Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.02.2019 01
Ran by Tomáš (administrator) on DESKTOP-5TKCKME (27-02-2019 08:33:53)
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: Tomáš (Available Profiles: Tomáš)
Platform: Windows 10 Home Version 1803 17134.590 (X64) Language: Slovenčina (Slovensko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0335976.inf_amd64_1397caa37ab11010\B335980\atiesrxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0335976.inf_amd64_1397caa37ab11010\B335980\atieclxx.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.222.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.222.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(AVAST Software s.r.o. -> ) C:\Program Files\AVAST Software\Avast\AvastNM.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [729704 2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\Run: [AvastBrowserAutoLaunch_C91FB151CC54D07838AAC157F3E3A07C] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1822448 2019-01-09] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19646312 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-10-19] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-10-19] (Electronic Arts -> On2.com)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.99\Installer\chrmstp.exe [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-02-07]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * lsdel.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ee1f5357-2eb5-4be8-9dd2-94dc29e34260}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{ee1f5357-2eb5-4be8-9dd2-94dc29e34260}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0335976.inf_amd64_1397caa37ab11010\B335980\atiesrxx.exe [508016 2018-12-05] (Advanced Micro Devices, Inc. -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [369264 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.99\elevation_service.exe [390552 2019-01-09] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [9874528 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3606632 2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S4 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [9872688 2018-10-10] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-01-23] (Electronic Arts, Inc. -> Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-01-23] (Electronic Arts, Inc. -> Electronic Arts)
S4 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [538416 2018-10-10] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\NisSrv.exe [4096976 2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MsMpEng.exe [113992 2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [34568 2018-11-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [24288 2018-11-01] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [67592 2018-12-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0335976.inf_amd64_1397caa37ab11010\B335980\atikmdag.sys [47412848 2018-12-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0335976.inf_amd64_1397caa37ab11010\B335980\atikmpag.sys [589936 2018-12-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [102384 2018-11-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31704 2018-11-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [137688 2018-11-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [93240 2018-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [33336 2018-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-02-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [519872 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-15] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2019-02-04] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [107496 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-08-13] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [61624 2019-02-07] (EnigmaSoft Limited -> EnigmaSoft Limited)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-11-01] (Martin Malik - REALiX -> REALiX(tm))
S4 IMFMBRProtect; no ImagePath
S4 IMFSafeBox; no ImagePath
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-02-27] (Malwarebytes Corporation -> Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1118648 2018-11-01] (Realtek Semiconductor Corp. -> Realtek )
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-06-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46488 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [343032 2019-01-24] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [63480 2019-01-24] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-27 08:33 - 2019-02-27 08:34 - 000017767 _____ C:\Users\Tomáš\Desktop\FRST.txt
2019-02-27 08:33 - 2019-02-27 08:33 - 002433536 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST64.exe
2019-02-27 08:33 - 2019-02-27 08:33 - 000000000 ____D C:\FRST
2019-02-27 08:21 - 2019-02-27 08:21 - 062158736 _____ (Malwarebytes ) C:\Users\Tomáš\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.538-1.0.9430.exe
2019-02-27 08:21 - 2019-02-27 08:21 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-02-27 08:21 - 2019-02-27 08:21 - 000001920 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-02-27 08:21 - 2019-02-27 08:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-02-27 08:21 - 2019-02-27 08:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-02-27 08:21 - 2019-02-27 08:21 - 000000000 ____D C:\Program Files\Malwarebytes
2019-02-27 08:21 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-02-27 08:21 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-02-27 08:18 - 2019-02-27 08:18 - 007316688 _____ (Malwarebytes) C:\Users\Tomáš\Downloads\adwcleaner_7.2.7.0.exe
2019-02-27 08:18 - 2019-02-27 08:18 - 000000000 ____D C:\AdwCleaner
2019-02-27 08:08 - 2019-02-27 08:08 - 000234136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-27 07:33 - 2019-02-27 07:33 - 000018318 _____ C:\WINDOWS\system32\lsdel.dat
2019-02-27 07:23 - 2019-02-27 07:23 - 000000000 ____D C:\Users\Tomáš\AppData\Local\AdAwareDesktop
2019-02-27 07:22 - 2019-02-27 07:22 - 000000000 ____D C:\Users\Tomáš\AppData\Local\AdAwareUpdater
2019-02-27 07:21 - 2019-02-27 07:21 - 002708912 _____ C:\Users\Tomáš\Downloads\Adaware_Installer.exe
2019-02-27 07:16 - 2019-02-27 07:16 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-02-27 02:51 - 2019-02-27 03:55 - 1917374784 _____ C:\Users\Tomáš\Downloads\Králové zlodějů ( King of Thieves 2018 ) CZ dabing + forced ,BluRay,1080p.mkv
2019-02-25 23:48 - 2019-02-25 23:48 - 000000000 ____D C:\Users\Public\Documents\uPlay
2019-02-24 10:04 - 2019-02-24 11:21 - 1874753433 _____ C:\Users\Tomáš\Downloads\I dva jsou rodina-Aj dvaja su rodina (2016) CZ dabing.mkv
2019-02-23 05:23 - 2019-02-23 05:23 - 000000734 _____ C:\Users\Tomáš\Desktop\Far Cry New Dawn.lnk
2019-02-22 23:07 - 2019-02-22 23:07 - 000050787 _____ C:\Users\Tomáš\Downloads\Far.Cry.New.Dawn-CODEX.torrent
2019-02-22 23:07 - 2019-02-22 23:07 - 000000000 ____D C:\Users\Tomáš\AppData\LocalLow\BitTorrent
2019-02-22 10:45 - 2019-02-22 10:45 - 000000000 _____ C:\Users\Tomáš\Desktop\Nový textový dokument.txt
2019-02-21 17:51 - 2019-02-27 08:23 - 000002988 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-02-20 22:30 - 2019-02-20 22:30 - 000000680 _____ C:\Users\Public\Desktop\Metro Exodus.lnk
2019-02-20 22:30 - 2019-02-20 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro Exodus
2019-02-20 18:34 - 2019-02-20 18:34 - 000065568 _____ C:\Users\Tomáš\Downloads\Metro.Exodus-CPY.torrent
2019-02-20 01:00 - 2019-02-20 01:18 - 000000184 _____ C:\Users\Tomáš\Desktop\Na Predaj.txt
2019-02-18 22:20 - 2019-02-18 22:20 - 000081030 _____ C:\Users\Tomáš\Downloads\produkey-x64.zip
2019-02-16 21:09 - 2019-02-22 02:19 - 000000294 _____ C:\Users\Tomáš\Desktop\Iphone.txt
2019-02-16 19:07 - 2019-02-16 19:07 - 089960448 _____ C:\WINDOWS\system32\config\SOFTWARE.rhk
2019-02-16 19:07 - 2019-02-16 19:07 - 006234112 _____ C:\Users\Tomáš\NTUSER.rhk
2019-02-16 19:07 - 2019-02-16 19:07 - 005074944 _____ C:\WINDOWS\system32\config\DEFAULT.rhk
2019-02-16 19:07 - 2019-02-16 19:07 - 000045056 _____ C:\WINDOWS\system32\config\SECURITY.rhk
2019-02-16 19:07 - 2019-02-16 19:07 - 000028672 _____ C:\WINDOWS\system32\config\SAM.rhk
2019-02-16 19:01 - 2019-02-16 19:07 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\Wise Registry Cleaner
2019-02-16 19:01 - 2019-02-16 19:01 - 000001318 _____ C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2019-02-16 19:01 - 2019-02-16 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
2019-02-16 19:01 - 2019-02-16 19:01 - 000000000 ____D C:\Program Files (x86)\Wise
2019-02-15 15:43 - 2019-02-15 15:43 - 000474456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-02-14 15:43 - 2019-02-14 15:43 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-02-14 15:43 - 2019-02-14 15:43 - 000002094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premier.lnk
2019-02-14 15:43 - 2019-02-14 15:43 - 000002082 _____ C:\Users\Public\Desktop\Avast Premier.lnk
2019-02-14 15:39 - 2019-02-07 05:34 - 001034432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000379952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-02-14 15:39 - 2019-02-07 05:34 - 000320696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000225680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000216784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000196072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000167304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000057960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000015488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-02-14 00:41 - 2019-02-14 19:43 - 000000171 _____ C:\Users\Tomáš\Desktop\Kupiť .txt
2019-02-13 11:26 - 2019-02-06 08:54 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-13 11:26 - 2019-02-06 08:53 - 001634704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-13 11:26 - 2019-02-06 08:35 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-13 11:26 - 2019-02-06 08:32 - 003648512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-13 11:26 - 2019-02-06 08:30 - 004052992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-13 11:26 - 2019-02-06 08:30 - 001662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-13 11:26 - 2019-02-06 08:30 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-13 11:26 - 2019-02-06 08:11 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-13 11:26 - 2019-02-06 07:57 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-13 11:26 - 2019-02-06 07:52 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-13 11:26 - 2019-02-06 07:52 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-13 11:26 - 2019-02-06 07:52 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-13 11:26 - 2019-02-06 04:01 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-13 11:26 - 2019-02-06 04:01 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-13 11:26 - 2019-02-06 04:01 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-13 11:26 - 2019-02-06 04:01 - 000720480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-13 11:26 - 2019-02-06 04:01 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-02-13 11:26 - 2019-02-06 04:01 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-13 11:26 - 2019-02-06 04:01 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-02-13 11:26 - 2019-02-06 04:01 - 000033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-13 11:26 - 2019-02-06 04:00 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-13 11:26 - 2019-02-06 04:00 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-13 11:26 - 2019-02-06 04:00 - 006572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-13 11:26 - 2019-02-06 04:00 - 002719760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-13 11:26 - 2019-02-06 04:00 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-13 11:26 - 2019-02-06 04:00 - 002421264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-13 11:26 - 2019-02-06 04:00 - 001257904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-13 11:26 - 2019-02-06 04:00 - 001140680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-13 11:26 - 2019-02-06 04:00 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-02-13 11:26 - 2019-02-06 04:00 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-02-13 11:26 - 2019-02-06 04:00 - 000945680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-13 11:26 - 2019-02-06 04:00 - 000899728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-13 11:26 - 2019-02-06 04:00 - 000466960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-13 11:26 - 2019-02-06 04:00 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-13 11:26 - 2019-02-06 04:00 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-13 11:26 - 2019-02-06 04:00 - 000038792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-13 11:26 - 2019-02-06 03:59 - 001922064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-13 11:26 - 2019-02-06 03:59 - 001457248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-13 11:26 - 2019-02-06 03:59 - 000983128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-13 11:26 - 2019-02-06 03:59 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-13 11:26 - 2019-02-06 03:52 - 022014464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-13 11:26 - 2019-02-06 03:45 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-13 11:26 - 2019-02-06 03:42 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-13 11:26 - 2019-02-06 03:41 - 025853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-13 11:26 - 2019-02-06 03:41 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-02-13 11:26 - 2019-02-06 03:40 - 005792256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-13 11:26 - 2019-02-06 03:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-13 11:26 - 2019-02-06 03:38 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-13 11:26 - 2019-02-06 03:38 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-02-13 11:26 - 2019-02-06 03:37 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-13 11:26 - 2019-02-06 03:37 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-13 11:26 - 2019-02-06 03:33 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-13 11:26 - 2019-02-06 03:29 - 004865536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-13 11:26 - 2019-02-06 03:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-13 11:26 - 2019-02-06 03:28 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-13 11:26 - 2019-02-06 03:27 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-13 11:26 - 2019-02-06 03:27 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-13 11:26 - 2019-02-06 03:27 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-13 11:26 - 2019-02-06 03:27 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-13 11:26 - 2019-02-06 03:26 - 007599616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-13 11:26 - 2019-02-06 03:26 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-02-13 11:26 - 2019-02-06 03:26 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-13 11:26 - 2019-02-06 03:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-13 11:26 - 2019-02-06 03:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-02-13 11:26 - 2019-02-06 03:25 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-13 11:26 - 2019-02-06 03:25 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-13 11:26 - 2019-02-06 03:24 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-13 11:26 - 2019-02-06 03:24 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-02-13 11:26 - 2019-02-06 03:23 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-13 11:26 - 2019-02-06 03:22 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-13 11:26 - 2019-02-06 03:22 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-13 11:26 - 2019-02-06 03:21 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-13 11:26 - 2019-02-06 02:04 - 000001314 _____ C:\WINDOWS\system32\tcbres.wim
