Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2019
Ran by Richard (administrator) on GALLAS (Hewlett-Packard HP 15 Notebook PC) (06-06-2019 20:54:05)
Running from C:\Users\Richard\Desktop
Loaded Profiles: Richard & (Available Profiles: Richard & Administrator)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\EAC MW klient\eIDCertPropagator.exe
() [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\Vpn.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Disig a.s. -> Disig a.s.) C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Ministerstvo vnútra Slovenskej republiky -> Ministerstvo vnútra Slovenskej republiky) C:\Program Files (x86)\EAC MW klient\EAC_MW_klient.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SafeNet Canada, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplms.exe
(SafeNet Canada, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplmv.exe
(Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7535832 2014-02-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-19] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-10-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [EAC_MW_klient] => C:\Program Files (x86)\EAC MW klient\EAC_MW_klient.exe [10600336 2019-03-18] (Ministerstvo vnútra Slovenskej republiky -> Ministerstvo vnútra Slovenskej republiky)
HKLM-x32\...\Run: [eIDCertPropagator] => C:\Program Files (x86)\EAC MW klient\eIDCertPropagator.exe [533504 2019-01-17] () [File not signed]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-10-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002\...\Run: [AvastBrowserAutoLaunch_FEC1B1EBE9D1F5B302899B220563DBD4] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002\...\RunOnce: [Uninstall C:\Users\Richard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-10-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\Run: [AvastBrowserAutoLaunch_FEC1B1EBE9D1F5B302899B220563DBD4] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\RunOnce: [Uninstall C:\Users\Richard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\RunOnce: [Uninstall 19.043.0304.0007\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\19.043.0304.0007\amd64"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\RunOnce: [Uninstall 19.043.0304.0007] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\19.043.0304.0007"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-10-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\Run: [AvastBrowserAutoLaunch_FEC1B1EBE9D1F5B302899B220563DBD4] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\RunOnce: [Uninstall C:\Users\Richard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\RunOnce: [Uninstall 19.043.0304.0007\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\19.043.0304.0007\amd64"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\RunOnce: [Uninstall 19.043.0304.0007] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\19.043.0304.0007"
HKU\S-1-5-21-4070732696-2307962366-2096404084-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084023999\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1714952 2013-10-16] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-4070732696-2307962366-2096404084-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084023999\...\Run: [WindowsWelcomeCenter] => C:\WINDOWS\system32\oobefldr.dll [630784 2014-03-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.80\Installer\chrmstp.exe [2019-06-05] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.132\Installer\chrmstp.exe [2019-05-31] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-03-07] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-03-15]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine.lnk [2019-03-15]
ShortcutTarget: Avast SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Web Signer.lnk [2019-01-29]
ShortcutTarget: Web Signer.lnk -> C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe (Disig a.s. -> Disig a.s.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0955BD0D-3644-4BD6-B602-04CB9958EB6F} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [339008 2013-03-12] (CyberLink Corp. -> CyberLink Corp.)
Task: {29D13C42-15FF-4A96-A1B6-959F59956877} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
Task: {2B907BCD-542C-4D28-91A3-521FB2FECCBF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {394D1DBC-A520-45F5-928B-83CA7ECD2F19} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [603008 2012-11-29] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {41AFE415-DC62-4281-AAB8-6DF09AD42D31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-20] (Google Inc -> Google Inc.)
Task: {4CF4DEE6-D976-4A5F-A34A-AAEA47BD1AC6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008 2014-01-13] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {4DA5BAF9-2D9F-47B8-8C75-02EBCA532C85} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803440 2013-12-13] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {76A60A7F-71C6-4BE2-8B60-52DBE0430404} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {836FD934-48D2-4BB1-BB55-40A53DE56CBB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CF64658-B606-498F-B226-1893F00B5C85} - System32\Tasks\AutoPico Daily Restart => F:\ALL [Argument = MS OFFICE WINDOWS PERNAMEN ACTIVATOR!\AutoPico.exe /silent]
Task: {9C37F18C-D5A0-4154-84A5-C46B33EDFC80} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {B2136804-334A-4A32-B737-A35D121E9AF5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {BBA14721-7986-42DF-8383-980F4A4077F2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE472F04-ED83-4320-AF15-C8A6AB9784E6} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink Corp. -> CyberLink)
Task: {BEBD267A-5DD9-45DA-A009-3EE10975047F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CA68711C-8005-4407-8EF4-F38F28EFFB1D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {D2DD6048-E665-4083-864B-78589C654C0E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-20] (Google Inc -> Google Inc.)
