Stránka 1 z 1

PC mojej priatelky

Napsal: 06 čer 2019 20:02
od Sudoku33
Dobry vecer, moja priatelka ma mensi problem s PC (ktorý dostala od otca, preto má mužské meno PC :lol: ). Pozerava online filmy, avšak včera, dnes sa jej začali ihneď ako otvorí Google Chrome objavovať vpravo dole reklamy a iné sračky :D :(

Ihneď ako som to uvidel som PC Prešiel Antivírusom (Avast), Malwarebytes a AdWare Cleaner ale žiadny z nich nič nenašiel. Avšak reklamy prestali. Ale posielam logy pre istotu že by sa zas vrátili alebo tam niekde sa nachádzal vo Windowse vírus. Logy nižšie :oops:

Re: PC mojej priatelky

Napsal: 06 čer 2019 20:03
od Sudoku33
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2019
Ran by Richard (administrator) on GALLAS (Hewlett-Packard HP 15 Notebook PC) (06-06-2019 20:54:05)
Running from C:\Users\Richard\Desktop
Loaded Profiles: Richard & (Available Profiles: Richard & Administrator)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\EAC MW klient\eIDCertPropagator.exe
() [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\Vpn.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Disig a.s. -> Disig a.s.) C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Ministerstvo vnútra Slovenskej republiky -> Ministerstvo vnútra Slovenskej republiky) C:\Program Files (x86)\EAC MW klient\EAC_MW_klient.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SafeNet Canada, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplms.exe
(SafeNet Canada, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplmv.exe
(Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7535832 2014-02-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-19] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-10-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [EAC_MW_klient] => C:\Program Files (x86)\EAC MW klient\EAC_MW_klient.exe [10600336 2019-03-18] (Ministerstvo vnútra Slovenskej republiky -> Ministerstvo vnútra Slovenskej republiky)
HKLM-x32\...\Run: [eIDCertPropagator] => C:\Program Files (x86)\EAC MW klient\eIDCertPropagator.exe [533504 2019-01-17] () [File not signed]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-10-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002\...\Run: [AvastBrowserAutoLaunch_FEC1B1EBE9D1F5B302899B220563DBD4] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002\...\RunOnce: [Uninstall C:\Users\Richard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-10-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\Run: [AvastBrowserAutoLaunch_FEC1B1EBE9D1F5B302899B220563DBD4] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\RunOnce: [Uninstall C:\Users\Richard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\RunOnce: [Uninstall 19.043.0304.0007\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\19.043.0304.0007\amd64"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\RunOnce: [Uninstall 19.043.0304.0007] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\19.043.0304.0007"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-10-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\Run: [AvastBrowserAutoLaunch_FEC1B1EBE9D1F5B302899B220563DBD4] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\RunOnce: [Uninstall C:\Users\Richard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\RunOnce: [Uninstall 19.043.0304.0007\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\19.043.0304.0007\amd64"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\RunOnce: [Uninstall 19.043.0304.0007] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\19.043.0304.0007"
HKU\S-1-5-21-4070732696-2307962366-2096404084-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084023999\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1714952 2013-10-16] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-4070732696-2307962366-2096404084-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084023999\...\Run: [WindowsWelcomeCenter] => C:\WINDOWS\system32\oobefldr.dll [630784 2014-03-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.80\Installer\chrmstp.exe [2019-06-05] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.132\Installer\chrmstp.exe [2019-05-31] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-03-07] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-03-15]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine.lnk [2019-03-15]
ShortcutTarget: Avast SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Web Signer.lnk [2019-01-29]
ShortcutTarget: Web Signer.lnk -> C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe (Disig a.s. -> Disig a.s.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0955BD0D-3644-4BD6-B602-04CB9958EB6F} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [339008 2013-03-12] (CyberLink Corp. -> CyberLink Corp.)
Task: {29D13C42-15FF-4A96-A1B6-959F59956877} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
Task: {2B907BCD-542C-4D28-91A3-521FB2FECCBF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {394D1DBC-A520-45F5-928B-83CA7ECD2F19} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [603008 2012-11-29] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {41AFE415-DC62-4281-AAB8-6DF09AD42D31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-20] (Google Inc -> Google Inc.)
Task: {4CF4DEE6-D976-4A5F-A34A-AAEA47BD1AC6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008 2014-01-13] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {4DA5BAF9-2D9F-47B8-8C75-02EBCA532C85} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803440 2013-12-13] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {76A60A7F-71C6-4BE2-8B60-52DBE0430404} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {836FD934-48D2-4BB1-BB55-40A53DE56CBB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CF64658-B606-498F-B226-1893F00B5C85} - System32\Tasks\AutoPico Daily Restart => F:\ALL [Argument = MS OFFICE WINDOWS PERNAMEN ACTIVATOR!\AutoPico.exe /silent]
Task: {9C37F18C-D5A0-4154-84A5-C46B33EDFC80} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {B2136804-334A-4A32-B737-A35D121E9AF5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {BBA14721-7986-42DF-8383-980F4A4077F2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE472F04-ED83-4320-AF15-C8A6AB9784E6} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink Corp. -> CyberLink)
Task: {BEBD267A-5DD9-45DA-A009-3EE10975047F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CA68711C-8005-4407-8EF4-F38F28EFFB1D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {D2DD6048-E665-4083-864B-78589C654C0E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-20] (Google Inc -> Google Inc.)
Task: {D3A3DE02-3E8C-4FA8-96BC-C9044F817374} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
Task: {DC1E8BBE-CACA-4773-B5E1-B456B6D1807D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {DCC9B246-5ECC-4852-876C-B2BC9EF5B69F} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-03-07] (CyberLink Corp. -> CyberLink Corp.)
Task: {E1D14C60-9865-4379-9710-EA248E288927} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008 2014-01-13] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {E78EEBDB-7E94-4256-B73D-ADDE9BB45902} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {E96CFD85-3DF8-4FDD-A34F-DE24A0FC7C03} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-05-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {ED218458-A557-47FE-AAB0-D40FB8BACEC4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2281944 2019-06-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {FFAE4807-7565-4B83-94A2-85F111C362DD} - System32\Tasks\Avast SecureLine Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe [1398208 2019-05-24] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{39487A7D-9E4F-40BE-A565-0D457B9D8633}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E58A1CCD-A04A-4804-A96D-CEA4CBE43774}: [DhcpNameServer] 172.16.0.1
HKLM\System\...\Parameters\PersistentRoutes: [100.100.0.10,255.255.255.255,0.0.0.0,1]