2019-02-13 11:26 - 2019-02-02 23:53 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-02-13 11:26 - 2019-02-02 23:53 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-13 11:26 - 2019-01-12 09:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-13 11:26 - 2019-01-12 03:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-13 11:26 - 2019-01-09 19:08 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-02-13 11:26 - 2019-01-09 18:57 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-13 11:26 - 2019-01-09 18:42 - 004716032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-13 11:26 - 2019-01-09 18:41 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-02-13 11:26 - 2019-01-09 18:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-02-13 11:26 - 2019-01-09 18:40 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-02-13 11:26 - 2019-01-09 18:36 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-02-13 11:26 - 2019-01-09 18:35 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-02-13 11:26 - 2019-01-09 11:14 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-13 11:26 - 2019-01-09 10:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-02-13 11:26 - 2019-01-09 10:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-02-13 11:26 - 2019-01-09 09:55 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-02-13 11:26 - 2019-01-09 09:48 - 000527368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-02-13 11:26 - 2019-01-09 06:59 - 000611848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-13 11:26 - 2019-01-09 06:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
2019-02-13 11:26 - 2019-01-09 06:42 - 001035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-13 11:26 - 2019-01-09 06:42 - 000092704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-02-13 11:26 - 2019-01-09 06:40 - 002765336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-13 11:26 - 2019-01-09 06:40 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-13 11:26 - 2019-01-09 06:40 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-02-13 11:26 - 2019-01-09 06:40 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-13 11:26 - 2019-01-09 06:40 - 000090872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 001943128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 000789696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 000349656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-13 11:26 - 2019-01-09 06:39 - 000164192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 000085472 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2019-02-13 11:26 - 2019-01-09 06:33 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-13 11:26 - 2019-01-09 06:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-13 11:26 - 2019-01-09 06:29 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-02-13 11:26 - 2019-01-09 06:29 - 002500096 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-02-13 11:26 - 2019-01-09 06:27 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-02-13 11:26 - 2019-01-09 06:27 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-13 11:26 - 2019-01-09 06:27 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-13 11:26 - 2019-01-09 06:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-02-13 11:26 - 2019-01-09 06:26 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-13 11:26 - 2019-01-09 06:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-02-13 11:26 - 2019-01-09 06:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-13 11:26 - 2019-01-09 06:24 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-02-13 11:26 - 2019-01-09 06:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-02-13 11:26 - 2019-01-09 06:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-13 11:26 - 2019-01-09 06:23 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-13 11:26 - 2019-01-09 06:23 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-02-13 11:26 - 2019-01-09 06:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-02-13 11:26 - 2019-01-09 06:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-13 11:26 - 2019-01-09 06:23 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-13 11:26 - 2019-01-09 06:23 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-02-13 11:26 - 2019-01-09 06:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-02-13 11:26 - 2019-01-09 06:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-02-13 11:26 - 2019-01-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-13 11:26 - 2019-01-09 06:22 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-13 11:26 - 2019-01-09 06:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-13 11:26 - 2019-01-09 06:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-02-13 11:26 - 2019-01-09 06:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-02-13 11:26 - 2019-01-09 06:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-02-13 11:26 - 2019-01-09 06:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-13 11:26 - 2019-01-09 06:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-02-13 11:26 - 2019-01-09 06:21 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-13 11:26 - 2019-01-09 06:21 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-02-13 11:26 - 2019-01-09 06:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-13 11:26 - 2019-01-09 06:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-13 11:26 - 2019-01-09 06:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-13 11:26 - 2019-01-09 06:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-13 11:26 - 2019-01-09 06:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-02-13 11:26 - 2019-01-09 06:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-13 11:26 - 2019-01-09 06:19 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-02-13 11:26 - 2019-01-09 06:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-02-13 11:26 - 2019-01-09 06:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-02-13 11:26 - 2019-01-09 06:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-02-13 11:26 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-13 11:26 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-02-13 11:26 - 2019-01-08 10:08 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-13 11:26 - 2019-01-08 04:06 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-13 11:26 - 2019-01-08 04:06 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-13 11:26 - 2019-01-08 04:06 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-13 11:23 - 2019-02-13 11:28 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-13 11:18 - 2019-02-13 11:18 - 000519872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2019-02-12 01:26 - 2019-02-16 19:01 - 000000000 ____D C:\WINDOWS\System32\Tasks\WiseCleaner
2019-02-10 22:22 - 2018-07-15 21:12 - 000000453 _____ C:\Users\Tomáš\Desktop\E-mail.txt
2019-02-10 18:39 - 2019-02-10 18:40 - 000000085 _____ C:\WINDOWS\wininit.ini
2019-02-10 15:20 - 2019-02-16 19:13 - 000002912 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-835003961-1480024946-725988966-1001
2019-02-10 15:20 - 2019-02-10 15:20 - 000002367 _____ C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-09 20:22 - 2019-02-07 10:53 - 000000852 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20190209-202240.backup
2019-02-09 20:19 - 2019-02-10 18:40 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-02-09 20:19 - 2019-02-09 20:19 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2019-02-08 22:01 - 2019-02-27 08:23 - 000002234 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-02-08 22:01 - 2019-02-21 17:51 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-02-08 22:01 - 2019-02-16 19:12 - 000000000 ____D C:\Program Files\CCleaner
2019-02-08 22:01 - 2019-02-08 22:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-02-07 06:59 - 2019-02-27 08:33 - 000000000 ____D C:\Users\Tomáš\Desktop\Viry.cz
2019-02-07 05:51 - 2019-02-07 14:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-02-07 05:51 - 2019-02-07 05:51 - 000004012 _____ C:\WINDOWS\System32\Tasks\Avast Cleanup Update
2019-02-07 05:51 - 2019-02-07 05:51 - 000001226 _____ C:\Users\Public\Desktop\Avast Cleanup Premium.lnk
2019-02-07 05:36 - 2019-02-07 05:51 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2019-02-07 05:36 - 2019-02-07 05:36 - 000003496 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineUA
2019-02-07 05:36 - 2019-02-07 05:36 - 000003372 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineCore
2019-02-07 05:36 - 2019-02-07 05:36 - 000002594 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-02-07 05:36 - 2019-02-07 05:36 - 000002559 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-02-07 05:35 - 2019-02-07 05:51 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\AVAST Software
2019-02-07 05:35 - 2019-02-07 05:36 - 000000000 ____D C:\Users\Tomáš\AppData\Local\AVAST Software
2019-02-07 05:34 - 2019-02-07 05:59 - 000000000 ____D C:\Program Files\AVAST Software
2019-02-07 04:15 - 2019-02-07 04:15 - 000000000 ____D C:\Users\Tomáš\Downloads\AVG Internet Security
2019-02-04 11:42 - 2019-02-07 06:36 - 000002302 _____ C:\WINDOWS\System32\Tasks\RogueKiller Anti-Malware
2019-02-04 11:42 - 2019-02-04 11:42 - 033418296 _____ C:\Users\Tomáš\Downloads\RogueKiller_portable64.exe
2019-02-04 06:58 - 2019-02-04 06:58 - 000000000 ____D C:\Users\Tomáš\AppData\Local\mbamtray
2019-02-04 06:58 - 2019-02-04 06:58 - 000000000 ____D C:\Users\Tomáš\AppData\Local\mbam
2019-02-04 05:41 - 2019-02-08 22:08 - 000000000 ____D C:\Users\Tomáš\Downloads\Avast Premier
2019-02-04 04:49 - 2019-02-27 08:23 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-02-04 04:49 - 2019-02-04 04:49 - 000053904 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2019-02-04 04:49 - 2019-02-04 04:49 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-02-04 04:46 - 2019-02-07 14:33 - 000000000 ____D C:\ProgramData\AVAST Software
2019-02-04 04:45 - 2019-02-27 08:09 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-03 20:36 - 2019-02-03 20:36 - 000000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2019-02-03 01:04 - 2019-02-27 08:19 - 087031808 _____ C:\WINDOWS\system32\config\SOFTWARE
2019-02-03 01:04 - 2019-02-27 08:19 - 005242880 _____ C:\WINDOWS\system32\config\DEFAULT
2019-02-03 01:04 - 2019-02-27 08:19 - 000045056 _____ C:\WINDOWS\system32\config\SECURITY
2019-02-03 01:04 - 2019-02-27 08:19 - 000028672 _____ C:\WINDOWS\system32\config\SAM
2019-02-03 00:29 - 2019-02-04 04:42 - 000000000 ____D C:\Users\Tomáš\Downloads\ESET Smart Security 12
2019-01-31 18:54 - 2019-01-31 18:54 - 000000752 _____ C:\WINDOWS\SysWOW64\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
2019-01-31 18:29 - 2019-01-31 18:29 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\ProtonVPN AG
2019-01-31 18:29 - 2019-01-31 18:29 - 000000000 ____D C:\Users\Tomáš\AppData\Local\ProtonVPN
2019-01-31 18:29 - 2019-01-31 18:29 - 000000000 ____D C:\Users\Tomáš\AppData\Local\IsolatedStorage
2019-01-31 11:28 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-31 11:26 - 2019-02-03 00:16 - 000000000 ____D C:\Program Files\Common Files\AV
2019-01-31 11:25 - 2019-01-31 18:51 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-01-31 11:22 - 2019-01-31 11:24 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2019-01-30 02:24 - 2019-01-30 02:25 - 000000024 _____ C:\Users\Tomáš\Desktop\Obchod Bežné Veci.txt
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-27 08:25 - 2019-01-04 04:03 - 000646944 _____ C:\WINDOWS\system32\perfh01B.dat
2019-02-27 08:25 - 2019-01-04 04:03 - 000122342 _____ C:\WINDOWS\system32\perfc01B.dat
2019-02-27 08:25 - 2018-08-12 04:16 - 001521674 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-27 08:25 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-02-27 08:21 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-02-27 08:19 - 2018-08-13 05:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-27 08:19 - 2018-08-12 05:13 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-02-27 08:19 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-27 08:19 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-02-27 08:10 - 2018-08-13 05:49 - 000000000 ____D C:\Users\Tomáš
2019-02-27 08:08 - 2018-12-07 02:39 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\BitTorrent
