Zdravim, mam problem ze vecsinu casu mi procesor ide na 100% aj ked na pc nic nerobim.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2019
Ran by John (administrator) on JOHN-PC (12-07-2019 18:03:06)
Running from C:\Users\John\AppData\Local\Temp\scoped_dir1588_12169
Loaded Profiles: John (Available Profiles: John)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
() [File not signed] C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\SDK\CM_LibraryIO.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Apache Software Foundation) [File not signed] C:\xampp\apache\bin\httpd.exe
(Apache Software Foundation) [File not signed] C:\xampp\apache\bin\httpd.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google LLC -> Google) C:\Users\John\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\John\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\John\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\John\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(MariaDB Corporation Ab -> ) C:\xampp\mysql\bin\mysqld.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera_crashreporter.exe
(Popcorn Time) [File not signed] C:\Program Files (x86)\Popcorn Time\Updater.exe
(Riot Games, Inc. -> ) C:\Riot Games\League of Legends\LeagueClient.exe
(SOKNO S.R.L. -> ) C:\Program Files (x86)\SpeedFan\speedfan.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-949114339-2066100574-2594248327-1000\...\Run: [BloodyToneMaker] => C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe [8555008 2017-10-16] () [File not signed]
HKU\S-1-5-21-949114339-2066100574-2594248327-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-949114339-2066100574-2594248327-1000\...\Run: [AvastBrowserAutoLaunch_D39FDF68DE73058B395809CCEB6C0150] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1456448 2017-03-01] (Image Line -> HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2017-12-22] (Beepa P/L) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-22] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.80\Installer\chrmstp.exe [2019-06-28] (AVAST Software s.r.o. -> AVAST Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A9D12E3-3DCF-40E3-80B9-803013CD2C22} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {20F2855A-9B28-4022-99B6-36E4DB6293AE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-06] (Piriform Ltd -> Piriform Ltd)
Task: {77064960-AE74-4218-80A6-5D2E16039A6D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
Task: {8D7E6AF0-44BB-402D-8C2C-A835EF2CFD2D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
Task: {9124367A-90C1-401F-99FD-79EA7552AA01} - System32\Tasks\AdobeGCInvoker-1.0-John-PC-John => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {9D6C3930-F621-4296-A748-5865083AD527} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {A30993DD-B4C8-45A6-B8B7-83DDFCF1B0D1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B1D77E51-7D67-444E-B3F5-61FD2F00823D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_pepper.exe [1452600 2019-06-29] (Adobe Inc. -> Adobe)
Task: {B7A4BB3A-B24E-42D8-9830-1D21197540A8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {EBC23B6F-5E09-43B9-A2B5-964A74F04CFA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {F5D2FE26-6C34-457B-A652-1E96E58C6E01} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {FE05E3C4-0EEA-458C-9464-41A491FBEE03} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-12] (Adobe Inc. -> Adobe)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{54287F57-F62E-4A77-887F-98CFD53339ED}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B1477436-BDB7-43DB-8368-4FEBFCEBABA8}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-25] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll [2005-09-23] (Microsoft Corporation) [File not signed]
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: dpdx1dpi.default
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default [2019-07-12]
FF NetworkProxy: Mozilla\Firefox\Profiles\dpdx1dpi.default -> backup.ftp", "127.0.0.1"
FF Extension: (Flash Debugger) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\@flash_debugger.xpi [2019-07-01]
FF Extension: (ETP Search Volume Study) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\etp-search-volume-study@shield.mozilla.org.xpi [2019-07-12]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\sp@avast.com.xpi [2019-01-23]
FF Extension: (Avast Online Security) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\wrc@avast.com.xpi [2018-07-17]
FF Extension: (Video DownloadHelper) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-07-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-12] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPDDB91BBD-BA11-4584-980A-F18600097BBE&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3321897&octid ... google.com"
CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default [2019-07-12]
CHR Extension: (Google Drive) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-04]
CHR Extension: (YouTube) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-04]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2019-07-03]
CHR Extension: (Slither.io Skins, Mods, Hack & Guide) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\dggomkijbihggjgcgdbnleolpleddaid [2016-06-12]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-15]
CHR Extension: (DarkOrbit SID Login) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgkcmijdllamjcbfeeheebbphpnbmbco [2019-07-01]
CHR Extension: (Avast Online Security) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-01]
CHR Extension: (Stream Video Downloader) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\imkngaibigegepnlckfcbecjoilcjbhf [2019-04-01]
CHR Extension: (Chromebook Recovery Utility) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2019-02-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-07-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-23]