Internet Explorer:
==================
SearchScopes: HKLM -> {D451AF2A-C3FF-4A85-8AE5-234189038854} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {D451AF2A-C3FF-4A85-8AE5-234189038854} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-4070732696-2307962366-2096404084-1002 -> {D451AF2A-C3FF-4A85-8AE5-234189038854} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514 -> {D451AF2A-C3FF-4A85-8AE5-234189038854} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218 -> {D451AF2A-C3FF-4A85-8AE5-234189038854} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-28] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-28] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2019-01-14] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2019-01-15] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2016-12-15] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL [2016-12-15] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2019-01-15] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2019-01-15] (DITEC, a.s. -> Ditec,a.s.)

Chrome:
=======
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default [2019-06-06]
CHR Extension: (Prezentácie) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-20]
CHR Extension: (Dokumenty) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-20]
CHR Extension: (Disk Google) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-20]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-20]
CHR Extension: (Tabuľky) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-20]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (AdBlock) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-06-02]
CHR Extension: (Avast Online Security) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-05-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-20]
CHR Extension: (Disig Web Signer 1.0.7) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbdbcaekkgabdfaabepfjgiooilmaoe [2019-01-29]
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-06]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [odbdbcaekkgabdfaabepfjgiooilmaoe] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [140288 2014-04-17] () [File not signed]
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [240128 2014-04-18] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-19] (AVAST Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-08-07] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-19] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.132\elevation_service.exe [1079424 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10267576 2019-05-23] (AVAST Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3730024 2018-10-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [3500552 2018-07-18] (SafeNet Canada, Inc. -> SafeNet, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-02-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [6688232 2019-03-28] (AVAST Software s.r.o. -> AVAST Software)
R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [51712 2014-02-25] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2014-05-15] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-05-15] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 akshasp; C:\WINDOWS\system32\DRIVERS\akshasp.sys [87832 2018-07-18] (SafeNet, Inc. -> SafeNet, Inc.)
S3 akshhl; C:\WINDOWS\system32\DRIVERS\akshhl.sys [69640 2018-07-18] (SafeNet Canada, Inc. -> SafeNet, Inc.)
S3 aksusb; C:\WINDOWS\system32\DRIVERS\aksusb.sys [323600 2018-07-18] (SafeNet Canada, Inc. -> SafeNet, Inc.)
R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [17640 2013-10-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [85704 2014-02-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [13939712 2014-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [628224 2014-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [230088 2014-02-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
S0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-06-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [207448 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [262496 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [205848 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61472 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
S1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279120 2019-06-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167872 2019-06-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477584 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225608 2019-06-03] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\system32\DRIVERS\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385880 2019-05-31] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [3858944 2013-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWB6.sys [222720 2014-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-10-06] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-10-06] (Disc Soft Ltd -> Disc Soft Ltd)
S3 GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [137712 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [1971208 2018-07-18] (SafeNet Canada, Inc. -> SafeNet, Inc.)
S2 Haspnt; C:\WINDOWS\SysWOW64\drivers\Haspnt.sys [132608 2007-05-22] () [File not signed]
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-05-13] (Malwarebytes Corporation -> Malwarebytes)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [35856 2014-05-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [237400 2014-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [124760 2014-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 WinDivert1.1; C:\WINDOWS\files\bin\x64WDV\WinDivert.sys [35376 2013-12-03] (Nemea Mjukvaruutveckling AB -> Basil Projects)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-06 20:54 - 2019-06-06 20:55 - 000039486 _____ C:\Users\Richard\Desktop\FRST.txt
2019-06-06 20:53 - 2019-06-06 20:53 - 000000000 ____D C:\Users\Richard\Desktop\FRST-OlderVersion
2019-06-06 20:50 - 2019-06-06 20:50 - 007025360 _____ (Malwarebytes) C:\Users\Richard\Downloads\adwcleaner_7.3.exe
2019-06-03 13:36 - 2019-06-03 13:36 - 000235075 _____ C:\Users\Richard\Downloads\SAM1_OKRUH_OTAZOK_NA_SKUSKU.pdf
2019-06-02 20:26 - 2019-06-02 20:26 - 000002026 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-06-02 20:24 - 2019-06-02 20:23 - 000279120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-06-02 20:24 - 2019-06-02 20:23 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-06-02 20:24 - 2019-05-21 20:54 - 000363400 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-05-28 15:54 - 2019-05-28 15:54 - 003338786 _____ C:\Users\Richard\Downloads\SAM_Skúška.pdf
2019-05-28 15:54 - 2019-05-28 15:54 - 002080185 _____ C:\Users\Richard\Downloads\Geodézia_2_Ústna-skúška.pdf
2019-05-26 13:57 - 2019-05-26 13:57 - 000770317 _____ C:\Users\Richard\Downloads\TESTY-Geodézia.pdf
2019-05-26 11:17 - 2019-05-26 11:17 - 020017719 _____ C:\Users\Richard\Downloads\všetko-v-kope.pdf
2019-05-23 11:12 - 2019-05-23 11:12 - 003011295 _____ C:\Users\Richard\Downloads\GEODEZIA_2_8_prednáška_8.pptx
2019-05-23 11:12 - 2019-05-23 11:12 - 000928768 _____ C:\Users\Richard\Downloads\GEODEZIA_2_9_prednáška_9.ppt
2019-05-19 16:39 - 2019-05-19 16:39 - 004941096 _____ C:\Users\Richard\Downloads\190516 (1).zip
2019-05-19 16:39 - 2019-05-19 16:39 - 004768202 _____ C:\Users\Richard\Downloads\190520 (1).zip
2019-05-19 16:19 - 2019-05-19 16:19 - 000179685 _____ C:\Users\Richard\Downloads\Pracovne_listy_15_16 (1).pdf
2019-05-19 11:28 - 2019-05-19 11:28 - 000101743 _____ C:\Users\Richard\Downloads\Pracovne_listy_19_22_2019 (3).ppsx
2019-05-19 11:27 - 2019-05-19 11:27 - 000101743 _____ C:\Users\Richard\Downloads\Pracovne_listy_19_22_2019 (2).ppsx
2019-05-18 23:06 - 2019-05-18 23:06 - 002505227 _____ C:\Users\Richard\Downloads\cylindricka_priklady_2019 (1).ppsx