2019-02-27 08:08 - 2018-08-12 08:43 - 000000000 ____D C:\ProgramData\Origin
2019-02-27 08:08 - 2018-08-12 08:14 - 000000000 ____D C:\Program Files (x86)\Steam
2019-02-27 07:59 - 2019-01-14 13:51 - 000000000 ____D C:\Users\Tomáš\Desktop\Cheaty
2019-02-27 07:23 - 2018-08-13 05:52 - 000000000 ____D C:\Users\Tomáš\AppData\Local\D3DSCache
2019-02-27 05:00 - 2019-01-02 20:49 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\vlc
2019-02-27 04:59 - 2018-08-21 06:53 - 000000000 ____D C:\Users\Tomáš\AppData\Local\CrashDumps
2019-02-27 04:45 - 2018-08-13 05:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-26 14:09 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-25 23:50 - 2018-08-17 08:16 - 000000000 ____D C:\Users\Tomáš\Documents\My Games
2019-02-22 10:21 - 2018-08-12 08:43 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\Origin
2019-02-22 10:19 - 2018-08-12 08:44 - 000000000 ____D C:\Program Files (x86)\Origin
2019-02-22 05:22 - 2019-01-26 23:01 - 000000000 ____D C:\Users\Tomáš\Downloads\Nepozerané Filmy
2019-02-15 15:52 - 2018-08-12 07:35 - 000000000 ____D C:\Program Files\rempl
2019-02-14 17:33 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-14 17:33 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-14 17:33 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-02-14 17:33 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-14 17:33 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-14 17:33 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-14 01:18 - 2018-11-13 20:41 - 000000000 ____D C:\Users\Tomáš\Desktop\Biela Magia
2019-02-13 11:26 - 2018-08-12 07:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-13 11:25 - 2018-08-12 07:35 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-12 20:17 - 2018-11-01 21:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 6
2019-02-10 23:18 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Registration
2019-02-10 18:39 - 2018-08-12 04:13 - 000000000 ____D C:\Users\Tomáš\AppData\Local\Packages
2019-02-10 15:20 - 2018-08-12 04:14 - 000000000 ___RD C:\Users\Tomáš\OneDrive
2019-02-08 13:17 - 2018-08-13 06:08 - 000000000 ____D C:\ProgramData\Packages
2019-02-07 10:54 - 2018-08-13 05:51 - 000002262 _____ C:\WINDOWS\System32\Tasks\StartCN
2019-02-07 07:10 - 2018-04-11 22:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-02-07 06:24 - 2018-11-01 21:14 - 000002450 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Tomáš)
2019-02-07 05:53 - 2019-01-02 20:49 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-02-07 05:43 - 2018-08-12 05:04 - 000000000 ____D C:\Program Files (x86)\Google
2019-02-07 04:57 - 2018-10-10 16:14 - 000061624 _____ (EnigmaSoft Limited) C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys
2019-02-07 04:57 - 2018-09-25 19:58 - 000000000 ____D C:\Users\Tomáš\AppData\Local\Avg
2019-02-07 04:57 - 2018-09-25 19:58 - 000000000 ____D C:\ProgramData\Avg
2019-02-07 04:55 - 2018-09-25 19:59 - 000000000 ____D C:\Program Files (x86)\AVG
2019-02-04 05:03 - 2018-08-12 05:32 - 000000641 _____ C:\Users\Tomáš\Documents\E-mail.txt
2019-02-03 01:04 - 2018-11-14 20:10 - 079917056 _____ C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2019-02-03 01:04 - 2018-11-14 20:10 - 006381568 _____ C:\WINDOWS\system32\config\DRIVERS.iodefrag.bak
2019-02-03 01:04 - 2018-11-14 20:10 - 000581632 _____ C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2019-02-03 01:04 - 2018-11-14 20:10 - 000045056 _____ C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2019-02-03 01:04 - 2018-11-14 20:10 - 000028672 _____ C:\WINDOWS\system32\config\SAM.iodefrag.bak
2019-02-03 00:31 - 2019-01-04 02:36 - 000000000 ____D C:\Users\Tomáš\AppData\Local\ESET
2019-01-31 18:48 - 2019-01-27 23:18 - 000000000 ____D C:\Users\Tomáš
2019-01-31 14:38 - 2019-01-18 20:46 - 000000906 _____ C:\Users\Tomáš\Desktop\Ritual č.2 Kupiť.txt
2019-01-31 11:21 - 2018-09-09 20:08 - 000000000 ____D C:\ProgramData\ProductData
2019-01-29 22:18 - 2019-01-06 01:35 - 000000000 ____D C:\Users\Tomáš\AppData\Local\SquirrelTemp
2019-01-29 22:18 - 2018-04-12 00:41 - 000000000 ____D C:\WINDOWS\Setup
2019-01-29 22:18 - 2018-04-12 00:38 - 000000000 __RSD C:\WINDOWS\media
2019-01-29 22:18 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\security
2019-01-29 22:18 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\IME
2019-01-29 22:18 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Help
==================== Files in the root of some directories =======
2019-01-26 22:28 - 2019-01-26 22:28 - 000315073 _____ () C:\Users\Tomáš\AppData\Local\ars.cache
2019-01-26 22:29 - 2019-01-26 22:29 - 000726947 _____ () C:\Users\Tomáš\AppData\Local\census.cache
2019-01-26 22:17 - 2019-01-26 22:17 - 000000036 _____ () C:\Users\Tomáš\AppData\Local\housecall.guid.cache
2019-01-26 22:21 - 2019-01-26 22:21 - 000000010 _____ () C:\Users\Tomáš\AppData\Local\sponge.last.runtime.cache
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-08-13 05:47
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Avast stále vypisuje že našiel malware
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Avast stále vypisuje že našiel malware
Zdravím mám taký problém avast my stále vypisuje že našiel vírus v C:/Windows/temp skáče my to už 20 minút v minútových intervaloch poprosil by som o kontrolu logu.A momentálne mám nainštalovaný Avast a Malwarebytes. A adware našiel Hacktool v kaspersky ktorý som nemal nikdy nainštalovaný.
Naposledy upravil(a) Tomas1995 dne 27 úno 2019 08:40, celkem upraveno 1 x.
Re: Avast stále vypisuje že našiel malware
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.02.2019 01
Ran by Tomáš (27-02-2019 08:34:33)
Running from C:\Users\Tomáš\Desktop
Windows 10 Home Version 1803 17134.590 (X64) (2018-08-13 04:51:55)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-835003961-1480024946-725988966-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-835003961-1480024946-725988966-503 - Limited - Disabled)
Guest (S-1-5-21-835003961-1480024946-725988966-501 - Limited - Disabled)
Tomáš (S-1-5-21-835003961-1480024946-725988966-1001 - Administrator - Enabled) => C:\Users\Tomáš
WDAGUtilityAccount (S-1-5-21-835003961-1480024946-725988966-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Out of date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.8.1 - Advanced Micro Devices, Inc.)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 18.3.6507 - AVAST Software)
Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 71.0.1037.99 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.59.24655 - Electronic Arts)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0466 - Disc Soft Ltd)
Dead Rising 4 (HKLM-x32\...\Dead Rising 4_is1) (Version: - )
Far Cry New Dawn (HKLM-x32\...\Far Cry New Dawn_is1) (Version: - )
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Malwarebytes verzia 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Metro Exodus (HKLM-x32\...\{F25D08D9-EBE0-4C15-AAD2-50B446E85B17}_is1) (Version: - 4A Games)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.34.21025 - Electronic Arts, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.0.30.51 - EnigmaSoft Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 66.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinRAR 5.60 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
Wise Registry Cleaner 10.1.4 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 10.1.4 - WiseCleaner.com, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-835003961-1480024946-725988966-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-08-02] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09EFE955-9990-488B-A16B-063A207A2CE5} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {1470E9B1-88C6-4A39-910E-0A9997BDB866} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {18700A2B-EE07-46F2-8A4C-1A3514C8F85D} - System32\Tasks\RogueKiller Anti-Malware => C:\Users\Tomáš\Downloads\RogueKiller_portable64.exe (Adlice -> )
Task: {2F9EA34B-9C87-42DE-B2BC-DA3D367306C8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {5567185A-564E-448A-ACFE-C55F9D03637A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6AA57369-72B3-4DF3-9994-99E5FF05842E} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {92282E9B-F6FB-42B1-8830-7B0F8BBBA180} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {B037C8BA-F072-41E5-AFA7-33170AD38398} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {CCC87746-8CAD-424C-BAB1-903ED22D0CF4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {D119F6FF-F364-4705-A425-4D884BC51699} - System32\Tasks\Driver Booster SkipUAC (Tomáš) => C:\Program Files (x86)\IObit\Driver Booster\6.1.0\DriverBooster.exe
Task: {D2ADD8BB-BF5F-4AEA-829B-2A5AC7317F0B} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe (Lespeed Technology Ltd. -> WiseCleaner.com)
Task: {F5EC09C6-3DFC-4639-837D-E5D46139CEAE} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-08-02 17:12 - 2018-08-02 17:12 - 000148992 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\SYSTEM32\amdihk64.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-02-27 08:21 - 2019-02-01 09:55 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2019-02-07 05:51 - 2016-09-12 14:53 - 048936448 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7865 more sites.
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\123simsen.com -> www.123simsen.com
There are 7865 more sites.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 08:24 - 2019-02-09 20:22 - 000450623 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
There are 15459 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-835003961-1480024946-725988966-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomáš\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\anonymous-hd-wallpaper-1920x1080-7297855.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "Ashampoo WinOptimizer Live-Tuner2"
HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\StartupApproved\Run: => "RogueKiller Anti-Malware"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1230FE20-B166-4B02-BB74-1BA64642136F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E895B571-7874-44FA-A492-0DBB2F14E99C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7D01781A-A565-4508-8FDF-C77E078079FF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{365D9B7D-9054-471E-8932-E0446EEEBD9F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D85466A6-2460-405E-A10A-F5F820A6440A}] => (Allow) E:\Counter Strike Global Offensive\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{91759AD4-518D-450B-893D-D20561587C85}] => (Allow) E:\Counter Strike Global Offensive\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{51E80CB4-89FC-46C8-8F94-825A7F809CD2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{EB214F12-6A40-46DB-9731-D44CECA08569}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{99579B5D-BAFA-467D-A07F-ED3FF2831809}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{7D9BE500-8FC7-48F4-B991-9EEB083ADC90}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
13-02-2019 11:25:15 Windows Update
21-02-2019 17:59:07 Scheduled Checkpoint
27-02-2019 07:22:03 AA11
27-02-2019 07:27:27 AA11
27-02-2019 08:10:02 AA11
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/27/2019 08:22:08 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Malwarebytes status to SECURITY_PRODUCT_STATE_EXPIRED.
Error: (02/27/2019 08:10:14 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.
Error: (02/27/2019 08:09:11 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (5648,R,98) WebCacheLocal: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Users\Tomáš\AppData\Local\Microsoft\Windows\WebCache\V010001E.log.
Error: (02/27/2019 07:27:36 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.
Error: (02/27/2019 07:27:36 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.
Error: (02/27/2019 07:27:36 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.
Error: (02/27/2019 04:59:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: csgo.exe, verzia: 0.0.0.0, časová značka: 0x5c058004
Názov chybujúceho modulu: materialsystem.dll, verzia: 0.0.0.0, časová značka: 0x5c634c3b
Kód výnimky: 0xc0000005
Odstup chyby: 0x0009d658
Identifikácia chybujúceho procesu: 0x3cf0
Čas spustenia chybujúcej aplikácie: 0x01d4ce506b88c409
Cesta chybujúcej aplikácie: E:\Counter Strike Global Offensive\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Cesta chybujúceho modulu: e:\counter strike global offensive\steamapps\common\counter-strike global offensive\bin\materialsystem.dll
Identifikácia hlásenia: cbbfbbd1-80c9-47a7-a2b4-120d5bd7f3dc
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (02/26/2019 05:26:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: csgo.exe, verzia: 0.0.0.0, časová značka: 0x5c058004
Názov chybujúceho modulu: materialsystem.dll, verzia: 0.0.0.0, časová značka: 0x5c634c3b
Kód výnimky: 0xc0000005
Odstup chyby: 0x0009d658
Identifikácia chybujúceho procesu: 0x3c64
Čas spustenia chybujúcej aplikácie: 0x01d4cd7df0b84b56
Cesta chybujúcej aplikácie: E:\Counter Strike Global Offensive\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Cesta chybujúceho modulu: e:\counter strike global offensive\steamapps\common\counter-strike global offensive\bin\materialsystem.dll
Identifikácia hlásenia: 10dc8e6e-6a58-489a-ad89-1945351d79ea
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
System errors:
=============
Error: (02/27/2019 08:20:45 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5TKCKME)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-5TKCKME\Tomáš SID (S-1-5-21-835003961-1480024946-725988966-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/27/2019 08:19:50 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5TKCKME)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-5TKCKME\Tomáš SID (S-1-5-21-835003961-1480024946-725988966-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/27/2019 08:19:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby AdvancedSystemCareService12 zlyhalo kvôli nasledujúcej chybe:
The system cannot find the path specified.
