-02-14 16:03 - 2017-07-01 22:35 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-02-14 16:03 - 2017-07-01 22:35 - 000000000 __SHD C:\Users\ronin\IntelGraphicsProfiles
2019-02-14 16:01 - 2018-06-10 17:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-14 16:01 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-02-14 16:01 - 2017-07-01 22:53 - 000000000 ____D C:\ProgramData\Synaptics
2019-02-14 15:49 - 2018-06-10 17:48 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-02-14 11:22 - 2017-08-30 22:00 - 000000000 ____D C:\Users\ronin\AppData\Local\ElevatedDiagnostics
2019-02-14 11:09 - 2018-10-04 21:23 - 000000000 ____D C:\Users\ronin\AppData\Local\CrashDumps
2019-02-14 11:06 - 2018-04-07 09:54 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-02-14 11:06 - 2018-04-07 09:54 - 000000000 ____D C:\Program Files\CCleaner
2019-02-14 10:43 - 2017-08-19 20:17 - 000000000 ____D C:\ProgramData\CanonIJPLM
2019-02-14 10:40 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-02-13 16:26 - 2017-11-10 14:53 - 000000000 ____D C:\Users\ronin\AppData\Roaming\dvdcss
2019-02-13 16:11 - 2018-06-10 17:23 - 000234136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-13 15:55 - 2018-10-12 15:21 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-02-13 15:55 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-02-13 15:55 - 2017-07-24 21:44 - 000474456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-02-13 15:55 - 2017-07-24 21:44 - 000379952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-02-13 15:55 - 2017-07-24 21:44 - 000216784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-02-13 15:55 - 2017-07-24 21:44 - 000167304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-02-13 15:55 - 2017-07-24 21:44 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-02-13 15:55 - 2017-07-24 21:44 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-02-13 15:54 - 2019-01-06 19:30 - 000320696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-02-13 15:54 - 2019-01-06 19:30 - 000196072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-02-13 15:54 - 2019-01-06 19:30 - 000057960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-02-13 15:54 - 2019-01-06 19:30 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-02-13 15:54 - 2017-11-17 20:52 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-02-13 15:54 - 2017-07-24 21:44 - 001034432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-02-10 14:42 - 2018-06-24 09:33 - 000000000 ____D C:\ProgramData\Packages
2019-02-09 15:16 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-02-03 12:53 - 2018-07-09 15:23 - 000000000 ____D C:\Users\ronin\Desktop\Enduro vyjazd
2019-02-02 23:53 - 2018-09-17 21:07 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-02-02 23:53 - 2018-09-17 21:07 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-26 20:03 - 2018-04-18 19:45 - 000002510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-01-26 20:03 - 2018-04-18 19:45 - 000002475 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-01-19 19:08 - 2018-06-10 17:28 - 000000000 ____D C:\Users\ronin
2019-01-19 00:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-19 00:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-18 21:27 - 2018-11-16 20:02 - 000000000 ____D C:\Program Files\rempl

==================== Files in the root of some directories =======

2018-01-30 20:16 - 2019-01-13 21:07 - 000007680 _____ () C:\Users\ronin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-30 19:11 - 2018-09-30 19:11 - 000000000 _____ () C:\Users\ronin\AppData\Local\oobelibMkey.log
2017-08-06 21:24 - 2017-08-06 21:24 - 000000017 _____ () C:\Users\ronin\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-10 17:23