2019-05-18 23:05 - 2019-05-18 23:05 - 002505227 _____ C:\Users\Richard\Downloads\cylindricka_priklady_2019.ppsx
2019-05-18 20:58 - 2019-05-18 20:59 - 086363912 _____ (OCAD AG) C:\Users\Richard\Downloads\OCAD_2019_TRIAL_Setup (1).exe
2019-05-18 16:58 - 2019-05-18 16:58 - 000409944 _____ C:\Users\Richard\Downloads\Linearna_sikma_stud_2019 (1).ppsx
2019-05-18 16:58 - 2019-05-18 16:58 - 000074778 _____ C:\Users\Richard\Downloads\Pracovne_listy_3_4_2019 (1).pptx
2019-05-18 16:50 - 2019-05-18 16:58 - 000111410 _____ C:\Users\Richard\Downloads\Pracovne_listy_3_4_2019.pptx
2019-05-18 15:44 - 2019-06-05 20:41 - 000000000 ____D C:\Users\Richard\Desktop\2. semester
2019-05-18 11:18 - 2019-05-18 11:18 - 000086718 _____ C:\Users\Richard\Downloads\SkuskovaPisomka.pdf
2019-05-18 10:53 - 2019-05-18 10:54 - 004768202 _____ C:\Users\Richard\Downloads\190520.zip
2019-05-18 10:53 - 2019-05-18 10:53 - 004941096 _____ C:\Users\Richard\Downloads\190516.zip
2019-05-15 16:50 - 2019-05-15 16:50 - 000284192 _____ C:\Users\Richard\Downloads\Sfericka_trigonometria.pdf
2019-05-15 16:27 - 2019-06-05 22:48 - 000003370 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-15 16:27 - 2019-06-05 22:48 - 000003242 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-13 08:36 - 2019-05-13 08:36 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-06 20:56 - 2018-10-06 20:12 - 000000000 ____D C:\Users\Richard\Desktop\stahovanie
2019-06-06 20:54 - 2019-04-06 20:30 - 000000000 ____D C:\FRST
2019-06-06 20:53 - 2019-04-06 20:29 - 002417664 _____ (Farbar) C:\Users\Richard\Desktop\FRST64.exe
2019-06-06 20:51 - 2018-10-06 20:12 - 000000000 ____D C:\Users\Richard\AppData\Roaming\uTorrent
2019-06-06 20:51 - 2018-10-06 20:07 - 000000000 ____D C:\Users\Richard\AppData\Roaming\DAEMON Tools Lite
2019-06-06 20:50 - 2019-03-15 21:46 - 000167872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-06-06 20:46 - 2017-08-29 14:42 - 000000000 ____D C:\Users\Richard\Documents\Youcam
2019-06-05 22:48 - 2019-04-07 18:33 - 000003406 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2019-06-05 22:48 - 2018-10-27 17:52 - 000004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-06-05 22:48 - 2018-10-07 09:20 - 000003174 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4070732696-2307962366-2096404084-1002
2019-06-05 22:48 - 2018-10-06 20:49 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-06-05 22:48 - 2018-10-06 20:27 - 000004128 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-06-05 22:48 - 2018-10-06 20:27 - 000002790 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-06-05 22:48 - 2014-05-14 21:14 - 000003160 _____ C:\WINDOWS\System32\Tasks\CLVDLauncher
2019-06-05 22:48 - 2014-05-14 21:14 - 000003160 _____ C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2019-06-05 22:48 - 2014-05-14 21:11 - 000003156 _____ C:\WINDOWS\System32\Tasks\YCMServiceAgent
2019-06-05 22:48 - 2014-05-14 20:56 - 000002990 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2019-06-05 22:39 - 2018-03-24 13:06 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4070732696-2307962366-2096404084-1002
2019-06-05 20:54 - 2018-05-20 10:06 - 000002263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-05 20:54 - 2018-05-20 10:06 - 000002222 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-05 20:46 - 2019-03-31 09:15 - 000002313 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2019-06-05 20:42 - 2018-10-06 20:07 - 000000000 ____D C:\Users\Richard\Desktop\Škola (dokumenty)
2019-06-03 15:35 - 2019-03-15 21:46 - 000225608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-06-02 20:26 - 2019-03-15 21:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-06-02 20:25 - 2019-03-15 21:50 - 000003910 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-05-31 19:04 - 2019-03-15 21:46 - 000385880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-05-31 19:04 - 2019-03-15 21:46 - 000385880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw38f8eb559c6b269e.tmp
2019-05-31 19:03 - 2019-04-18 22:45 - 000003732 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-05-31 19:03 - 2019-04-18 22:45 - 000003150 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-05-31 19:03 - 2019-03-15 21:50 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-05-31 19:03 - 2019-03-15 21:50 - 000002413 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-05-28 01:10 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2019-05-21 20:54 - 2019-03-15 21:46 - 000477584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-05-21 20:54 - 2019-03-15 21:46 - 000477584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswf319517202728972.tmp
2019-05-21 20:54 - 2019-03-15 21:46 - 000225096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1c034353491babb8.tmp
2019-05-21 20:54 - 2019-03-15 21:46 - 000167872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswcdc8082fa91ece5d.tmp
2019-05-21 20:54 - 2019-03-15 21:46 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-05-21 20:54 - 2019-03-15 21:46 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswdd509737def58aee.tmp
2019-05-21 20:54 - 2019-03-15 21:46 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-05-21 20:54 - 2019-03-15 21:46 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw5a1be023989ccd77.tmp
2019-05-21 20:54 - 2019-03-15 21:46 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-05-21 20:54 - 2019-03-15 21:46 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw31a0a7a3fa05ca0b.tmp
2019-05-21 20:53 - 2019-03-15 21:46 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-05-21 20:53 - 2019-03-15 21:46 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswb7b3a71491d69984.tmp
2019-05-21 20:53 - 2019-03-15 21:46 - 000549200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9578a0bf216275e1.tmp
2019-05-21 20:53 - 2019-03-15 21:46 - 000262496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc8bfd097237d0551.tmp
2019-05-21 20:53 - 2019-03-15 21:46 - 000262496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-05-21 20:53 - 2019-03-15 21:46 - 000207448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-05-21 20:53 - 2019-03-15 21:46 - 000207448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8bc76523d34bdd10.tmp
2019-05-21 20:53 - 2019-03-15 21:46 - 000205848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-05-21 20:53 - 2019-03-15 21:46 - 000205848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbc126bdf396c3087.tmp
2019-05-21 20:53 - 2019-03-15 21:46 - 000061472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswcd1a6d8af8df81a6.tmp
2019-05-21 20:53 - 2019-03-15 21:46 - 000061472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-05-21 10:12 - 2019-03-15 22:11 - 000004180 _____ C:\WINDOWS\System32\Tasks\Avast SecureLine Update
2019-05-21 10:04 - 2019-03-15 22:03 - 000004194 _____ C:\WINDOWS\System32\Tasks\Avast Cleanup Update
2019-05-19 16:21 - 2014-05-15 04:05 - 000753788 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-19 16:21 - 2014-05-15 04:05 - 000163570 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-19 16:21 - 2014-03-18 11:53 - 001876212 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-18 12:17 - 2018-10-27 17:52 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-13 08:36 - 2014-05-14 21:03 - 001662205 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2019-05-13 08:36 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-13 00:50 - 2014-05-14 20:53 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-05-12 23:25 - 2014-04-02 11:29 - 000000000 ____D C:\Users\Administrator
2019-05-12 23:16 - 2019-04-06 20:19 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-05-07 11:38 - 2019-04-07 11:04 - 000000000 ____D C:\Users\Richard\AppData\Local\Microsoft Help