Error: (02/27/2019 08:19:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Avast Cleanup Premium zlyhalo kvôli nasledujúcej chybe:
The pipe has been ended.
Error: (02/27/2019 08:18:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast Cleanup Premium sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 5000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (02/27/2019 08:18:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Remediation Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (02/27/2019 08:18:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/27/2019 08:16:08 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5TKCKME)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-5TKCKME\Tomáš SID (S-1-5-21-835003961-1480024946-725988966-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Windows Defender:
===================================
Date: 2019-01-31 16:34:19.103
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:MSIL/Uflooder.C!bit
ID: 2147709445
Severity: Vysoká
Category: Nástroj
Path: file:_C:\Users\Tomáš\Downloads\LOIC\LOIC.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\WinRAR\WinRAR.exe
Signature Version: AV: 1.285.509.0, AS: 1.285.509.0, NIS: 1.285.509.0
Engine Version: AM: 1.1.15600.4, NIS: 1.1.15600.4
Date: 2019-01-31 11:14:14.094
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: SoftwareBundler:Win32/Prepscram
ID: 226289
Severity: Vysoká
Category: Softvérový balík
Path: containerfile:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip; file:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip->original_keys__crack.zip->original/original_keys__crack.exe; webfile:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip|about:internet|pid:4744,ProcessStart:131933998711529703
Detection Origin: Internet
Detection Type: Concrete
Detection Source: Downloads and attachments
Process Name: Unknown
Signature Version: AV: 1.285.509.0, AS: 1.285.509.0, NIS: 1.285.509.0
Engine Version: AM: 1.1.15600.4, NIS: 1.1.15600.4
Date: 2019-01-31 11:14:14.093
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Woreflint.A!cl
ID: 2147723317
Severity: Závažná
Category: Trójsky kôň
Path: containerfile:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip; file:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip->original_keys_crack.zip->original_keys.exe; webfile:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip|about:internet|pid:4744,ProcessStart:131933998711529703
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Signature Version: AV: 1.285.509.0, AS: 1.285.509.0, NIS: 1.285.509.0
Engine Version: AM: 1.1.15600.4, NIS: 1.1.15600.4
Date: 2019-01-31 10:06:25.188
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Occamy.C
ID: 2147726780
Severity: Závažná
Category: Trójsky kôň
Path: file:_C:\Users\Tomáš\Desktop\Cheaty\New cheats 7.12.18 Glow Esp-KUB4Z\glow esp 12.7.2018 (Danger Zone Update).exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Signature Version: AV: 1.285.509.0, AS: 1.285.509.0, NIS: 1.285.509.0
Engine Version: AM: 1.1.15600.4, NIS: 1.1.15600.4
Date: 2019-01-29 21:56:09.617
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: SoftwareBundler:Win32/Prepscram.D
ID: 239500
Severity: Vysoká
Category: Softvérový balík
Path: file:_C:\Users\Tomáš\Downloads\Auslogics Anti-Malware 1190 License Key Download HERE.exe.rename; webfile:_C:\Users\Tomáš\Downloads\Auslogics Anti-Malware 1190 License Key Download HERE.exe.rename|http://popcorn.directioncable.pw/311403 ... 8632208481
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Signature Version: AV: 1.285.398.0, AS: 1.285.398.0, NIS: 1.285.398.0
Engine Version: AM: 1.1.15600.4, NIS: 1.1.15600.4
CodeIntegrity:
===================================
Date: 2019-02-07 05:43:11.418
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.
Date: 2019-02-07 05:43:10.427
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.
Date: 2019-02-03 00:14:03.644
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-03 00:04:17.302
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-02 23:50:16.619
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-02 23:47:46.792
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-02 23:42:16.563
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-02 23:37:35.389
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD Ryzen 7 1700 Eight-Core Processor
Percentage of memory in use: 24%
Total physical RAM: 16335.98 MB
Available physical RAM: 12404.5 MB
Total Virtual: 18767.98 MB
Available Virtual: 13460.13 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.24 GB) (Free:30.39 GB) NTFS
Drive e: () (Fixed) (Total:931.5 GB) (Free:83.78 GB) NTFS
\\?\Volume{b409df67-447f-4090-b71c-035c8eaa3d4a}\ (Obnovenie) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{a2ef93c4-b627-407e-9fbf-e88d55849c0d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 1BD81BD8)
Partition: GPT.
==================== End of Addition.txt ============================
Re: Avast stále vypisuje že našiel malware
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.02.2019 01
Ran by Tomáš (27-02-2019 08:34:33)
Running from C:\Users\Tomáš\Desktop
Windows 10 Home Version 1803 17134.590 (X64) (2018-08-13 04:51:55)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-835003961-1480024946-725988966-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-835003961-1480024946-725988966-503 - Limited - Disabled)
Guest (S-1-5-21-835003961-1480024946-725988966-501 - Limited - Disabled)
Tomáš (S-1-5-21-835003961-1480024946-725988966-1001 - Administrator - Enabled) => C:\Users\Tomáš
WDAGUtilityAccount (S-1-5-21-835003961-1480024946-725988966-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Out of date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.8.1 - Advanced Micro Devices, Inc.)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 18.3.6507 - AVAST Software)
Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 71.0.1037.99 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.59.24655 - Electronic Arts)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0466 - Disc Soft Ltd)
Dead Rising 4 (HKLM-x32\...\Dead Rising 4_is1) (Version: - )
Far Cry New Dawn (HKLM-x32\...\Far Cry New Dawn_is1) (Version: - )
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Malwarebytes verzia 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Metro Exodus (HKLM-x32\...\{F25D08D9-EBE0-4C15-AAD2-50B446E85B17}_is1) (Version: - 4A Games)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.34.21025 - Electronic Arts, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.0.30.51 - EnigmaSoft Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 66.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinRAR 5.60 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
Wise Registry Cleaner 10.1.4 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 10.1.4 - WiseCleaner.com, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-835003961-1480024946-725988966-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-08-02] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09EFE955-9990-488B-A16B-063A207A2CE5} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {1470E9B1-88C6-4A39-910E-0A9997BDB866} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {18700A2B-EE07-46F2-8A4C-1A3514C8F85D} - System32\Tasks\RogueKiller Anti-Malware => C:\Users\Tomáš\Downloads\RogueKiller_portable64.exe (Adlice -> )
Task: {2F9EA34B-9C87-42DE-B2BC-DA3D367306C8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {5567185A-564E-448A-ACFE-C55F9D03637A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6AA57369-72B3-4DF3-9994-99E5FF05842E} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {92282E9B-F6FB-42B1-8830-7B0F8BBBA180} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {B037C8BA-F072-41E5-AFA7-33170AD38398} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {CCC87746-8CAD-424C-BAB1-903ED22D0CF4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {D119F6FF-F364-4705-A425-4D884BC51699} - System32\Tasks\Driver Booster SkipUAC (Tomáš) => C:\Program Files (x86)\IObit\Driver Booster\6.1.0\DriverBooster.exe
Task: {D2ADD8BB-BF5F-4AEA-829B-2A5AC7317F0B} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe (Lespeed Technology Ltd. -> WiseCleaner.com)
Task: {F5EC09C6-3DFC-4639-837D-E5D46139CEAE} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-08-02 17:12 - 2018-08-02 17:12 - 000148992 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\SYSTEM32\amdihk64.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-02-27 08:21 - 2019-02-01 09:55 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-02-27 08:21 - 2019-02-01 09:56 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2019-02-07 05:51 - 2016-09-12 14:53 - 048936448 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7865 more sites.
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\123simsen.com -> www.123simsen.com
There are 7865 more sites.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 08:24 - 2019-02-09 20:22 - 000450623 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
There are 15459 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-835003961-1480024946-725988966-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomáš\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\anonymous-hd-wallpaper-1920x1080-7297855.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "Ashampoo WinOptimizer Live-Tuner2"
HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\StartupApproved\Run: => "RogueKiller Anti-Malware"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1230FE20-B166-4B02-BB74-1BA64642136F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E895B571-7874-44FA-A492-0DBB2F14E99C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7D01781A-A565-4508-8FDF-C77E078079FF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{365D9B7D-9054-471E-8932-E0446EEEBD9F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D85466A6-2460-405E-A10A-F5F820A6440A}] => (Allow) E:\Counter Strike Global Offensive\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{91759AD4-518D-450B-893D-D20561587C85}] => (Allow) E:\Counter Strike Global Offensive\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{51E80CB4-89FC-46C8-8F94-825A7F809CD2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{EB214F12-6A40-46DB-9731-D44CECA08569}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{99579B5D-BAFA-467D-A07F-ED3FF2831809}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{7D9BE500-8FC7-48F4-B991-9EEB083ADC90}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
13-02-2019 11:25:15 Windows Update
21-02-2019 17:59:07 Scheduled Checkpoint
27-02-2019 07:22:03 AA11
27-02-2019 07:27:27 AA11
27-02-2019 08:10:02 AA11
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/27/2019 08:22:08 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Malwarebytes status to SECURITY_PRODUCT_STATE_EXPIRED.
Error: (02/27/2019 08:10:14 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.
Error: (02/27/2019 08:09:11 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (5648,R,98) WebCacheLocal: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Users\Tomáš\AppData\Local\Microsoft\Windows\WebCache\V010001E.log.
Error: (02/27/2019 07:27:36 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.
Error: (02/27/2019 07:27:36 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.
Error: (02/27/2019 07:27:36 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.
Error: (02/27/2019 04:59:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: csgo.exe, verzia: 0.0.0.0, časová značka: 0x5c058004
Názov chybujúceho modulu: materialsystem.dll, verzia: 0.0.0.0, časová značka: 0x5c634c3b
Kód výnimky: 0xc0000005
Odstup chyby: 0x0009d658
Identifikácia chybujúceho procesu: 0x3cf0
Čas spustenia chybujúcej aplikácie: 0x01d4ce506b88c409
Cesta chybujúcej aplikácie: E:\Counter Strike Global Offensive\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Cesta chybujúceho modulu: e:\counter strike global offensive\steamapps\common\counter-strike global offensive\bin\materialsystem.dll
Identifikácia hlásenia: cbbfbbd1-80c9-47a7-a2b4-120d5bd7f3dc
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (02/26/2019 05:26:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: csgo.exe, verzia: 0.0.0.0, časová značka: 0x5c058004
Názov chybujúceho modulu: materialsystem.dll, verzia: 0.0.0.0, časová značka: 0x5c634c3b
Kód výnimky: 0xc0000005
Odstup chyby: 0x0009d658
Identifikácia chybujúceho procesu: 0x3c64
Čas spustenia chybujúcej aplikácie: 0x01d4cd7df0b84b56
Cesta chybujúcej aplikácie: E:\Counter Strike Global Offensive\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Cesta chybujúceho modulu: e:\counter strike global offensive\steamapps\common\counter-strike global offensive\bin\materialsystem.dll
Identifikácia hlásenia: 10dc8e6e-6a58-489a-ad89-1945351d79ea
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
System errors:
=============
Error: (02/27/2019 08:20:45 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5TKCKME)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-5TKCKME\Tomáš SID (S-1-5-21-835003961-1480024946-725988966-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/27/2019 08:19:50 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5TKCKME)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-5TKCKME\Tomáš SID (S-1-5-21-835003961-1480024946-725988966-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/27/2019 08:19:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby AdvancedSystemCareService12 zlyhalo kvôli nasledujúcej chybe:
The system cannot find the path specified.
Error: (02/27/2019 08:19:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Avast Cleanup Premium zlyhalo kvôli nasledujúcej chybe:
The pipe has been ended.