Task: {D3A3DE02-3E8C-4FA8-96BC-C9044F817374} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
Task: {DC1E8BBE-CACA-4773-B5E1-B456B6D1807D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {DCC9B246-5ECC-4852-876C-B2BC9EF5B69F} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-03-07] (CyberLink Corp. -> CyberLink Corp.)
Task: {E1D14C60-9865-4379-9710-EA248E288927} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008 2014-01-13] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {E78EEBDB-7E94-4256-B73D-ADDE9BB45902} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {E96CFD85-3DF8-4FDD-A34F-DE24A0FC7C03} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-05-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {ED218458-A557-47FE-AAB0-D40FB8BACEC4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2281944 2019-06-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {FFAE4807-7565-4B83-94A2-85F111C362DD} - System32\Tasks\Avast SecureLine Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe [1398208 2019-05-24] (AVAST Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{39487A7D-9E4F-40BE-A565-0D457B9D8633}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E58A1CCD-A04A-4804-A96D-CEA4CBE43774}: [DhcpNameServer] 172.16.0.1
HKLM\System\...\Parameters\PersistentRoutes: [100.100.0.10,255.255.255.255,0.0.0.0,1]
Internet Explorer:
==================
SearchScopes: HKLM -> {D451AF2A-C3FF-4A85-8AE5-234189038854} URL = hxxp://
www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {D451AF2A-C3FF-4A85-8AE5-234189038854} URL = hxxp://
www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-4070732696-2307962366-2096404084-1002 -> {D451AF2A-C3FF-4A85-8AE5-234189038854} URL = hxxp://
www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514 -> {D451AF2A-C3FF-4A85-8AE5-234189038854} URL = hxxp://
www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218 -> {D451AF2A-C3FF-4A85-8AE5-234189038854} URL = hxxp://
www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-28] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-28] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2019-01-14] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2019-01-15] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2016-12-15] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL [2016-12-15] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2019-01-15] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2019-01-15] (DITEC, a.s. -> Ditec,a.s.)
Chrome:
=======
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default [2019-06-06]
CHR Extension: (Prezentácie) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-20]
CHR Extension: (Dokumenty) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-20]
CHR Extension: (Disk Google) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-20]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-20]
CHR Extension: (Tabuľky) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-20]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (AdBlock) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-06-02]
CHR Extension: (Avast Online Security) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-05-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-20]
CHR Extension: (Disig Web Signer 1.0.7) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbdbcaekkgabdfaabepfjgiooilmaoe [2019-01-29]
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-06]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [odbdbcaekkgabdfaabepfjgiooilmaoe] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [140288 2014-04-17] () [File not signed]
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [240128 2014-04-18] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-19] (AVAST Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-08-07] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-19] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.132\elevation_service.exe [1079424 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10267576 2019-05-23] (AVAST Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3730024 2018-10-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [3500552 2018-07-18] (SafeNet Canada, Inc. -> SafeNet, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-02-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [6688232 2019-03-28] (AVAST Software s.r.o. -> AVAST Software)
R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [51712 2014-02-25] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2014-05-15] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-05-15] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 akshasp; C:\WINDOWS\system32\DRIVERS\akshasp.sys [87832 2018-07-18] (SafeNet, Inc. -> SafeNet, Inc.)
S3 akshhl; C:\WINDOWS\system32\DRIVERS\akshhl.sys [69640 2018-07-18] (SafeNet Canada, Inc. -> SafeNet, Inc.)
S3 aksusb; C:\WINDOWS\system32\DRIVERS\aksusb.sys [323600 2018-07-18] (SafeNet Canada, Inc. -> SafeNet, Inc.)