==================== End of FRST.txt ============================


Nahoru
 Profil  
 
PříspěvekNapsal: 14 úno 2019 19:13 
Offline
Návštěvník
Návštěvník

Registrován: 27 led 2007 13:36
Příspěvky: 71
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13.02.2019
Ran by ronin (14-02-2019 18:50:34)
Running from C:\Users\ronin\Downloads
Windows 10 Pro Version 1803 17134.523 (X64) (2018-06-10 16:48:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3769689683-3705519010-605967400-500 - Administrator - Disabled)
ALINC (S-1-5-21-3769689683-3705519010-605967400-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-3769689683-3705519010-605967400-503 - Limited - Disabled)
Guest (S-1-5-21-3769689683-3705519010-605967400-501 - Limited - Disabled)
postgres (S-1-5-21-3769689683-3705519010-605967400-1005 - Limited - Enabled) => C:\Users\postgres
ronin (S-1-5-21-3769689683-3705519010-605967400-1001 - Administrator - Enabled) => C:\Users\ronin
WDAGUtilityAccount (S-1-5-21-3769689683-3705519010-605967400-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 71.0.1037.98 - Autori prehliadača Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
C:\Program Files\Adobe\Adobe Lightroom\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom CC 2015.1 a 6.0_is1) (Version: 1.1 - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon MG2900 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2900_series) (Version: 1.01 - Canon Inc.)
Canon MG2900 series On-screen Manual (HKLM-x32\...\Canon MG2900 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.8.20.0 - Canon Inc.)
Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.7.0.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.6.30.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
DaVinci Resolve (HKLM\...\{9438E188-F562-4409-8748-D76B94FF104D}) (Version: 15.2.2007 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{B1782967-E600-4BBD-B2F1-AEF3F2FE0A12}) (Version: 1.2.1.0 - Blackmagic Design)
DxO Optics Pro 9 (HKLM\...\{CD5F5030-44C8-4432-9F61-209BA3F2F4BA}) (Version: 9.5.2 - DxO Labs)
EOS MOVIE Utility (HKLM-x32\...\EOS MOVIE Utility) (Version: 1.7.0.0 - Canon Inc.)
Fairlight Studio Utility (HKLM\...\{B398FA50-A725-4837-A2A8-6DB38FB6FC0F}) (Version: 1.1.0.0 - Blackmagic Design)
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.1.6.913 - Digital Wave Ltd)
Freemake Video Converter verzia 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
FreeShutterCount V1.42 (HKLM-x32\...\FreeShutterCount_is1) (Version: 1.42.0.0 - FreeShutterCount)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP Hotkey Support (HKLM-x32\...\{6E7401DB-B722-4428-BE94-DD4740CF6464}) (Version: 5.0.28.1 - Hewlett-Packard Company)
HWiNFO64 Version 5.74 (HKLM\...\HWiNFO64_is1) (Version: 5.74 - Martin Malík - REALiX)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6499.0 - IDT)
Inbox Storage (HKLM-x32\...\{8E262F9D-DDEA-4F30-85CD-FD5C28613894}_is1) (Version: 1.0.0.32 - Xacti, LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{9085041B-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.4 - Notepad++ Team)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{962428F4-2E99-4AD2-B55D-B468C18A8A89}) (Version: 2.0.0 - Olympus Corporation)
OpenShot Video Editor verze 2.4.3 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.4.3 - OpenShot Studios, LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
PostgreSQL 9.5 (HKLM\...\PostgreSQL 9.5) (Version: 9.5 - PostgreSQL Global Development Group)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21300 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Registrácia používateľa produktu Canon MG2900 series (HKLM-x32\...\Registrácia používateľa produktu Canon MG2900 series) (Version: - ‭Canon Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
VCDS SVO 17.1 (HKLM-x32\...\VCDS SVO) (Version: SVO 17.1.3 - Ross-Tech, LLC)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Windows Driver Package - Broadcom Corp. (btwavdt) BluetoothVirtual (10/26/2015 6.5.1.6800) (HKLM\...\627F5D105FD8AD9683147A6D517C7D0DD4C901F1) (Version: 10/26/2015 6.5.1.6800 - Broadcom Corp.)
Windows Driver Package - HP (WirelessButtonDriver64) HIDClass (06/20/2017 1.1.20.1) (HKLM\...\990960E62BD0700A1AAC3331807F138303F458C2) (Version: 06/20/2017 1.1.20.1 - HP)
Windows Driver Package - Intel (MEIx64) System (10/03/2017 11.7.0.1045) (HKLM\...\623E6BEBFE0E32D8AD88825BDC5B643D996BCA93) (Version: 10/03/2017 11.7.0.1045 - Intel)
Windows Driver Package - Intel Corporation (iaStorA) HDC (04/10/2017 14.8.16.1063) (HKLM\...\1956B72D229BA5E262A8828A81DB9133B5F111B2) (Version: 04/10/2017 14.8.16.1063 - Intel Corporation)