Error: (02/27/2019 08:18:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast Cleanup Premium sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 5000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (02/27/2019 08:18:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Remediation Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (02/27/2019 08:18:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/27/2019 08:16:08 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5TKCKME)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-5TKCKME\Tomáš SID (S-1-5-21-835003961-1480024946-725988966-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Windows Defender:
===================================
Date: 2019-01-31 16:34:19.103
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:MSIL/Uflooder.C!bit
ID: 2147709445
Severity: Vysoká
Category: Nástroj
Path: file:_C:\Users\Tomáš\Downloads\LOIC\LOIC.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\WinRAR\WinRAR.exe
Signature Version: AV: 1.285.509.0, AS: 1.285.509.0, NIS: 1.285.509.0
Engine Version: AM: 1.1.15600.4, NIS: 1.1.15600.4
Date: 2019-01-31 11:14:14.094
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: SoftwareBundler:Win32/Prepscram
ID: 226289
Severity: Vysoká
Category: Softvérový balík
Path: containerfile:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip; file:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip->original_keys__crack.zip->original/original_keys__crack.exe; webfile:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip|about:internet|pid:4744,ProcessStart:131933998711529703
Detection Origin: Internet
Detection Type: Concrete
Detection Source: Downloads and attachments
Process Name: Unknown
Signature Version: AV: 1.285.509.0, AS: 1.285.509.0, NIS: 1.285.509.0
Engine Version: AM: 1.1.15600.4, NIS: 1.1.15600.4
Date: 2019-01-31 11:14:14.093
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Woreflint.A!cl
ID: 2147723317
Severity: Závažná
Category: Trójsky kôň
Path: containerfile:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip; file:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip->original_keys_crack.zip->original_keys.exe; webfile:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip|about:internet|pid:4744,ProcessStart:131933998711529703
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Signature Version: AV: 1.285.509.0, AS: 1.285.509.0, NIS: 1.285.509.0
Engine Version: AM: 1.1.15600.4, NIS: 1.1.15600.4
Date: 2019-01-31 10:06:25.188
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Occamy.C
ID: 2147726780
Severity: Závažná
Category: Trójsky kôň
Path: file:_C:\Users\Tomáš\Desktop\Cheaty\New cheats 7.12.18 Glow Esp-KUB4Z\glow esp 12.7.2018 (Danger Zone Update).exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Signature Version: AV: 1.285.509.0, AS: 1.285.509.0, NIS: 1.285.509.0
Engine Version: AM: 1.1.15600.4, NIS: 1.1.15600.4
Date: 2019-01-29 21:56:09.617
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: SoftwareBundler:Win32/Prepscram.D
ID: 239500
Severity: Vysoká
Category: Softvérový balík
Path: file:_C:\Users\Tomáš\Downloads\Auslogics Anti-Malware 1190 License Key Download HERE.exe.rename; webfile:_C:\Users\Tomáš\Downloads\Auslogics Anti-Malware 1190 License Key Download HERE.exe.rename|http://popcorn.directioncable.pw/311403 ... 8632208481
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Signature Version: AV: 1.285.398.0, AS: 1.285.398.0, NIS: 1.285.398.0
Engine Version: AM: 1.1.15600.4, NIS: 1.1.15600.4
CodeIntegrity:
===================================
Date: 2019-02-07 05:43:11.418
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.
Date: 2019-02-07 05:43:10.427
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.
Date: 2019-02-03 00:14:03.644
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-03 00:04:17.302
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-02 23:50:16.619
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-02 23:47:46.792
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-02 23:42:16.563
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-02 23:37:35.389
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD Ryzen 7 1700 Eight-Core Processor
Percentage of memory in use: 24%
Total physical RAM: 16335.98 MB
Available physical RAM: 12404.5 MB
Total Virtual: 18767.98 MB
Available Virtual: 13460.13 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.24 GB) (Free:30.39 GB) NTFS
Drive e: () (Fixed) (Total:931.5 GB) (Free:83.78 GB) NTFS
\\?\Volume{b409df67-447f-4090-b71c-035c8eaa3d4a}\ (Obnovenie) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{a2ef93c4-b627-407e-9fbf-e88d55849c0d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 1BD81BD8)
Partition: GPT.
==================== End of Addition.txt ============================
Re: Avast stále vypisuje že našiel malware
Dobry den.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
► Vyšla moja nová kniha BOTNETY! 
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Avast stále vypisuje že našiel malware
# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-02-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-27-2019
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 16
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Tomáš\AppData\Roaming\BlueSprig
***** [ Files ] *****
Deleted C:\Windows\Temp\reimage.log
Deleted C:\Windows\Reimage.ini
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Wow6432Node\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKLM\Software\Plumbytes Software
Deleted HKCU\Software\Reimage
Deleted HKLM\Software\Reimage
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine.1
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine
Deleted HKLM\Software\Classes\CLSID\{D4EF86C3-77D7-4F82-BBB8-6DFFAB6E2D32}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2498 octets] - [27/02/2019 08:18:38]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Re: Avast stále vypisuje že našiel malware
Poprosim o nove logy z FRST a ADDITIN
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Avast stále vypisuje že našiel malware
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.02.2019 01
Ran by Tomáš (administrator) on DESKTOP-5TKCKME (27-02-2019 14:12:18)
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: Tomáš (Available Profiles: Tomáš)
Platform: Windows 10 Home Version 1803 17134.590 (X64) Language: Slovenčina (Slovensko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0335976.inf_amd64_1397caa37ab11010\B335980\atiesrxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0335976.inf_amd64_1397caa37ab11010\B335980\atieclxx.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.222.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.222.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.16.1012.0_x64__8wekyb3d8bbwe\GameBar.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [729704 2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\Run: [AvastBrowserAutoLaunch_C91FB151CC54D07838AAC157F3E3A07C] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1822448 2019-01-09] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19646312 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-10-19] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-10-19] (Electronic Arts -> On2.com)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.99\Installer\chrmstp.exe [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-02-07]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * lsdel.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ee1f5357-2eb5-4be8-9dd2-94dc29e34260}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{ee1f5357-2eb5-4be8-9dd2-94dc29e34260}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0335976.inf_amd64_1397caa37ab11010\B335980\atiesrxx.exe [508016 2018-12-05] (Advanced Micro Devices, Inc. -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [369264 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.99\elevation_service.exe [390552 2019-01-09] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [9874528 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3606632 2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S4 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [9872688 2018-10-10] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-01-23] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-01-23] (Electronic Arts, Inc. -> Electronic Arts)
S4 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [538416 2018-10-10] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\NisSrv.exe [4096976 2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MsMpEng.exe [113992 2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [34568 2018-11-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [24288 2018-11-01] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [67592 2018-12-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0335976.inf_amd64_1397caa37ab11010\B335980\atikmdag.sys [47412848 2018-12-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0335976.inf_amd64_1397caa37ab11010\B335980\atikmpag.sys [589936 2018-12-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [102384 2018-11-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31704 2018-11-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [137688 2018-11-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [93240 2018-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [33336 2018-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-02-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [519872 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-15] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2019-02-04] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [107496 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-08-13] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [61624 2019-02-07] (EnigmaSoft Limited -> EnigmaSoft Limited)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-11-01] (Martin Malik - REALiX -> REALiX(tm))
S4 IMFMBRProtect; no ImagePath
S4 IMFSafeBox; no ImagePath
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1118648 2018-11-01] (Realtek Semiconductor Corp. -> Realtek )
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-06-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46488 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [343032 2019-01-24] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [63480 2019-01-24] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-27 14:12 - 2019-02-27 14:12 - 000015693 _____ C:\Users\Tomáš\Desktop\FRST.txt
2019-02-27 14:03 - 2019-02-27 14:03 - 000000000 _____ C:\Users\Tomáš\Downloads\WiperSoft-installer.exe
2019-02-27 13:50 - 2019-02-27 13:50 - 007316688 _____ (Malwarebytes) C:\Users\Tomáš\Downloads\adwcleaner_7.2.7.0 (1).exe
2019-02-27 09:02 - 2019-02-27 09:02 - 000000000 ____D C:\Users\Tomáš\.QtWebEngineProcess
2019-02-27 08:33 - 2019-02-27 14:12 - 000000000 ____D C:\FRST
2019-02-27 08:33 - 2019-02-27 08:33 - 002433536 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST64.exe
2019-02-27 08:21 - 2019-02-27 08:21 - 000000000 ____D C:\Program Files\Malwarebytes
2019-02-27 08:18 - 2019-02-27 08:18 - 007316688 _____ (Malwarebytes) C:\Users\Tomáš\Downloads\adwcleaner_7.2.7.0.exe
2019-02-27 08:18 - 2019-02-27 08:18 - 000000000 ____D C:\AdwCleaner
2019-02-27 08:08 - 2019-02-27 08:08 - 000234136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-27 07:33 - 2019-02-27 07:33 - 000018318 _____ C:\WINDOWS\system32\lsdel.dat
2019-02-27 07:23 - 2019-02-27 07:23 - 000000000 ____D C:\Users\Tomáš\AppData\Local\AdAwareDesktop
2019-02-27 07:22 - 2019-02-27 07:22 - 000000000 ____D C:\Users\Tomáš\AppData\Local\AdAwareUpdater
2019-02-27 07:16 - 2019-02-27 09:03 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-02-25 23:48 - 2019-02-25 23:48 - 000000000 ____D C:\Users\Public\Documents\uPlay
2019-02-23 05:23 - 2019-02-23 05:23 - 000000734 _____ C:\Users\Tomáš\Desktop\Far Cry New Dawn.lnk
2019-02-22 23:07 - 2019-02-22 23:07 - 000000000 ____D C:\Users\Tomáš\AppData\LocalLow\BitTorrent
2019-02-21 17:51 - 2019-02-27 12:55 - 000002988 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-02-20 22:30 - 2019-02-20 22:30 - 000000680 _____ C:\Users\Public\Desktop\Metro Exodus.lnk
2019-02-20 22:30 - 2019-02-20 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro Exodus
2019-02-20 01:00 - 2019-02-20 01:18 - 000000184 _____ C:\Users\Tomáš\Desktop\Na Predaj.txt
2019-02-16 21:09 - 2019-02-27 13:10 - 000000766 _____ C:\Users\Tomáš\Desktop\Iphone.txt
2019-02-16 19:07 - 2019-02-16 19:07 - 089960448 _____ C:\WINDOWS\system32\config\SOFTWARE.rhk
2019-02-16 19:07 - 2019-02-16 19:07 - 006234112 _____ C:\Users\Tomáš\NTUSER.rhk
2019-02-16 19:07 - 2019-02-16 19:07 - 005074944 _____ C:\WINDOWS\system32\config\DEFAULT.rhk
2019-02-16 19:07 - 2019-02-16 19:07 - 000045056 _____ C:\WINDOWS\system32\config\SECURITY.rhk
2019-02-16 19:07 - 2019-02-16 19:07 - 000028672 _____ C:\WINDOWS\system32\config\SAM.rhk
2019-02-16 19:01 - 2019-02-16 19:07 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\Wise Registry Cleaner
2019-02-16 19:01 - 2019-02-16 19:01 - 000001318 _____ C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2019-02-16 19:01 - 2019-02-16 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
2019-02-16 19:01 - 2019-02-16 19:01 - 000000000 ____D C:\Program Files (x86)\Wise
2019-02-15 15:43 - 2019-02-15 15:43 - 000474456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-02-14 15:43 - 2019-02-14 15:43 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-02-14 15:43 - 2019-02-14 15:43 - 000002094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premier.lnk
2019-02-14 15:43 - 2019-02-14 15:43 - 000002082 _____ C:\Users\Public\Desktop\Avast Premier.lnk
2019-02-14 15:39 - 2019-02-07 05:34 - 001034432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000379952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-02-14 15:39 - 2019-02-07 05:34 - 000320696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000225680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000216784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000196072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000167304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000057960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-02-14 15:39 - 2019-02-07 05:34 - 000015488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-02-14 00:41 - 2019-02-27 12:03 - 000000224 _____ C:\Users\Tomáš\Desktop\Kupiť .txt