R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [17640 2013-10-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [85704 2014-02-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [13939712 2014-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [628224 2014-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [230088 2014-02-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
S0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-06-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [207448 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [262496 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [205848 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61472 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
S1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279120 2019-06-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167872 2019-06-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477584 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225608 2019-06-03] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\system32\DRIVERS\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385880 2019-05-31] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [3858944 2013-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWB6.sys [222720 2014-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-10-06] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-10-06] (Disc Soft Ltd -> Disc Soft Ltd)
S3 GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [137712 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [1971208 2018-07-18] (SafeNet Canada, Inc. -> SafeNet, Inc.)
S2 Haspnt; C:\WINDOWS\SysWOW64\drivers\Haspnt.sys [132608 2007-05-22] () [File not signed]
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-05-13] (Malwarebytes Corporation -> Malwarebytes)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [35856 2014-05-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [237400 2014-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [124760 2014-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 WinDivert1.1; C:\WINDOWS\files\bin\x64WDV\WinDivert.sys [35376 2013-12-03] (Nemea Mjukvaruutveckling AB -> Basil Projects)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-06 20:54 - 2019-06-06 20:55 - 000039486 _____ C:\Users\Richard\Desktop\FRST.txt
2019-06-06 20:53 - 2019-06-06 20:53 - 000000000 ____D C:\Users\Richard\Desktop\FRST-OlderVersion
2019-06-06 20:50 - 2019-06-06 20:50 - 007025360 _____ (Malwarebytes) C:\Users\Richard\Downloads\adwcleaner_7.3.exe
2019-06-03 13:36 - 2019-06-03 13:36 - 000235075 _____ C:\Users\Richard\Downloads\SAM1_OKRUH_OTAZOK_NA_SKUSKU.pdf
2019-06-02 20:26 - 2019-06-02 20:26 - 000002026 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-06-02 20:24 - 2019-06-02 20:23 - 000279120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-06-02 20:24 - 2019-06-02 20:23 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-06-02 20:24 - 2019-05-21 20:54 - 000363400 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-05-28 15:54 - 2019-05-28 15:54 - 003338786 _____ C:\Users\Richard\Downloads\SAM_Skúška.pdf
2019-05-28 15:54 - 2019-05-28 15:54 - 002080185 _____ C:\Users\Richard\Downloads\Geodézia_2_Ústna-skúška.pdf
2019-05-26 13:57 - 2019-05-26 13:57 - 000770317 _____ C:\Users\Richard\Downloads\TESTY-Geodézia.pdf
2019-05-26 11:17 - 2019-05-26 11:17 - 020017719 _____ C:\Users\Richard\Downloads\všetko-v-kope.pdf
2019-05-23 11:12 - 2019-05-23 11:12 - 003011295 _____ C:\Users\Richard\Downloads\GEODEZIA_2_8_prednáška_8.pptx
2019-05-23 11:12 - 2019-05-23 11:12 - 000928768 _____ C:\Users\Richard\Downloads\GEODEZIA_2_9_prednáška_9.ppt
2019-05-19 16:39 - 2019-05-19 16:39 - 004941096 _____ C:\Users\Richard\Downloads\190516 (1).zip
2019-05-19 16:39 - 2019-05-19 16:39 - 004768202 _____ C:\Users\Richard\Downloads\190520 (1).zip
2019-05-19 16:19 - 2019-05-19 16:19 - 000179685 _____ C:\Users\Richard\Downloads\Pracovne_listy_15_16 (1).pdf
2019-05-19 11:28 - 2019-05-19 11:28 - 000101743 _____ C:\Users\Richard\Downloads\Pracovne_listy_19_22_2019 (3).ppsx