==================== Files in the root of some directories =======

2019-02-24 16:15 - 2019-02-24 16:15 - 000143360 _____ (Gepro s.r.o.) C:\Program Files (x86)\kokundo.exe

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-06-02 20:29
==================== End of FRST.txt ============================

Re: PC mojej priatelky

Napsal: 06 čer 2019 20:03
od Sudoku33
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2019
Ran by Richard (06-06-2019 20:56:36)
Running from C:\Users\Richard\Desktop
Windows 8.1 (Update) (X64) (2018-03-24 10:55:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4070732696-2307962366-2096404084-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-4070732696-2307962366-2096404084-501 - Limited - Disabled)
Richard (S-1-5-21-4070732696-2307962366-2096404084-1002 - Administrator - Enabled) => C:\Users\Richard

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{7536C341-2F7D-EFE6-F521-DEBE68B025C5}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7308 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 74.0.1376.132 - Autoři prohlížeče Avast Secure Browser)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 5.2.429 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Balík softvéru eID (HKLM-x32\...\{ea81dcd3-f9f3-4959-8bee-0349fc294ae5}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Bit4id - miniLector (HKLM-x32\...\Bit4id - miniLector) (Version: 3.7 - Bit4id)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.71.1081 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3303 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3416 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
D.Launcher (x86) (HKLM-x32\...\{130A1B8A-2C4A-405D-90F3-3CBA000A8800}) (Version: 1.1.0.0 - DITEC, a.s.)
D.Signer/XAdES .NET Tools (x86) (HKLM-x32\...\{B3377E91-E400-4579-B5ED-5544098B7D47}) (Version: 4.0.9 - DITEC, a.s.)
D.Signer/XAdES .NET with plugins (x86) (HKLM-x32\...\{60E7A096-CD91-4AD1-9E9C-34414DA78CFD}) (Version: 4.0.13 - DITEC, a.s.)
D.Suite/eIDAS (x86) (HKLM-x32\...\{1d028b37-36ce-4e1b-ae0f-a0beb6cc3537}) (Version: 1.0.15 - DITEC, a.s.)
D.Suite/eIDAS (x86) (HKLM-x32\...\{f6fbc4ed-b1f8-4f4c-9b23-5b8e64af50b4}) (Version: 1.0.15 - DITEC, a.s.)
D.Viewer .NET (x86) (HKLM-x32\...\{4ACA51B0-AD85-4EF1-AADA-81887BC2E85C}) (Version: 4.0.2025 - DITEC, a.s.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0637 - Disc Soft Ltd)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Disig Web Signer 1.0.7 (HKLM-x32\...\{21859B7E-5E38-4892-A480-FA8B180ADE72}) (Version: 1.1.8 - Disig)
EAC MW klient (HKLM-x32\...\{3C1EB559-A939-4569-8EDE-006675312B46}) (Version: 3.1.3 - Ministerstvo vnútra Slovenskej republiky)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Fotogaléria (HKLM-x32\...\{08466673-3905-4437-93E8-34A221B7CA4E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GemPcCCID (HKLM\...\{C2C14C20-A217-4FCA-B668-89B6C70B6EFF}) (Version: 2.0.7 - Gemalto)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.80 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.10) (Version: 9.10 - Artifex Software Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Documentation (HKLM-x32\...\{F29E3AA8-CF19-4452-92B7-F1FE31CD11C5}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7372.4698 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{891A1782-8B20-4403-8383-458962525926}) (Version: 2.3.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.11 - Softex Inc.) Hidden
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Mathcad 15 M020 (HKLM-x32\...\{1FABCC0D-6190-4FA9-8C25-1AFC2A5F1E74}) (Version: 15.0.2.0 - PTC)
Mathcad PDSi viewable support (HKLM-x32\...\{AC76D478-1033-0000-3478-000000000004}) (Version: 9.0.0 - Adobe Systems) Hidden
Mathcad PDSi viewable support (HKLM-x32\...\Mathcad PDSi viewable support) (Version: 9.0.0 - Adobe Systems)
Microsoft Office 2016 Professional Plus (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4070732696-2307962366-2096404084-1002\...\OneDriveSetup.exe) (Version: 19.070.0410.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\OneDriveSetup.exe) (Version: 19.062.0331.0006 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\OneDriveSetup.exe) (Version: 19.062.0331.0006 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{379A0618-EF50-423C-9637-EEB2D25A4BB4}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{CFBFE244-6269-41DC-85B6-86F99C88ED02}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Název společnosti:)
pdfFactory Pro (HKLM\...\pdfFactory Pro) (Version: 6.19 - FinePrint Software, LLC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.232 - Qualcomm Atheros)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7164 - Realtek Semiconductor Corp.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.4.0 - Synaptics Incorporated)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-012B-041B-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version: - Microsoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
Box -> C:\Program Files\WindowsApps\134D4F5B.Box_1.6.3.1920_neutral__2qk4zy5s3qmee [2014-05-14] (Box, Inc.)
Cestovanie Bing -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.2.233_x64__8wekyb3d8bbwe [2014-05-14] (Microsoft Corporation) [MS Ad]
Financie Bing -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.2.234_x64__8wekyb3d8bbwe [2014-05-14] (Microsoft Corporation) [MS Ad]
Getting Started with Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.2.4.35_neutral__v10z8vjag6ke6 [2014-05-14] (Hewlett-Packard Company)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.141_neutral__v10z8vjag6ke6 [2014-05-14] (Hewlett-Packard Company)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-05-14] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.2.705.0_x64__8wekyb3d8bbwe [2014-05-14] (Microsoft Corporation) [MS Ad]