2019-02-13 11:26 - 2019-02-06 08:54 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-13 11:26 - 2019-02-06 08:53 - 001634704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-13 11:26 - 2019-02-06 08:35 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-13 11:26 - 2019-02-06 08:32 - 003648512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-13 11:26 - 2019-02-06 08:30 - 004052992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-13 11:26 - 2019-02-06 08:30 - 001662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-13 11:26 - 2019-02-06 08:30 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-13 11:26 - 2019-02-06 08:11 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-13 11:26 - 2019-02-06 07:57 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-13 11:26 - 2019-02-06 07:52 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-13 11:26 - 2019-02-06 07:52 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-13 11:26 - 2019-02-06 07:52 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-13 11:26 - 2019-02-06 04:01 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-13 11:26 - 2019-02-06 04:01 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-13 11:26 - 2019-02-06 04:01 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-13 11:26 - 2019-02-06 04:01 - 000720480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-13 11:26 - 2019-02-06 04:01 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-02-13 11:26 - 2019-02-06 04:01 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-13 11:26 - 2019-02-06 04:01 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-02-13 11:26 - 2019-02-06 04:01 - 000033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-13 11:26 - 2019-02-06 04:00 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-13 11:26 - 2019-02-06 04:00 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-13 11:26 - 2019-02-06 04:00 - 006572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-13 11:26 - 2019-02-06 04:00 - 002719760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-13 11:26 - 2019-02-06 04:00 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-13 11:26 - 2019-02-06 04:00 - 002421264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-13 11:26 - 2019-02-06 04:00 - 001257904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-13 11:26 - 2019-02-06 04:00 - 001140680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-13 11:26 - 2019-02-06 04:00 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-02-13 11:26 - 2019-02-06 04:00 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-02-13 11:26 - 2019-02-06 04:00 - 000945680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-13 11:26 - 2019-02-06 04:00 - 000899728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-13 11:26 - 2019-02-06 04:00 - 000466960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-13 11:26 - 2019-02-06 04:00 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-13 11:26 - 2019-02-06 04:00 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-13 11:26 - 2019-02-06 04:00 - 000038792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-13 11:26 - 2019-02-06 03:59 - 001922064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-13 11:26 - 2019-02-06 03:59 - 001457248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-13 11:26 - 2019-02-06 03:59 - 000983128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-13 11:26 - 2019-02-06 03:59 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-13 11:26 - 2019-02-06 03:52 - 022014464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-13 11:26 - 2019-02-06 03:45 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-13 11:26 - 2019-02-06 03:42 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-13 11:26 - 2019-02-06 03:41 - 025853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-13 11:26 - 2019-02-06 03:41 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-02-13 11:26 - 2019-02-06 03:40 - 005792256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-13 11:26 - 2019-02-06 03:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-13 11:26 - 2019-02-06 03:38 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-13 11:26 - 2019-02-06 03:38 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-02-13 11:26 - 2019-02-06 03:37 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-13 11:26 - 2019-02-06 03:37 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-13 11:26 - 2019-02-06 03:33 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-13 11:26 - 2019-02-06 03:29 - 004865536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-13 11:26 - 2019-02-06 03:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-13 11:26 - 2019-02-06 03:28 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-13 11:26 - 2019-02-06 03:27 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-13 11:26 - 2019-02-06 03:27 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-13 11:26 - 2019-02-06 03:27 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-13 11:26 - 2019-02-06 03:27 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-13 11:26 - 2019-02-06 03:26 - 007599616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-13 11:26 - 2019-02-06 03:26 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-02-13 11:26 - 2019-02-06 03:26 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-13 11:26 - 2019-02-06 03:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-13 11:26 - 2019-02-06 03:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-02-13 11:26 - 2019-02-06 03:25 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-13 11:26 - 2019-02-06 03:25 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-13 11:26 - 2019-02-06 03:24 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-13 11:26 - 2019-02-06 03:24 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-02-13 11:26 - 2019-02-06 03:23 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-13 11:26 - 2019-02-06 03:22 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-13 11:26 - 2019-02-06 03:22 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-13 11:26 - 2019-02-06 03:21 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-13 11:26 - 2019-02-06 02:04 - 000001314 _____ C:\WINDOWS\system32\tcbres.wim
2019-02-13 11:26 - 2019-02-02 23:53 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-02-13 11:26 - 2019-02-02 23:53 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-13 11:26 - 2019-01-12 09:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-13 11:26 - 2019-01-12 03:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-13 11:26 - 2019-01-09 19:08 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-02-13 11:26 - 2019-01-09 18:57 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-13 11:26 - 2019-01-09 18:42 - 004716032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-13 11:26 - 2019-01-09 18:41 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-02-13 11:26 - 2019-01-09 18:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-02-13 11:26 - 2019-01-09 18:40 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-02-13 11:26 - 2019-01-09 18:36 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-02-13 11:26 - 2019-01-09 18:35 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-02-13 11:26 - 2019-01-09 11:14 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-13 11:26 - 2019-01-09 10:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-02-13 11:26 - 2019-01-09 10:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-02-13 11:26 - 2019-01-09 09:55 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-02-13 11:26 - 2019-01-09 09:48 - 000527368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-02-13 11:26 - 2019-01-09 06:59 - 000611848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-13 11:26 - 2019-01-09 06:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-02-13 11:26 - 2019-01-09 06:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
2019-02-13 11:26 - 2019-01-09 06:42 - 001035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-13 11:26 - 2019-01-09 06:42 - 000092704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-02-13 11:26 - 2019-01-09 06:40 - 002765336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-13 11:26 - 2019-01-09 06:40 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-13 11:26 - 2019-01-09 06:40 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-02-13 11:26 - 2019-01-09 06:40 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-13 11:26 - 2019-01-09 06:40 - 000090872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 001943128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 000789696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 000349656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-13 11:26 - 2019-01-09 06:39 - 000164192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-02-13 11:26 - 2019-01-09 06:39 - 000085472 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2019-02-13 11:26 - 2019-01-09 06:33 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-13 11:26 - 2019-01-09 06:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-13 11:26 - 2019-01-09 06:29 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-02-13 11:26 - 2019-01-09 06:29 - 002500096 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-02-13 11:26 - 2019-01-09 06:27 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-02-13 11:26 - 2019-01-09 06:27 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-13 11:26 - 2019-01-09 06:27 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-13 11:26 - 2019-01-09 06:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-02-13 11:26 - 2019-01-09 06:26 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-13 11:26 - 2019-01-09 06:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-02-13 11:26 - 2019-01-09 06:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-13 11:26 - 2019-01-09 06:24 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-02-13 11:26 - 2019-01-09 06:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-02-13 11:26 - 2019-01-09 06:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-13 11:26 - 2019-01-09 06:23 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-13 11:26 - 2019-01-09 06:23 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-02-13 11:26 - 2019-01-09 06:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-02-13 11:26 - 2019-01-09 06:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-13 11:26 - 2019-01-09 06:23 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-13 11:26 - 2019-01-09 06:23 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-02-13 11:26 - 2019-01-09 06:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-02-13 11:26 - 2019-01-09 06:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-02-13 11:26 - 2019-01-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-13 11:26 - 2019-01-09 06:22 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-13 11:26 - 2019-01-09 06:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-13 11:26 - 2019-01-09 06:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-02-13 11:26 - 2019-01-09 06:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-02-13 11:26 - 2019-01-09 06:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-02-13 11:26 - 2019-01-09 06:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-13 11:26 - 2019-01-09 06:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-02-13 11:26 - 2019-01-09 06:21 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-13 11:26 - 2019-01-09 06:21 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-02-13 11:26 - 2019-01-09 06:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-13 11:26 - 2019-01-09 06:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-13 11:26 - 2019-01-09 06:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-13 11:26 - 2019-01-09 06:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-13 11:26 - 2019-01-09 06:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-02-13 11:26 - 2019-01-09 06:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-13 11:26 - 2019-01-09 06:19 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-02-13 11:26 - 2019-01-09 06:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-02-13 11:26 - 2019-01-09 06:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-02-13 11:26 - 2019-01-09 06:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-02-13 11:26 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-13 11:26 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-02-13 11:26 - 2019-01-08 10:08 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-13 11:26 - 2019-01-08 04:06 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-13 11:26 - 2019-01-08 04:06 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-13 11:26 - 2019-01-08 04:06 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-13 11:23 - 2019-02-13 11:28 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-13 11:18 - 2019-02-13 11:18 - 000519872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2019-02-12 01:26 - 2019-02-16 19:01 - 000000000 ____D C:\WINDOWS\System32\Tasks\WiseCleaner
2019-02-10 22:22 - 2018-07-15 21:12 - 000000453 _____ C:\Users\Tomáš\Desktop\E-mail.txt
2019-02-10 18:39 - 2019-02-10 18:40 - 000000085 _____ C:\WINDOWS\wininit.ini
2019-02-10 15:20 - 2019-02-16 19:13 - 000002912 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-835003961-1480024946-725988966-1001
2019-02-10 15:20 - 2019-02-10 15:20 - 000002367 _____ C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-09 20:22 - 2019-02-07 10:53 - 000000852 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20190209-202240.backup
2019-02-09 20:19 - 2019-02-10 18:40 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-02-09 20:19 - 2019-02-09 20:19 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2019-02-08 22:01 - 2019-02-27 12:55 - 000002234 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-02-08 22:01 - 2019-02-21 17:51 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-02-08 22:01 - 2019-02-16 19:12 - 000000000 ____D C:\Program Files\CCleaner
2019-02-08 22:01 - 2019-02-08 22:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-02-07 06:59 - 2019-02-27 14:12 - 000000000 ____D C:\Users\Tomáš\Desktop\Viry.cz
2019-02-07 05:51 - 2019-02-07 14:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-02-07 05:51 - 2019-02-07 05:51 - 000004012 _____ C:\WINDOWS\System32\Tasks\Avast Cleanup Update
2019-02-07 05:51 - 2019-02-07 05:51 - 000001226 _____ C:\Users\Public\Desktop\Avast Cleanup Premium.lnk
2019-02-07 05:36 - 2019-02-07 05:51 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2019-02-07 05:36 - 2019-02-07 05:36 - 000003496 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineUA
2019-02-07 05:36 - 2019-02-07 05:36 - 000003372 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineCore
2019-02-07 05:36 - 2019-02-07 05:36 - 000002594 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-02-07 05:36 - 2019-02-07 05:36 - 000002559 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-02-07 05:35 - 2019-02-07 05:51 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\AVAST Software
2019-02-07 05:35 - 2019-02-07 05:36 - 000000000 ____D C:\Users\Tomáš\AppData\Local\AVAST Software
2019-02-07 05:34 - 2019-02-07 05:59 - 000000000 ____D C:\Program Files\AVAST Software
2019-02-07 04:15 - 2019-02-07 04:15 - 000000000 ____D C:\Users\Tomáš\Downloads\AVG Internet Security
2019-02-04 11:42 - 2019-02-27 12:55 - 000002242 _____ C:\WINDOWS\System32\Tasks\RogueKiller Anti-Malware
2019-02-04 11:42 - 2019-02-04 11:42 - 033418296 _____ C:\Users\Tomáš\Downloads\RogueKiller_portable64.exe
2019-02-04 06:58 - 2019-02-04 06:58 - 000000000 ____D C:\Users\Tomáš\AppData\Local\mbamtray
2019-02-04 06:58 - 2019-02-04 06:58 - 000000000 ____D C:\Users\Tomáš\AppData\Local\mbam
2019-02-04 05:41 - 2019-02-08 22:08 - 000000000 ____D C:\Users\Tomáš\Downloads\Avast Premier
2019-02-04 04:49 - 2019-02-27 12:55 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-02-04 04:49 - 2019-02-04 04:49 - 000053904 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2019-02-04 04:49 - 2019-02-04 04:49 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-02-04 04:46 - 2019-02-07 14:33 - 000000000 ____D C:\ProgramData\AVAST Software
2019-02-04 04:45 - 2019-02-27 08:09 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-03 20:36 - 2019-02-03 20:36 - 000000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2019-02-03 01:04 - 2019-02-27 08:19 - 087031808 _____ C:\WINDOWS\system32\config\SOFTWARE
2019-02-03 01:04 - 2019-02-27 08:19 - 005242880 _____ C:\WINDOWS\system32\config\DEFAULT
2019-02-03 01:04 - 2019-02-27 08:19 - 000045056 _____ C:\WINDOWS\system32\config\SECURITY
2019-02-03 01:04 - 2019-02-27 08:19 - 000028672 _____ C:\WINDOWS\system32\config\SAM
2019-02-03 00:29 - 2019-02-04 04:42 - 000000000 ____D C:\Users\Tomáš\Downloads\ESET Smart Security 12
2019-01-31 18:54 - 2019-01-31 18:54 - 000000752 _____ C:\WINDOWS\SysWOW64\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
2019-01-31 18:29 - 2019-01-31 18:29 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\ProtonVPN AG
2019-01-31 18:29 - 2019-01-31 18:29 - 000000000 ____D C:\Users\Tomáš\AppData\Local\ProtonVPN
2019-01-31 18:29 - 2019-01-31 18:29 - 000000000 ____D C:\Users\Tomáš\AppData\Local\IsolatedStorage
2019-01-31 11:28 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-31 11:26 - 2019-02-03 00:16 - 000000000 ____D C:\Program Files\Common Files\AV
2019-01-31 11:25 - 2019-01-31 18:51 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-01-31 11:22 - 2019-01-31 11:24 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-27 14:05 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-27 12:36 - 2018-08-13 05:52 - 000000000 ____D C:\Users\Tomáš\AppData\Local\D3DSCache
2019-02-27 12:36 - 2018-08-12 08:14 - 000000000 ____D C:\Program Files (x86)\Steam
2019-02-27 11:32 - 2018-08-13 05:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-27 09:03 - 2018-08-12 08:43 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\Origin
2019-02-27 09:03 - 2018-08-12 08:43 - 000000000 ____D C:\ProgramData\Origin
2019-02-27 09:02 - 2018-08-13 05:49 - 000000000 ____D C:\Users\Tomáš
2019-02-27 08:55 - 2019-01-26 23:01 - 000000000 ____D C:\Users\Tomáš\Downloads\Nepozerané Filmy
2019-02-27 08:52 - 2019-01-14 13:51 - 000000000 ____D C:\Users\Tomáš\Desktop\Cheaty
2019-02-27 08:41 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-02-27 08:25 - 2019-01-04 04:03 - 000646944 _____ C:\WINDOWS\system32\perfh01B.dat
2019-02-27 08:25 - 2019-01-04 04:03 - 000122342 _____ C:\WINDOWS\system32\perfc01B.dat
2019-02-27 08:25 - 2018-08-12 04:16 - 001521674 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-27 08:25 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-02-27 08:19 - 2018-08-13 05:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-27 08:19 - 2018-08-12 05:13 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-02-27 08:19 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-02-27 08:08 - 2018-12-07 02:39 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\BitTorrent
2019-02-27 05:00 - 2019-01-02 20:49 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\vlc
2019-02-27 04:59 - 2018-08-21 06:53 - 000000000 ____D C:\Users\Tomáš\AppData\Local\CrashDumps
2019-02-26 14:09 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-25 23:50 - 2018-08-17 08:16 - 000000000 ____D C:\Users\Tomáš\Documents\My Games
2019-02-22 10:19 - 2018-08-12 08:44 - 000000000 ____D C:\Program Files (x86)\Origin
2019-02-15 15:52 - 2018-08-12 07:35 - 000000000 ____D C:\Program Files\rempl
2019-02-14 17:33 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-14 17:33 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-14 17:33 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-02-14 17:33 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-14 17:33 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-14 17:33 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-14 01:18 - 2018-11-13 20:41 - 000000000 ____D C:\Users\Tomáš\Desktop\Biela Magia
2019-02-13 11:26 - 2018-08-12 07:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-13 11:25 - 2018-08-12 07:35 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-12 20:17 - 2018-11-01 21:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 6
2019-02-10 23:18 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Registration
2019-02-10 18:39 - 2018-08-12 04:13 - 000000000 ____D C:\Users\Tomáš\AppData\Local\Packages
2019-02-10 15:20 - 2018-08-12 04:14 - 000000000 ___RD C:\Users\Tomáš\OneDrive
2019-02-08 13:17 - 2018-08-13 06:08 - 000000000 ____D C:\ProgramData\Packages
2019-02-07 10:54 - 2018-08-13 05:51 - 000002262 _____ C:\WINDOWS\System32\Tasks\StartCN
2019-02-07 07:10 - 2018-04-11 22:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-02-07 06:24 - 2018-11-01 21:14 - 000002450 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Tomáš)
2019-02-07 05:53 - 2019-01-02 20:49 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-02-07 05:43 - 2018-08-12 05:04 - 000000000 ____D C:\Program Files (x86)\Google
2019-02-07 04:57 - 2018-10-10 16:14 - 000061624 _____ (EnigmaSoft Limited) C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys
2019-02-07 04:57 - 2018-09-25 19:58 - 000000000 ____D C:\Users\Tomáš\AppData\Local\Avg
2019-02-07 04:57 - 2018-09-25 19:58 - 000000000 ____D C:\ProgramData\Avg
2019-02-07 04:55 - 2018-09-25 19:59 - 000000000 ____D C:\Program Files (x86)\AVG
2019-02-04 05:03 - 2018-08-12 05:32 - 000000641 _____ C:\Users\Tomáš\Documents\E-mail.txt
2019-02-03 01:04 - 2018-11-14 20:10 - 079917056 _____ C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2019-02-03 01:04 - 2018-11-14 20:10 - 006381568 _____ C:\WINDOWS\system32\config\DRIVERS.iodefrag.bak
2019-02-03 01:04 - 2018-11-14 20:10 - 000581632 _____ C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2019-02-03 01:04 - 2018-11-14 20:10 - 000045056 _____ C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2019-02-03 01:04 - 2018-11-14 20:10 - 000028672 _____ C:\WINDOWS\system32\config\SAM.iodefrag.bak
2019-02-03 00:31 - 2019-01-04 02:36 - 000000000 ____D C:\Users\Tomáš\AppData\Local\ESET
2019-01-31 18:48 - 2019-01-27 23:18 - 000000000 ____D C:\Users\Tomáš
2019-01-31 14:38 - 2019-01-18 20:46 - 000000906 _____ C:\Users\Tomáš\Desktop\Ritual č.2 Kupiť.txt
2019-01-31 11:21 - 2018-09-09 20:08 - 000000000 ____D C:\ProgramData\ProductData
2019-01-29 22:18 - 2019-01-06 01:35 - 000000000 ____D C:\Users\Tomáš\AppData\Local\SquirrelTemp
2019-01-29 22:18 - 2018-04-12 00:41 - 000000000 ____D C:\WINDOWS\Setup
2019-01-29 22:18 - 2018-04-12 00:38 - 000000000 __RSD C:\WINDOWS\media
2019-01-29 22:18 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\security
2019-01-29 22:18 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\IME
2019-01-29 22:18 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Help
==================== Files in the root of some directories =======
2019-01-26 22:28 - 2019-01-26 22:28 - 000315073 _____ () C:\Users\Tomáš\AppData\Local\ars.cache
2019-01-26 22:29 - 2019-01-26 22:29 - 000726947 _____ () C:\Users\Tomáš\AppData\Local\census.cache
2019-01-26 22:17 - 2019-01-26 22:17 - 000000036 _____ () C:\Users\Tomáš\AppData\Local\housecall.guid.cache
2019-01-26 22:21 - 2019-01-26 22:21 - 000000010 _____ () C:\Users\Tomáš\AppData\Local\sponge.last.runtime.cache
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-08-13 05:47
==================== End of FRST.txt ============================
Re: Avast stále vypisuje že našiel malware
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.02.2019 01
Ran by Tomáš (27-02-2019 14:13:00)
Running from C:\Users\Tomáš\Desktop
Windows 10 Home Version 1803 17134.590 (X64) (2018-08-13 04:51:55)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-835003961-1480024946-725988966-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-835003961-1480024946-725988966-503 - Limited - Disabled)
Guest (S-1-5-21-835003961-1480024946-725988966-501 - Limited - Disabled)
Tomáš (S-1-5-21-835003961-1480024946-725988966-1001 - Administrator - Enabled) => C:\Users\Tomáš
WDAGUtilityAccount (S-1-5-21-835003961-1480024946-725988966-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.8.1 - Advanced Micro Devices, Inc.)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 18.3.6507 - AVAST Software)
Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 71.0.1037.99 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.59.24655 - Electronic Arts)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0466 - Disc Soft Ltd)
Dead Rising 4 (HKLM-x32\...\Dead Rising 4_is1) (Version: - )
Far Cry New Dawn (HKLM-x32\...\Far Cry New Dawn_is1) (Version: - )
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Metro Exodus (HKLM-x32\...\{F25D08D9-EBE0-4C15-AAD2-50B446E85B17}_is1) (Version: - 4A Games)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.34.21025 - Electronic Arts, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.0.30.51 - EnigmaSoft Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 66.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinRAR 5.60 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
Wise Registry Cleaner 10.1.4 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 10.1.4 - WiseCleaner.com, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-835003961-1480024946-725988966-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-08-02] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09EFE955-9990-488B-A16B-063A207A2CE5} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {1470E9B1-88C6-4A39-910E-0A9997BDB866} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {18700A2B-EE07-46F2-8A4C-1A3514C8F85D} - System32\Tasks\RogueKiller Anti-Malware => C:\Users\Tomáš\Downloads\RogueKiller_portable64.exe (Adlice -> )
Task: {2F9EA34B-9C87-42DE-B2BC-DA3D367306C8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {5567185A-564E-448A-ACFE-C55F9D03637A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6AA57369-72B3-4DF3-9994-99E5FF05842E} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {92282E9B-F6FB-42B1-8830-7B0F8BBBA180} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {B037C8BA-F072-41E5-AFA7-33170AD38398} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {CCC87746-8CAD-424C-BAB1-903ED22D0CF4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {D119F6FF-F364-4705-A425-4D884BC51699} - System32\Tasks\Driver Booster SkipUAC (Tomáš) => C:\Program Files (x86)\IObit\Driver Booster\6.1.0\DriverBooster.exe
Task: {D2ADD8BB-BF5F-4AEA-829B-2A5AC7317F0B} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe (Lespeed Technology Ltd. -> WiseCleaner.com)
Task: {F5EC09C6-3DFC-4639-837D-E5D46139CEAE} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-08-02 17:12 - 2018-08-02 17:12 - 000148992 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\SYSTEM32\amdihk64.dll
2018-08-02 17:21 - 2018-08-02 17:21 - 001435136 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiacm64.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 000211456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 000116224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebChannel.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 054063616 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 000068096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 000709120 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Multimedia.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 000045568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 001252864 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icuuc58.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 003390976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Quick.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 000207360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Positioning.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 003515904 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Qml.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 000002560 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icudt58.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Origin\libEGL.DLL
2019-02-22 10:19 - 2018-08-12 08:44 - 003090944 _____ () [File not signed] C:\Program Files (x86)\Origin\libGLESv2.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qgif.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qico.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 000256512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtga.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 000305152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2019-02-22 10:19 - 2018-08-12 08:44 - 000278016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\mediaservice\dsengine.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> http://www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> http://www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> http://www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> http://www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> http://www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> http://www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> http://www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> http://www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> http://www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> http://www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> http://www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> http://www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> http://www.123simsen.com
There are 7865 more sites.