Windows Driver Package - Intel Corporation (iaStorA) SCSIAdapter (04/10/2017 14.8.16.1063) (HKLM\...\7B099E88B288543F1ED20B3C3332D4B1B2E6A621) (Version: 04/10/2017 14.8.16.1063 - Intel Corporation)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows Driver Package - Ross-Tech HIDClass (01/05/2014 6.3.0.3) (HKLM\...\3A9B09BBD4F12A76FBBD3A428729660930BA5F13) (Version: 01/05/2014 6.3.0.3 - Ross-Tech)
Windows Driver Package - Ross-Tech USB Driver Package (05/12/2014 2.10.00) (HKLM\...\88B02C4BD09AA7910C55C4E74BE8F036244B5CF9) (Version: 05/12/2014 2.10.00 - Ross-Tech)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
World of Tanks (HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3769689683-3705519010-605967400-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-06-18] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] ()
ContextMenuHandlers2: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> No File
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {39875316-1F4B-41B6-9595-ED5687FC0387} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {5FD009BA-5AAC-46D0-BFC7-75795DDFB644} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {64FCDC19-DCEC-43C2-93B4-568210A6FA00} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {81FC2EF1-8BE0-419C-9C92-ABC08C3EAEB7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {9A260220-DF2E-4577-9C1B-77D8DAF997EB} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-MP916VR-ronin => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {CD3BE28C-811F-40BC-8751-E0AC473FC770} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {D0F78CB1-5A83-4D00-9ECF-C409B453ECA7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E9BACB0A-E418-4CEF-AF89-27EBCA8B7F90} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)
Task: {EDE2FCE8-612A-4B97-BD61-810DC58B5410} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {EE7F6FD8-B680-4FA9-A0B3-07BBD53D0029} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-roninus@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F03ED0DB-7892-439A-9088-BB93D22F2C2D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-05-22 20:32 - 2017-05-22 20:32 - 000022488 _____ () C:\WINDOWS\system32\fpCSEvtSvc.exe
2017-08-20 21:16 - 2013-06-28 14:28 - 000084616 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2018-12-13 21:25 - 2016-08-09 06:13 - 000183296 _____ () C:\Program Files\PostgreSQL\9.5\bin\LIBPQ.dll
2018-12-13 21:27 - 2016-07-27 09:08 - 002264576 _____ () C:\Program Files\PostgreSQL\9.5\bin\libxml2.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-22 20:58 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2017-07-03 20:58 - 2010-03-15 10:28 - 000166400 _____ () C:\Program Files\WinRAR\rarext.dll
2017-06-18 22:44 - 2017-06-18 22:44 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2017-01-27 07:00 - 2017-01-27 07:00 - 000401912 _____ () C:\WINDOWS\system32\igfxTray.exe
2019-01-18 23:28 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-04 21:01 - 2018-10-04 21:01 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-02-03 12:50 - 2019-02-03 12:50 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-02-03 12:50 - 2019-02-03 12:51 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-12-22 20:52 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-22 20:52 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2019-01-06 19:28 - 2019-01-06 19:28 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-02-13 15:55 - 2019-02-13 15:55 - 000321928 _____ () C:\Program Files\AVAST Software\Avast\serialization.dll
2019-02-13 15:55 - 2019-02-13 15:55 - 000654216 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-02-09 10:07 - 2019-02-09 10:07 - 028028416 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-02-09 10:07 - 2019-02-09 10:07 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-05 13:29 - 2017-12-05 13:31 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-12-08 17:34 - 2018-12-08 17:34 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-02-09 10:07 - 2019-02-09 10:07 - 006033408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-02-09 10:07 - 2019-02-09 10:07 - 009338368 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-02-03 12:51 - 2019-02-03 12:52 - 000481280 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-02-03 12:51 - 2019-02-03 12:52 - 080636416 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-05 19:06 - 2017-10-05 19:12 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-01-18 21:55 - 2019-01-18 21:56 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2019-02-03 12:51 - 2019-02-03 12:52 - 003824640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2019-02-03 12:51 - 2019-02-03 12:52 - 014225408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-02-03 12:51 - 2019-02-03 12:51 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-09-02 20:49 - 2018-09-02 20:51 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-08-06 16:34 - 2018-08-06 16:35 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-02-03 12:51 - 2019-02-03 12:52 - 000146432 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\SKU.dll