Jedlá a nápoje Bing -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.2.236_x64__8wekyb3d8bbwe [2014-05-14] (Microsoft Corporation) [MS Ad]
Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.2.233_x64__8wekyb3d8bbwe [2014-05-14] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_2.5.0.1005_x86__kzf8qxf38zg5c [2014-05-14] (Skype) [MS Ad]
Správy Bing -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.2.233_x64__8wekyb3d8bbwe [2014-05-14] (Microsoft Corporation) [MS Ad]
Šport Bing -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.2.233_x64__8wekyb3d8bbwe [2014-05-14] (Microsoft Corporation) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.2.705.0_x64__8wekyb3d8bbwe [2014-05-14] (Microsoft Corporation) [MS Ad]
YouCam for HP -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.YouCamforHP_1.0.2.27571_x86__06qsbagp91rvg [2014-05-14] (CYBERLINKCOM CORP)
Zdravie a fitnes Bing -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.2.233_x64__8wekyb3d8bbwe [2014-05-14] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4070732696-2307962366-2096404084-1002_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-19] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2008-10-06] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-10-17] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-10-17] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2008-10-06] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-03-15 22:03 - 2016-09-12 15:53 - 048936448 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
2019-01-17 10:19 - 2019-01-17 10:19 - 000038912 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_date_time-vc90-mt-1_49.dll
2019-01-17 10:19 - 2019-01-17 10:19 - 000135680 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_filesystem-vc90-mt-1_49.dll
2019-01-17 10:19 - 2019-01-17 10:19 - 000567808 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_log-vc90-mt-1_49.dll
2019-01-17 10:19 - 2019-01-17 10:19 - 000227840 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_serialization-vc90-mt-1_49.dll
2019-01-17 10:19 - 2019-01-17 10:19 - 000012800 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_system-vc90-mt-1_49.dll
2019-01-17 10:19 - 2019-01-17 10:19 - 000046592 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_thread-vc90-mt-1_49.dll
2019-01-17 10:20 - 2019-01-17 10:20 - 000533504 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\eIDCertPropagator.exe
2014-04-17 15:38 - 2014-04-17 15:38 - 000140288 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2014-04-17 15:37 - 2014-04-17 15:37 - 000127488 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-03-28 13:31 - 2014-03-28 13:31 - 002110464 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 000021504 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 13:36 - 2014-03-28 13:36 - 000065024 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2014-03-28 13:27 - 2014-03-28 13:27 - 000055296 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 000035328 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2019-02-12 22:48 - 2019-02-12 22:48 - 003083264 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DotNetCommon\62ff080ad01a950d1576d95c6ff5aed4\DotNetCommon.ni.dll
2014-04-17 15:28 - 2014-04-17 15:28 - 000898048 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2014-04-17 15:27 - 2014-04-17 15:27 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2014-04-17 15:37 - 2014-04-17 15:37 - 000344064 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
2019-01-17 10:20 - 2019-01-17 10:20 - 001888256 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EAC MW klient\xerces-c_3_1.dll
2013-12-02 11:05 - 2013-12-02 11:05 - 002558464 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\EAC MW klient\QtCore_mw_x86_4.dll
2013-12-02 12:25 - 2013-12-02 12:25 - 002543104 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\EAC MW klient\QtDeclarative_mw_x86_4.dll
2013-12-02 11:29 - 2013-12-02 11:29 - 008353280 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\EAC MW klient\QtGui_mw_x86_4.dll
2013-12-02 11:08 - 2013-12-02 11:08 - 001023488 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\EAC MW klient\QtNetwork_mw_x86_4.dll
2013-12-02 12:07 - 2013-12-02 12:07 - 001298432 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\EAC MW klient\QtScript_mw_x86_4.dll
2013-12-02 11:08 - 2013-12-02 11:08 - 000195072 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\EAC MW klient\QtSql_mw_x86_4.dll
2013-12-02 11:06 - 2013-12-02 11:06 - 000341504 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\EAC MW klient\QtXml_mw_x86_4.dll
2013-12-02 11:47 - 2013-12-02 11:47 - 002568704 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\EAC MW klient\QtXmlPatterns_mw_x86_4.dll
2019-02-10 15:03 - 2019-02-10 15:03 - 004715520 _____ (Disc Soft Ltd) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\a9a6d50bf504df3daf576c3dac1d6832\DiscSoft.NET.Common.ni.dll
2019-02-10 15:03 - 2019-02-10 15:03 - 005184512 _____ (Disc Soft Ltd) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DTLite\2250bb7c0271f32e8b180883fbcf450a\DTLite.ni.exe
2019-02-10 15:03 - 2019-02-10 15:03 - 000139264 _____ (Disc Soft Ltd) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DTLiteHelper\8d2e2b2a7e36be9f2ee6a439e8055224\DTLiteHelper.ni.exe
2014-01-13 08:02 - 2014-01-13 08:02 - 000092160 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
2014-03-28 13:47 - 2014-03-28 13:47 - 000646656 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OpBHO64.dll