2019-05-19 11:27 - 2019-05-19 11:27 - 000101743 _____ C:\Users\Richard\Downloads\Pracovne_listy_19_22_2019 (2).ppsx
2019-05-18 23:06 - 2019-05-18 23:06 - 002505227 _____ C:\Users\Richard\Downloads\cylindricka_priklady_2019 (1).ppsx
2019-05-18 23:05 - 2019-05-18 23:05 - 002505227 _____ C:\Users\Richard\Downloads\cylindricka_priklady_2019.ppsx
2019-05-18 20:58 - 2019-05-18 20:59 - 086363912 _____ (OCAD AG) C:\Users\Richard\Downloads\OCAD_2019_TRIAL_Setup (1).exe
2019-05-18 16:58 - 2019-05-18 16:58 - 000409944 _____ C:\Users\Richard\Downloads\Linearna_sikma_stud_2019 (1).ppsx
2019-05-18 16:58 - 2019-05-18 16:58 - 000074778 _____ C:\Users\Richard\Downloads\Pracovne_listy_3_4_2019 (1).pptx
2019-05-18 16:50 - 2019-05-18 16:58 - 000111410 _____ C:\Users\Richard\Downloads\Pracovne_listy_3_4_2019.pptx
2019-05-18 15:44 - 2019-06-05 20:41 - 000000000 ____D C:\Users\Richard\Desktop\2. semester
2019-05-18 11:18 - 2019-05-18 11:18 - 000086718 _____ C:\Users\Richard\Downloads\SkuskovaPisomka.pdf
2019-05-18 10:53 - 2019-05-18 10:54 - 004768202 _____ C:\Users\Richard\Downloads\190520.zip
2019-05-18 10:53 - 2019-05-18 10:53 - 004941096 _____ C:\Users\Richard\Downloads\190516.zip
2019-05-15 16:50 - 2019-05-15 16:50 - 000284192 _____ C:\Users\Richard\Downloads\Sfericka_trigonometria.pdf
2019-05-15 16:27 - 2019-06-05 22:48 - 000003370 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-15 16:27 - 2019-06-05 22:48 - 000003242 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-13 08:36 - 2019-05-13 08:36 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-06 20:56 - 2018-10-06 20:12 - 000000000 ____D C:\Users\Richard\Desktop\stahovanie
2019-06-06 20:54 - 2019-04-06 20:30 - 000000000 ____D C:\FRST
2019-06-06 20:53 - 2019-04-06 20:29 - 002417664 _____ (Farbar) C:\Users\Richard\Desktop\FRST64.exe
2019-06-06 20:51 - 2018-10-06 20:12 - 000000000 ____D C:\Users\Richard\AppData\Roaming\uTorrent
2019-06-06 20:51 - 2018-10-06 20:07 - 000000000 ____D C:\Users\Richard\AppData\Roaming\DAEMON Tools Lite
2019-06-06 20:50 - 2019-03-15 21:46 - 000167872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-06-06 20:46 - 2017-08-29 14:42 - 000000000 ____D C:\Users\Richard\Documents\Youcam
2019-06-05 22:48 - 2019-04-07 18:33 - 000003406 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2019-06-05 22:48 - 2018-10-27 17:52 - 000004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-06-05 22:48 - 2018-10-07 09:20 - 000003174 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4070732696-2307962366-2096404084-1002
2019-06-05 22:48 - 2018-10-06 20:49 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-06-05 22:48 - 2018-10-06 20:27 - 000004128 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-06-05 22:48 - 2018-10-06 20:27 - 000002790 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-06-05 22:48 - 2014-05-14 21:14 - 000003160 _____ C:\WINDOWS\System32\Tasks\CLVDLauncher
2019-06-05 22:48 - 2014-05-14 21:14 - 000003160 _____ C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2019-06-05 22:48 - 2014-05-14 21:11 - 000003156 _____ C:\WINDOWS\System32\Tasks\YCMServiceAgent
2019-06-05 22:48 - 2014-05-14 20:56 - 000002990 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2019-06-05 22:39 - 2018-03-24 13:06 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4070732696-2307962366-2096404084-1002
2019-06-05 20:54 - 2018-05-20 10:06 - 000002263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-05 20:54 - 2018-05-20 10:06 - 000002222 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-05 20:46 - 2019-03-31 09:15 - 000002313 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2019-06-05 20:42 - 2018-10-06 20:07 - 000000000 ____D C:\Users\Richard\Desktop\Škola (dokumenty)
2019-06-03 15:35 - 2019-03-15 21:46 - 000225608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-06-02 20:26 - 2019-03-15 21:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-06-02 20:25 - 2019-03-15 21:50 - 000003910 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-05-31 19:04 - 2019-03-15 21:46 - 000385880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-05-31 19:04 - 2019-03-15 21:46 - 000385880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw38f8eb559c6b269e.tmp