2019-02-03 12:50 - 2019-02-03 12:50 - 000282624 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-06 22:27 - 2018-11-06 22:27 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-01-28 19:43 - 2017-08-28 09:11 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2018-01-28 19:43 - 2017-08-28 09:11 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2018-01-28 19:43 - 2017-08-28 09:11 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2018-01-28 19:43 - 2017-08-28 09:11 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2019-01-06 19:22 - 000001027 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3769689683-3705519010-605967400-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ronin\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\{38a10c1c-bbc6-42bf-86c8-5c01dd78233d}.jpg
HKU\S-1-5-21-3769689683-3705519010-605967400-1005\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "SysTrayApp"
HKLM\...\StartupApproved\Run: => "HPRadioMgr"
HKLM\...\StartupApproved\Run32: => "QLBController"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "SBrowserCheck"
HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\StartupApproved\StartupFolder: => "EOS Utility.lnk"
HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{874B0899-5E1A-4517-B26D-CCA41DA21185}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{82E8C4FD-8873-45B4-8C65-643705DA5CB8}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{EB9B01FC-0A2E-4197-AEEE-6223F53AA6DF}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [{5FAB74A7-E921-41F7-9CA0-F287CB3A02A8}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [{D2D50F45-07E5-4CAD-B90F-4724F3D9F207}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F8283679-E742-4E11-9646-895B632F45D6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)
FirewallRules: [{AE68CFE8-4484-44FC-92FE-E9A9C2F36D9C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)
FirewallRules: [TCP Query User{1BAB3274-150B-483E-8ABE-67C7F9899CB8}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe ()
FirewallRules: [UDP Query User{6E32E900-37A4-4116-8FD4-9BFECF14E6CA}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe ()
FirewallRules: [{BFE3902E-6336-4358-B49B-383B4188D66F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{DB57453C-EE67-4FF4-9EA3-A446B9A0EE77}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{5E8E639A-6FE4-40B5-A5EB-D9CDE82E1E03}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{023ADF44-CE12-4148-B50D-6BAE5437C941}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe ()
FirewallRules: [{54B9360E-D8DE-4802-A729-C575CC7EF4E4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe ()
FirewallRules: [{DE90A418-A042-44AF-89B9-FCA6C08A7E3C}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe ()
FirewallRules: [{B2C820A6-4A3C-4EDC-B868-190F20E5225F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe ()
FirewallRules: [{A601D623-4955-4762-8BD7-79999EAC43AC}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe ()
FirewallRules: [{36CCD2FC-1205-4F04-8BE5-FCD38C6400C3}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{C3FA49FB-83DC-48BC-90D6-28D2153E5DA6}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Block) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{819FAC5B-0551-4A6D-97ED-FBB86630D408}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Block) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.)
FirewallRules: [{F4E597A4-A56A-46A6-BB03-5FD1F7DA5C01}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{4A6AF383-458B-4E16-A020-E8AD9C008BA3}] => (Allow) C:\Ross-Tech\VCDS-SVO\VCDS.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
FirewallRules: [{FD320733-C760-490C-A21A-AD08AB5A0218}] => (Allow) C:\Ross-Tech\VCDS-SVO\VCIConfig.EXE (Ross-Tech, LLC)
FirewallRules: [{B2288E05-8DCD-4F8E-8601-233FA2B1F83F}] => (Allow) C:\Ross-Tech\VCDS-SVO\VCDS.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
FirewallRules: [{947C154F-F445-4359-B94B-D2969F04ABB6}] => (Allow) C:\Ross-Tech\VCDS-SVO\VCIConfig.EXE (Ross-Tech, LLC)
FirewallRules: [{1A9AEA26-8D17-48E9-82F1-0C408160E520}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{093F167F-46CF-405F-8F16-38984526B399}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{ABDF9F7D-26AF-4133-AB0B-48D158FF3ACD}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{00223A91-D85B-4756-9BE8-5D49C8881CB6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)
FirewallRules: [{9E57E0F5-9ACE-4B2D-BCE4-7D093B803035}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)