2014-03-28 13:29 - 2014-03-28 13:29 - 000692224 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\storeng.dll
2014-03-28 13:32 - 2014-03-28 13:32 - 001107968 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\userdata.dll
2014-05-14 21:07 - 2014-05-14 21:07 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2013-08-07 01:34 - 2013-08-07 01:34 - 000312448 _____ (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
2014-03-28 13:39 - 2014-03-28 13:39 - 000088064 _____ (Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
2014-03-28 13:48 - 2014-03-28 13:48 - 000712080 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 000367504 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 000759184 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\hdddrv.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 001204112 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\Wbf.dll
2019-01-17 10:20 - 2019-01-17 10:20 - 000456192 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files (x86)\EAC MW klient\libcurl.dll
2019-01-17 10:20 - 2019-01-17 10:20 - 001212928 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\EAC MW klient\LIBEAY32.dll
2019-01-17 10:20 - 2019-01-17 10:20 - 000276480 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\EAC MW klient\SSLEAY32.dll
2019-03-15 22:11 - 2018-09-05 22:32 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\SecureLine\libcrypto-1_1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2019-04-06 21:09 - 000000035 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Hewlett-Packard\SimplePass\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\EAC MW klient\
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img1.jpg
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\Control Panel\Desktop\\Wallpaper -> C:\Users\Richard\Desktop\thailand-rocks-sea-islands-tropical-islands.jpg
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\Control Panel\Desktop\\Wallpaper -> C:\Users\Richard\Desktop\thailand-rocks-sea-islands-tropical-islands.jpg
HKU\S-1-5-21-4070732696-2307962366-2096404084-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084023999\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F67644CA-875C-41FD-B753-E60102FEEC1B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4B88B347-C45C-4913-950C-4EEB5CDF8483}] => (Allow) LPort=2869
FirewallRules: [{C2F6A5D3-30BC-491C-841E-C84952038C16}] => (Allow) LPort=1900
FirewallRules: [{DE37F22C-1F1F-4BFE-B536-E0757363EE8B}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe (Meridian Audio Ltd -> Meridian Audio Ltd)
FirewallRules: [{3EF1A830-F1E2-47B7-8EA5-48D60E423858}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe (Meridian Audio Ltd -> Meridian Audio Ltd)
FirewallRules: [{9E090B11-A18D-4F85-8CD8-0D85BFAC2EBA}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe (Meridian Audio Ltd -> Meridian Audio Ltd)
FirewallRules: [{6177F9F7-DE33-4C1F-8527-EEC4CCFBF352}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe (Meridian Audio Ltd -> Meridian Audio Ltd)
FirewallRules: [{5DEFEF1B-B37B-462F-ADE0-8A34FA02ADF6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D0387780-2DE4-49E1-9CBF-3D2414830580}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D431329B-D09A-4282-8631-06D816A00277}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{57C42B9C-7FE4-4ED6-8BD6-B651A7611899}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{12402D8B-0384-4734-9351-111DAA018747}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{F9791160-D0CE-4DC3-8425-377AFCE38151}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{C8D351A2-DBCD-4ECA-BD46-AE8BF5B2C93E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{B0EBEF5B-3430-47C8-96EA-4D4667C4A327}C:\users\richard\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\richard\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{37BEBA28-F63A-4EC9-B5C4-D778821B5347}C:\users\richard\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\richard\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{4F042218-15C4-4884-B216-74741DE633F0}C:\users\richard\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\richard\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{C7B7A15C-058E-4B26-9B63-2576B7CE5F41}C:\users\richard\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\richard\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{1DBBB65B-A7D6-4DB2-B39F-D14FD7DB1570}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [UDP Query User{253A5442-E3EB-4A96-95DA-E8FFB2C9F240}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [{093DB0A9-5CE6-49DF-B117-4B5B48878E35}] => (Allow) C:\WINDOWS\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.)
FirewallRules: [{90B1690E-830C-46EB-A7D4-83C1A648DE35}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{AAA73C8E-CA2D-4DFE-99BB-65DB147190B4}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{8E99C710-097E-4206-BFC8-E771BC7ECD2C}] => (Allow) C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{54071ADC-31C0-45AA-96AB-67B4B747E51D}] => (Allow) C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{27F87BCC-CC04-4F0F-8DCE-5F85D95D7342}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A9E4C76B-3ABC-48E7-9640-488AFB95A371}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BA6B2B49-2D75-4E07-A50B-64041064266A}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DDD065F2-DDE2-4951-AD48-8388BCF34A98}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{395CFDA6-88EB-439D-9112-28EB75451008}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{9B3228EE-8325-46C6-A6FF-06F2112E8331}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