2019-05-31 19:03 - 2019-04-18 22:45 - 000003732 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-05-31 19:03 - 2019-04-18 22:45 - 000003150 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-05-31 19:03 - 2019-03-15 21:50 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-05-31 19:03 - 2019-03-15 21:50 - 000002413 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-05-28 01:10 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2019-05-21 20:54 - 2019-03-15 21:46 - 000477584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-05-21 20:54 - 2019-03-15 21:46 - 000477584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswf319517202728972.tmp
2019-05-21 20:54 - 2019-03-15 21:46 - 000225096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1c034353491babb8.tmp
2019-05-21 20:54 - 2019-03-15 21:46 - 000167872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswcdc8082fa91ece5d.tmp
2019-05-21 20:54 - 2019-03-15 21:46 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-05-21 20:54 - 2019-03-15 21:46 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswdd509737def58aee.tmp
2019-05-21 20:54 - 2019-03-15 21:46 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-05-21 20:54 - 2019-03-15 21:46 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw5a1be023989ccd77.tmp
2019-05-21 20:54 - 2019-03-15 21:46 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-05-21 20:54 - 2019-03-15 21:46 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw31a0a7a3fa05ca0b.tmp
2019-05-21 20:53 - 2019-03-15 21:46 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-05-21 20:53 - 2019-03-15 21:46 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswb7b3a71491d69984.tmp
2019-05-21 20:53 - 2019-03-15 21:46 - 000549200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9578a0bf216275e1.tmp
2019-05-21 20:53 - 2019-03-15 21:46 - 000262496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc8bfd097237d0551.tmp
2019-05-21 20:53 - 2019-03-15 21:46 - 000262496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-05-21 20:53 - 2019-03-15 21:46 - 000207448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-05-21 20:53 - 2019-03-15 21:46 - 000207448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8bc76523d34bdd10.tmp
2019-05-21 20:53 - 2019-03-15 21:46 - 000205848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-05-21 20:53 - 2019-03-15 21:46 - 000205848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbc126bdf396c3087.tmp
2019-05-21 20:53 - 2019-03-15 21:46 - 000061472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswcd1a6d8af8df81a6.tmp
2019-05-21 20:53 - 2019-03-15 21:46 - 000061472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-05-21 10:12 - 2019-03-15 22:11 - 000004180 _____ C:\WINDOWS\System32\Tasks\Avast SecureLine Update
2019-05-21 10:04 - 2019-03-15 22:03 - 000004194 _____ C:\WINDOWS\System32\Tasks\Avast Cleanup Update
2019-05-19 16:21 - 2014-05-15 04:05 - 000753788 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-19 16:21 - 2014-05-15 04:05 - 000163570 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-19 16:21 - 2014-03-18 11:53 - 001876212 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-18 12:17 - 2018-10-27 17:52 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-13 08:36 - 2014-05-14 21:03 - 001662205 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2019-05-13 08:36 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-13 00:50 - 2014-05-14 20:53 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-05-12 23:25 - 2014-04-02 11:29 - 000000000 ____D C:\Users\Administrator
2019-05-12 23:16 - 2019-04-06 20:19 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-05-07 11:38 - 2019-04-07 11:04 - 000000000 ____D C:\Users\Richard\AppData\Local\Microsoft Help
==================== Files in the root of some directories =======
2019-02-24 16:15 - 2019-02-24 16:15 - 000143360 _____ (Gepro s.r.o.) C:\Program Files (x86)\kokundo.exe
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-06-02 20:29
==================== End of FRST.txt ============================