==================== Restore Points =========================

14-02-2019 16:20:50 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/14/2019 11:05:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: CCleaner64.exe, verzia: 5.48.0.6834, časová značka: 0x5bcf0398
Názov chybujúceho modulu: CCleaner64.exe, verzia: 5.48.0.6834, časová značka: 0x5bcf0398
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000067b3f2
Identifikácia chybujúceho procesu: 0x1fc4
Čas spustenia chybujúcej aplikácie: 0x01d4c44c3cd5340d
Cesta chybujúcej aplikácie: C:\Program Files\CCleaner\CCleaner64.exe
Cesta chybujúceho modulu: C:\Program Files\CCleaner\CCleaner64.exe
Identifikácia hlásenia: 094185fb-6783-4a2b-bddf-35f8b18ef51f
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (02/14/2019 10:27:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: PrintDialog.exe, verzia: 10.0.17134.1, časová značka: 0x43472f9d
Názov chybujúceho modulu: msvcrt.dll, verzia: 7.0.17134.1, časová značka: 0x5cbba6fd
Kód výnimky: 0x40000015
Odstup chyby: 0x000000000000add2
Identifikácia chybujúceho procesu: 0x11f8
Čas spustenia chybujúcej aplikácie: 0x01d4c4472fe4da87
Cesta chybujúcej aplikácie: C:\WINDOWS\PrintDialog\PrintDialog.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\msvcrt.dll
Identifikácia hlásenia: 097ba710-57a6-41f8-8c8b-7f32fd260b6e
Celé meno chybujúceho balíka: Windows.PrintDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: Microsoft.Windows.PrintDialog

Error: (02/13/2019 04:28:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program vlc.exe version 3.0.4.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 16b8

Start Time: 01d4c3b073e9bec8

Termination Time: 215

Application Path: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

Report Id: 1515c19a-75bc-4e22-8602-680300a28cbc

Faulting package full name:

Faulting package-relative application ID:

Error: (02/13/2019 04:08:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: regsvr32.exe, verzia: 10.0.17134.1, časová značka: 0x02635c37
Názov chybujúceho modulu: divxdec.ax, verzia: 5.0.5.830, časová značka: 0x3ea73df2
Kód výnimky: 0xc0000005
Odstup chyby: 0x00087001
Identifikácia chybujúceho procesu: 0x2784
Čas spustenia chybujúcej aplikácie: 0x01d4c3adefec8d2d
Cesta chybujúcej aplikácie: C:\WINDOWS\SysWOW64\regsvr32.exe
Cesta chybujúceho modulu: C:\WINDOWS\system32\divxdec.ax
Identifikácia hlásenia: 1b13d2b4-cc45-49e6-a9ca-4ac7f378cc7e
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (02/11/2019 12:05:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: svchost.exe_WpnUserService, verzia: 10.0.17134.1, časová značka: 0xa38b9ab2
Názov chybujúceho modulu: NotificationController.dll, verzia: 10.0.17134.165, časová značka: 0xe0385185
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000007c686
Identifikácia chybujúceho procesu: 0x13e8
Čas spustenia chybujúcej aplikácie: 0x01d4c1f61b74e446
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\svchost.exe
Cesta chybujúceho modulu: C:\Windows\System32\NotificationController.dll
Identifikácia hlásenia: d46f46b9-1f7d-4c76-8bf5-76956bdaee3a
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (02/11/2019 11:39:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: svchost.exe_WpnUserService, verzia: 10.0.17134.1, časová značka: 0xa38b9ab2
Názov chybujúceho modulu: NotificationController.dll, verzia: 10.0.17134.165, časová značka: 0xe0385185
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000007a24d
Identifikácia chybujúceho procesu: 0x215c
Čas spustenia chybujúcej aplikácie: 0x01d4c1f0218ca7c1
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\svchost.exe
Cesta chybujúceho modulu: C:\Windows\System32\NotificationController.dll
Identifikácia hlásenia: b6fe3a1f-7c85-4551-9e67-3af687359362
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (02/11/2019 10:56:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: svchost.exe_WpnUserService, verzia: 10.0.17134.1, časová značka: 0xa38b9ab2
Názov chybujúceho modulu: NotificationController.dll, verzia: 10.0.17134.165, časová značka: 0xe0385185
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000007c686
Identifikácia chybujúceho procesu: 0x30bc
Čas spustenia chybujúcej aplikácie: 0x01d4c1ed0ff6b842
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\svchost.exe
Cesta chybujúceho modulu: C:\Windows\System32\NotificationController.dll
Identifikácia hlásenia: 58927409-bb5a-4942-a468-bd92b4ea59ea
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (02/11/2019 10:34:38 AM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (5604,G,0) An attempt to open the file "C:\Users\ronin\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).