18-05-2019 20:59:10 Removed OCAD 2019.
23-05-2019 11:40:58 Removed OCAD 2019.
29-05-2019 17:56:47 Removed OCAD 2019.

==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Windows Defender:
===================================
Date: 2019-03-15 20:52:54.957
Description:
Windows Defender Funkce ochrany v reálném čase zjistila chybu a nezdařila se.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2019-03-15 14:15:21.660
Description:
Windows Defender Funkce ochrany v reálném čase zjistila chybu a nezdařila se.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému pro kontrolu sítě. Nainstalujte požadované aktualizace a restartujte počítač.

Date: 2019-03-15 13:56:14.540
Description:
Windows Defender Funkce ochrany v reálném čase zjistila chybu a nezdařila se.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému pro kontrolu sítě. Nainstalujte požadované aktualizace a restartujte počítač.

Date: 2018-10-06 20:06:47.625
Description:
Windows Defender Funkce ochrany v reálném čase zjistila chybu a nezdařila se.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2018-10-06 20:06:36.351
Description:
Windows Defender Funkce ochrany v reálném čase zjistila chybu a nezdařila se.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému pro kontrolu sítě. Nainstalujte požadované aktualizace a restartujte počítač.

CodeIntegrity:
===================================

Date: 2018-12-26 21:22:24.447
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: Insyde F.32 11/12/2014
Motherboard: Hewlett-Packard 22CE
Processor: AMD A4-6210 APU with AMD Radeon R3 Graphics
Percentage of memory in use: 42%
Total physical RAM: 7112.98 MB
Available physical RAM: 4083.96 MB
Total Virtual: 8264.98 MB
Available Virtual: 5464.04 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:916.75 GB) (Free:861 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:13.74 GB) (Free:1.32 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{e7f3f21a-5a19-4fd9-9571-75debd2a7c54}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.35 GB) NTFS

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================

Re: PC mojej priatelky

Napsal: 06 čer 2019 20:58
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: PC mojej priatelky

Napsal: 06 čer 2019 21:23
od Sudoku33
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-06-2019
# Duration: 00:00:02
# OS: Windows 8.1
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1279 octets] - [31/03/2019 08:55:20]
AdwCleaner[C00].txt - [1445 octets] - [31/03/2019 08:56:39]
AdwCleaner[S01].txt - [1368 octets] - [31/03/2019 09:05:23]
AdwCleaner[S02].txt - [1429 octets] - [31/03/2019 09:06:32]
AdwCleaner[S03].txt - [1523 octets] - [07/04/2019 18:45:06]
AdwCleaner[C03].txt - [1689 octets] - [07/04/2019 18:45:22]
AdwCleaner[S04].txt - [1612 octets] - [06/06/2019 20:51:01]
AdwCleaner[S05].txt - [1673 octets] - [06/06/2019 22:07:47]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C05].txt ##########