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\008k.com -> http://www.008k.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\00hq.com -> http://www.00hq.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\0scan.com -> http://www.0scan.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\1-2005-search.com -> http://www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\1-domains-registrations.com -> http://www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\1000gratisproben.com -> http://www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\1001namen.com -> http://www.1001namen.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\100sexlinks.com -> http://www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\10sek.com -> http://www.10sek.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\123fporn.info -> http://www.123fporn.info
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\123haustiereundmehr.com -> http://www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\123moviedownload.com -> http://www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\123simsen.com -> http://www.123simsen.com
There are 7865 more sites.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 08:24 - 2019-02-09 20:22 - 000450623 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 http://www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 http://www.008k.com
127.0.0.1 008k.com
127.0.0.1 http://www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 http://www.032439.com
127.0.0.1 032439.com
127.0.0.1 http://www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 http://www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 http://www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 http://www.100888290cs.com
127.0.0.1 http://www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 http://www.10sek.com
127.0.0.1 http://www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 http://www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 http://www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 http://www.123moviedownload.com
There are 15459 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-835003961-1480024946-725988966-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomáš\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\anonymous-hd-wallpaper-1920x1080-7297855.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "Ashampoo WinOptimizer Live-Tuner2"
HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\StartupApproved\Run: => "RogueKiller Anti-Malware"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1230FE20-B166-4B02-BB74-1BA64642136F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E895B571-7874-44FA-A492-0DBB2F14E99C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7D01781A-A565-4508-8FDF-C77E078079FF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{365D9B7D-9054-471E-8932-E0446EEEBD9F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D85466A6-2460-405E-A10A-F5F820A6440A}] => (Allow) E:\Counter Strike Global Offensive\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{91759AD4-518D-450B-893D-D20561587C85}] => (Allow) E:\Counter Strike Global Offensive\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{51E80CB4-89FC-46C8-8F94-825A7F809CD2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{EB214F12-6A40-46DB-9731-D44CECA08569}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{99579B5D-BAFA-467D-A07F-ED3FF2831809}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{7D9BE500-8FC7-48F4-B991-9EEB083ADC90}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
13-02-2019 11:25:15 Windows Update
21-02-2019 17:59:07 Scheduled Checkpoint
27-02-2019 07:22:03 AA11
27-02-2019 07:27:27 AA11
27-02-2019 08:10:02 AA11
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/27/2019 08:22:08 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Malwarebytes status to SECURITY_PRODUCT_STATE_EXPIRED.
Error: (02/27/2019 08:10:14 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.
Error: (02/27/2019 08:09:11 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (5648,R,98) WebCacheLocal: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Users\Tomáš\AppData\Local\Microsoft\Windows\WebCache\V010001E.log.
Error: (02/27/2019 07:27:36 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.
Error: (02/27/2019 07:27:36 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.
Error: (02/27/2019 07:27:36 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.
Error: (02/27/2019 04:59:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: csgo.exe, verzia: 0.0.0.0, časová značka: 0x5c058004
Názov chybujúceho modulu: materialsystem.dll, verzia: 0.0.0.0, časová značka: 0x5c634c3b
Kód výnimky: 0xc0000005
Odstup chyby: 0x0009d658
Identifikácia chybujúceho procesu: 0x3cf0
Čas spustenia chybujúcej aplikácie: 0x01d4ce506b88c409
Cesta chybujúcej aplikácie: E:\Counter Strike Global Offensive\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Cesta chybujúceho modulu: e:\counter strike global offensive\steamapps\common\counter-strike global offensive\bin\materialsystem.dll
Identifikácia hlásenia: cbbfbbd1-80c9-47a7-a2b4-120d5bd7f3dc
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (02/26/2019 05:26:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: csgo.exe, verzia: 0.0.0.0, časová značka: 0x5c058004
Názov chybujúceho modulu: materialsystem.dll, verzia: 0.0.0.0, časová značka: 0x5c634c3b
Kód výnimky: 0xc0000005
Odstup chyby: 0x0009d658
Identifikácia chybujúceho procesu: 0x3c64
Čas spustenia chybujúcej aplikácie: 0x01d4cd7df0b84b56
Cesta chybujúcej aplikácie: E:\Counter Strike Global Offensive\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Cesta chybujúceho modulu: e:\counter strike global offensive\steamapps\common\counter-strike global offensive\bin\materialsystem.dll
Identifikácia hlásenia: 10dc8e6e-6a58-489a-ad89-1945351d79ea
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
System errors:
=============
Error: (02/27/2019 12:41:17 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5TKCKME)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-5TKCKME\Tomáš SID (S-1-5-21-835003961-1480024946-725988966-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/27/2019 12:36:02 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5TKCKME)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-5TKCKME\Tomáš SID (S-1-5-21-835003961-1480024946-725988966-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/27/2019 09:42:13 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5TKCKME)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-5TKCKME\Tomáš SID (S-1-5-21-835003961-1480024946-725988966-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/27/2019 08:20:45 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5TKCKME)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-5TKCKME\Tomáš SID (S-1-5-21-835003961-1480024946-725988966-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/27/2019 08:19:50 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5TKCKME)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-5TKCKME\Tomáš SID (S-1-5-21-835003961-1480024946-725988966-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/27/2019 08:19:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby AdvancedSystemCareService12 zlyhalo kvôli nasledujúcej chybe:
The system cannot find the path specified.
Error: (02/27/2019 08:19:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Avast Cleanup Premium zlyhalo kvôli nasledujúcej chybe:
The pipe has been ended.
Error: (02/27/2019 08:18:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast Cleanup Premium sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 5000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Windows Defender:
===================================
Date: 2019-01-31 16:34:19.103
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:MSIL/Uflooder.C!bit
ID: 2147709445
Severity: Vysoká
Category: Nástroj
Path: file:_C:\Users\Tomáš\Downloads\LOIC\LOIC.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\WinRAR\WinRAR.exe
Signature Version: AV: 1.285.509.0, AS: 1.285.509.0, NIS: 1.285.509.0
Engine Version: AM: 1.1.15600.4, NIS: 1.1.15600.4
Date: 2019-01-31 11:14:14.094
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: SoftwareBundler:Win32/Prepscram
ID: 226289
Severity: Vysoká
Category: Softvérový balík
Path: containerfile:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip; file:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip->original_keys__crack.zip->original/original_keys__crack.exe; webfile:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip|about:internet|pid:4744,ProcessStart:131933998711529703
Detection Origin: Internet
Detection Type: Concrete
Detection Source: Downloads and attachments
Process Name: Unknown
Signature Version: AV: 1.285.509.0, AS: 1.285.509.0, NIS: 1.285.509.0
Engine Version: AM: 1.1.15600.4, NIS: 1.1.15600.4
Date: 2019-01-31 11:14:14.093
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Woreflint.A!cl
ID: 2147723317
Severity: Závažná
Category: Trójsky kôň
Path: containerfile:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip; file:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip->original_keys_crack.zip->original_keys.exe; webfile:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip|about:internet|pid:4744,ProcessStart:131933998711529703
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Signature Version: AV: 1.285.509.0, AS: 1.285.509.0, NIS: 1.285.509.0
Engine Version: AM: 1.1.15600.4, NIS: 1.1.15600.4
Date: 2019-01-31 10:06:25.188
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Occamy.C
ID: 2147726780
Severity: Závažná
Category: Trójsky kôň
Path: file:_C:\Users\Tomáš\Desktop\Cheaty\New cheats 7.12.18 Glow Esp-KUB4Z\glow esp 12.7.2018 (Danger Zone Update).exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Signature Version: AV: 1.285.509.0, AS: 1.285.509.0, NIS: 1.285.509.0
Engine Version: AM: 1.1.15600.4, NIS: 1.1.15600.4
Date: 2019-01-29 21:56:09.617
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: SoftwareBundler:Win32/Prepscram.D
ID: 239500
Severity: Vysoká
Category: Softvérový balík
Path: file:_C:\Users\Tomáš\Downloads\Auslogics Anti-Malware 1190 License Key Download HERE.exe.rename; webfile:_C:\Users\Tomáš\Downloads\Auslogics Anti-Malware 1190 License Key Download HERE.exe.rename|http://popcorn.directioncable.pw/311403 ... 8632208481
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Signature Version: AV: 1.285.398.0, AS: 1.285.398.0, NIS: 1.285.398.0
Engine Version: AM: 1.1.15600.4, NIS: 1.1.15600.4
CodeIntegrity:
===================================
Date: 2019-02-07 05:43:11.418
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.
Date: 2019-02-07 05:43:10.427
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.
Date: 2019-02-03 00:14:03.644
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-03 00:04:17.302
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-02 23:50:16.619
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-02 23:47:46.792
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-02 23:42:16.563
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-02 23:37:35.389
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD Ryzen 7 1700 Eight-Core Processor
Percentage of memory in use: 23%
Total physical RAM: 16335.98 MB
Available physical RAM: 12526.2 MB
Total Virtual: 18767.98 MB
Available Virtual: 13754.91 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.24 GB) (Free:30.21 GB) NTFS
Drive e: () (Fixed) (Total:931.5 GB) (Free:83.78 GB) NTFS
\\?\Volume{b409df67-447f-4090-b71c-035c8eaa3d4a}\ (Obnovenie) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{a2ef93c4-b627-407e-9fbf-e88d55849c0d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 1BD81BD8)
Partition: GPT.
==================== End of Addition.txt ============================
Re: Avast stále vypisuje že našiel malware
Do poznamkoveho bloku skopirujte obsah dole:Kód: Vybrat vše
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
S4 IMFMBRProtect; no ImagePath
S4 IMFSafeBox; no ImagePath
2019-01-31 11:25 - 2019-01-31 18:51 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-01-31 11:22 - 2019-01-31 11:24 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2019-01-31 11:26 - 2019-02-03 00:16 - 000000000 ____D C:\Program Files\Common Files\AV
2019-01-31 18:54 - 2019-01-31 18:54 - 000000752 _____ C:\WINDOWS\SysWOW64\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
2019-02-09 20:19 - 2019-02-10 18:40 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Avast stále vypisuje že našiel malware
Nenaštartovalo PC ale zobrazilo log.
Fix result of Farbar Recovery Scan Tool (x64) Version: 25.02.2019 01
Ran by Tomáš (27-02-2019 15:48:18) Run:1
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: Tomáš (Available Profiles: Tomáš)
Boot Mode: Normal
==============================================
fixlist content:
*****************
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
S4 IMFMBRProtect; no ImagePath
S4 IMFSafeBox; no ImagePath
2019-01-31 11:25 - 2019-01-31 18:51 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-01-31 11:22 - 2019-01-31 11:24 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2019-01-31 11:26 - 2019-02-03 00:16 - 000000000 ____D C:\Program Files\Common Files\AV
2019-01-31 18:54 - 2019-01-31 18:54 - 000000752 _____ C:\WINDOWS\SysWOW64\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
2019-02-09 20:19 - 2019-02-10 18:40 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
*****************
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\System\CurrentControlSet\Services\IMFMBRProtect => removed successfully
IMFMBRProtect => service removed successfully
HKLM\System\CurrentControlSet\Services\IMFSafeBox => removed successfully
IMFSafeBox => service removed successfully
C:\ProgramData\Kaspersky Lab => moved successfully
C:\ProgramData\Kaspersky Lab Setup Files => moved successfully
C:\Program Files\Common Files\AV => moved successfully
C:\WINDOWS\SysWOW64\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile => moved successfully
C:\ProgramData\Spybot - Search & Destroy => moved successfully
==== End of Fixlog 15:48:18 ====
Re: Avast stále vypisuje že našiel malware
ako je na tom pocitac
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Avast stále vypisuje že našiel malware
Už avast nič nevypisuje dakujem za pomoc.
Re: Avast stále vypisuje že našiel malware
nemate zac :]]
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Přispějete na provoz fóra?