System errors:
=============
Error: (02/14/2019 04:04:17 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-MP916VR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-MP916VR\ronin SID (S-1-5-21-3769689683-3705519010-605967400-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/14/2019 04:02:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/14/2019 04:02:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/14/2019 04:02:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/14/2019 04:01:01 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (02/14/2019 04:01:01 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (02/14/2019 04:00:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Kontajner služby Microsoft Passport zlyhalo kvôli nasledujúcej chybe:
The service did not start due to a logon failure.

Error: (02/14/2019 04:00:56 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Službe NgcCtnrSvc sa nepodarilo s aktuálne nakonfigurovaným heslom prihlásiť ako NT AUTHORITY\LocalService kvôli nasledujúcej chybe:
The request is not supported.


Ak chcete zabezpečiť správne nakonfigurovanie služby, použite modul Služby konzoly MMC (Microsoft Management Console).


CodeIntegrity:
===================================

Date: 2019-01-02 18:28:13.647
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\ashShA64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4210M CPU @ 2.60GHz
Percentage of memory in use: 61%
Total physical RAM: 4009.11 MB
Available physical RAM: 1544.65 MB
Total Virtual: 4713.11 MB
Available Virtual: 1698.54 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:221.07 GB) (Free:23.18 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: () (Fixed) (Total:232.87 GB) (Free:62.26 GB) NTFS
Drive f: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: (Ramayana) (CDROM) (Total:4.36 GB) (Free:0 GB) UDF

\\?\Volume{ea47ea47-0000-0000-0000-100000000000}\ (PQSERVICE) (Fixed) (Total:11.72 GB) (Free:11.33 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: EA47EA47)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=27)
Partition 2: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=221.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=232.9 GB) - (Type=0F Extended)

==================== End of Addition.txt ============================


Nahoru
 Profil  
 
PříspěvekNapsal: 14 úno 2019 19:43 
Offline
Rádce
Rádce
Uživatelský avatar

Registrován: 27 dub 2008 10:34
Příspěvky: 1616
:arrow: Otestujte na virustotal.com subor nizsie a vysledok dajte sem:
C:\Windows\System32\fpCSEvtSvc.exe

:arrow: Do poznamkoveho bloku skopirujte obsah dole:

Kód:
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKU\S-1-5-21-3769689683-3705519010-605967400-1005\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - <no Path/update_url>
2019-02-14 18:40 - 2018-06-10 17:48 - 000003384 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-02-14 18:40 - 2018-06-10 17:48 - 000003160 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-02-14 16:03 - 2017-07-01 22:35 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> No File
ContextMenuHandlers2: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> No File
ContextMenuHandlers4: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> No File
Task: {EDE2FCE8-612A-4B97-BD61-810DC58B5410} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {F03ED0DB-7892-439A-9088-BB93D22F2C2D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