Re: PC mojej priatelky

Napsal: 07 čer 2019 09:17
od Rudy
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {41AFE415-DC62-4281-AAB8-6DF09AD42D31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-20] (Google Inc -> Google Inc.)
Task: {8CF64658-B606-498F-B226-1893F00B5C85} - System32\Tasks\AutoPico Daily Restart => F:\ALL [Argument = MS OFFICE WINDOWS PERNAMEN ACTIVATOR!\AutoPico.exe /silent]
F:\ALL [Argument = MS OFFICE WINDOWS PERNAMEN ACTIVATOR!\AutoPico.exe
Task: {D2DD6048-E665-4083-864B-78589C654C0E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-20] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\Drivers\asw38f8eb559c6b269e.tmp
C:\WINDOWS\system32\Drivers\aswf319517202728972.tmp
C:\WINDOWS\system32\Drivers\asw1c034353491babb8.tmp
C:\WINDOWS\system32\Drivers\aswcdc8082fa91ece5d.tmp
C:\WINDOWS\system32\Drivers\aswdd509737def58aee.tmp
C:\WINDOWS\system32\Drivers\asw5a1be023989ccd77.tmp
C:\WINDOWS\system32\Drivers\asw31a0a7a3fa05ca0b.tmp
C:\WINDOWS\system32\Drivers\aswb7b3a71491d69984.tmp
C:\WINDOWS\system32\Drivers\asw9578a0bf216275e1.tmp
C:\WINDOWS\system32\Drivers\aswc8bfd097237d0551.tmp
C:\WINDOWS\system32\Drivers\asw8bc76523d34bdd10.tmp
C:\WINDOWS\system32\Drivers\aswbc126bdf396c3087.tmp
C:\WINDOWS\system32\Drivers\aswcd1a6d8af8df81a6.tmp

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: PC mojej priatelky

Napsal: 07 čer 2019 16:16
od Sudoku33
Fix result of Farbar Recovery Scan Tool (x64) Version: 06-06-2019
Ran by Richard (07-06-2019 17:06:33) Run:2
Running from C:\Users\Richard\Desktop
Loaded Profiles: Richard (Available Profiles: Richard & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {41AFE415-DC62-4281-AAB8-6DF09AD42D31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-20] (Google Inc -> Google Inc.)
Task: {8CF64658-B606-498F-B226-1893F00B5C85} - System32\Tasks\AutoPico Daily Restart => F:\ALL [Argument = MS OFFICE WINDOWS PERNAMEN ACTIVATOR!\AutoPico.exe /silent]
F:\ALL [Argument = MS OFFICE WINDOWS PERNAMEN ACTIVATOR!\AutoPico.exe
Task: {D2DD6048-E665-4083-864B-78589C654C0E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-20] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\Drivers\asw38f8eb559c6b269e.tmp
C:\WINDOWS\system32\Drivers\aswf319517202728972.tmp
C:\WINDOWS\system32\Drivers\asw1c034353491babb8.tmp
C:\WINDOWS\system32\Drivers\aswcdc8082fa91ece5d.tmp
C:\WINDOWS\system32\Drivers\aswdd509737def58aee.tmp
C:\WINDOWS\system32\Drivers\asw5a1be023989ccd77.tmp
C:\WINDOWS\system32\Drivers\asw31a0a7a3fa05ca0b.tmp
C:\WINDOWS\system32\Drivers\aswb7b3a71491d69984.tmp
C:\WINDOWS\system32\Drivers\asw9578a0bf216275e1.tmp
C:\WINDOWS\system32\Drivers\aswc8bfd097237d0551.tmp
C:\WINDOWS\system32\Drivers\asw8bc76523d34bdd10.tmp
C:\WINDOWS\system32\Drivers\aswbc126bdf396c3087.tmp
C:\WINDOWS\system32\Drivers\aswcd1a6d8af8df81a6.tmp

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{41AFE415-DC62-4281-AAB8-6DF09AD42D31}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41AFE415-DC62-4281-AAB8-6DF09AD42D31}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8CF64658-B606-498F-B226-1893F00B5C85}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CF64658-B606-498F-B226-1893F00B5C85}" => removed successfully
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => removed successfully
"F:\ALL [Argument = MS OFFICE WINDOWS PERNAMEN ACTIVATOR!\AutoPico.exe" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D2DD6048-E665-4083-864B-78589C654C0E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2DD6048-E665-4083-864B-78589C654C0E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\WINDOWS\system32\Drivers\asw38f8eb559c6b269e.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswf319517202728972.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw1c034353491babb8.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswcdc8082fa91ece5d.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswdd509737def58aee.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw5a1be023989ccd77.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw31a0a7a3fa05ca0b.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswb7b3a71491d69984.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw9578a0bf216275e1.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswc8bfd097237d0551.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw8bc76523d34bdd10.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswbc126bdf396c3087.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswcd1a6d8af8df81a6.tmp" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13900019 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 207792 B
Edge => 0 B
Chrome => 9105647 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Richard => 357036 B
Administrator => 0 B

RecycleBin => 0 B
EmptyTemp: => 30.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:07:02 ====

Re: PC mojej priatelky

Napsal: 07 čer 2019 16:53
od Rudy
OK. Reklamy již nevyskakují?

Re: PC mojej priatelky

Napsal: 13 čer 2019 17:27
od Sudoku33
Prepáčťe, bol som Inactive. Reklamy prestali vyskakovať. Ďakujem, môžťe lock :closed: :|

Re: PC mojej priatelky

Napsal: 13 čer 2019 17:52
od Rudy
To jsem rád a nemáte zač! :)