EmptyTemp:
Hosts:



Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

_________________
¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.


Nahoru
 Profil  
 
PříspěvekNapsal: 16 úno 2019 12:35 
Offline
Návštěvník
Návštěvník

Registrován: 27 led 2007 13:36
Příspěvky: 71
Fix result of Farbar Recovery Scan Tool (x64) Version: 15.02.2019
Ran by ronin (16-02-2019 12:09:45) Run:1
Running from C:\Users\ronin\Downloads
Loaded Profiles: ronin & postgres (Available Profiles: ronin & postgres)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKU\S-1-5-21-3769689683-3705519010-605967400-1005\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - <no Path/update_url>
2019-02-14 18:40 - 2018-06-10 17:48 - 000003384 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-02-14 18:40 - 2018-06-10 17:48 - 000003160 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-02-14 16:03 - 2017-07-01 22:35 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> No File
ContextMenuHandlers2: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> No File
ContextMenuHandlers4: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> No File
Task: {EDE2FCE8-612A-4B97-BD61-810DC58B5410} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {F03ED0DB-7892-439A-9088-BB93D22F2C2D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

EmptyTemp:
Hosts:
*****************

"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeGCInvoker-1.0" => removed successfully
"HKU\S-1-5-21-3769689683-3705519010-605967400-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce\\WAB Migrate" => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\cm_64bit => removed successfully
HKLM\Software\Classes\CLSID\{69E19770-EA24-49e2-B997-405EDBEF4C05} => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\cm_64bit => removed successfully
HKLM\Software\Classes\CLSID\{69E19770-EA24-49e2-B997-405EDBEF4C05} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\cm_64bit => removed successfully
HKLM\Software\Classes\CLSID\{69E19770-EA24-49e2-B997-405EDBEF4C05} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EDE2FCE8-612A-4B97-BD61-810DC58B5410}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDE2FCE8-612A-4B97-BD61-810DC58B5410}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F03ED0DB-7892-439A-9088-BB93D22F2C2D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F03ED0DB-7892-439A-9088-BB93D22F2C2D}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 20105628 B
Java, Flash, Steam htmlcache => 343 B
Windows/system/drivers => 55186 B
Edge => 13768 B
Chrome => 62549361 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 904 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
ronin => 3919710 B
postgres => 0 B

RecycleBin => 0 B
EmptyTemp: => 92.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:10:18 ====


Nahoru
 Profil  
 
PříspěvekNapsal: 16 úno 2019 12:36 
Offline
Rádce
Rádce
Uživatelský avatar

Registrován: 27 dub 2008 10:34
Příspěvky: 1616
Ako je na tom pocitac?

_________________
¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.


Nahoru
 Profil  
 
PříspěvekNapsal: 16 úno 2019 12:40 
Offline
Návštěvník
Návštěvník

Registrován: 27 led 2007 13:36
Příspěvky: 71
zjavne lepsie uz po prvych krokoch sa to zrychlilo.


Nahoru
 Profil  
 
PříspěvekNapsal: 16 úno 2019 12:50 
Offline
Rádce
Rádce
Uživatelský avatar

Registrován: 27 dub 2008 10:34
Příspěvky: 1616
Dobre, za mna ok :]]

_________________
¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.


Nahoru
 Profil  
 
PříspěvekNapsal: 16 úno 2019 19:47 
Offline
Návštěvník
Návštěvník

Registrován: 27 led 2007 13:36
Příspěvky: 71
OK ,dakujem za cas a pomoc.


Nahoru
 Profil  
 
PříspěvekNapsal: 16 úno 2019 19:50 
Offline
Rádce
Rádce
Uživatelský avatar

Registrován: 27 dub 2008 10:34
Příspěvky: 1616
:)

_________________
¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.


Nahoru
 Profil  
 
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Toto téma je zamknuté. Nemůžete posílat nové příspěvky ani odpovídat na starší.  [ Příspěvků: 13 ] 

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: marian


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Přispějete na provoz fóra?
>