CHR HKU\S-1-5-21-949114339-2066100574-2594248327-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (AdBlock) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-09-10]
OPR Extension: (Nimbus Screenshot & Screen Video Recorder) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\gjpihpkhgfngnbhhfdehlcmgfahbciip [2018-05-08]
OPR Extension: (Twitch Now) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\hiahmjdojdodmjjhhddegdnhcpjmokmo [2018-02-20]
OPR Extension: (Scripter) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\hpochgedhgonjnpbepkbnkkibkjigknc [2018-04-19]
OPR Extension: (Direct Currency Converter) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\jionklhcihkojemcnabgmdahckalngcl [2019-06-05]
OPR Extension: (Quasimodo) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbioggfbkfijplhkfhaedclnadjdcbnn [2018-07-05]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-02-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [499592 2019-03-27] (Advanced Micro Devices, Inc. -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-23] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [423288 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-23] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.80\elevation_service.exe [978720 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8577760 2019-05-08] (BattlEye Innovations e.K. -> )
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-05-30] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803456 2019-07-06] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S4 ewserver; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [191664 2018-02-26] (Trace Software International -> )
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S4 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [File not signed]
S3 impi_hydra; C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe [880296 2018-02-26] (Intel(R) Software Development Products -> Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
S4 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] (Razer USA Ltd. -> )
S4 RemoteSolverDispatcher; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe [264704 2018-02-26] (Mentor Graphics Corporation -> Mentor Graphics Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2018-05-27] (SolidWorks) [File not signed]
S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
S4 SWVisualize2018.BoostService; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe [59280 2018-02-26] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
S4 SWVisualize2018.Queue.Server; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe [24976 2018-02-26] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11446104 2019-04-24] (TeamViewer GmbH -> TeamViewer GmbH)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2018-04-06] (Popcorn Time) [File not signed]
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14346680 2018-05-11] (VMware, Inc. -> )
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation -> Microsoft Corporation)
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe [30720 2018-03-18] (Apache Software Foundation) [File not signed]
S3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.2.14\bin\mysqld.exe [14550440 2018-03-26] (MariaDB Corporation Ab -> )
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe [39551488 2017-12-28] () [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [52879752 2019-03-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [581512 2019-03-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [130536 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [395752 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [209256 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [263224 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206056 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61688 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42504 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169112 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [549416 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030992 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477288 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225816 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [387392 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.5.1\dbk64.sys [94040 2016-05-19] (Cheat Engine -> )
R3 CMUAC; C:\Windows\System32\DRIVERS\Headset6400x1.SYS [386560 2013-10-03] (C-MEDIA ELECTRONICS INC. -> A4Tech Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-06-04] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-06-04] (Disc Soft Ltd -> Disc Soft Ltd)
R3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [66728 2016-07-06] (NTONYX Ltd. -> Eugene V. Muzychenko)
R0 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [10265032 2018-03-17] (FACE IT LIMITED -> )
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [32384 2018-05-03] (Sony Mobile Communications AB -> Sony Mobile Communications)
S3 libusbK; C:\Windows\System32\DRIVERS\libusbK.sys [47200 2018-07-23] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S4 RsFx0310; C:\Windows\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [51224 2016-05-12] (Razer USA Ltd. -> Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer Inc. -> Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer Inc. -> Razer, Inc.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [40664 2015-02-03] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-05-04] (Apple, Inc.) [File not signed]
R3 VBAudioVMAUXVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmauxvaio64_win7.sys [41192 2019-01-06] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2019-01-05] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [213080 2018-06-29] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [222872 2018-06-29] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135768 2016-06-28] (Oracle Corporation -> Oracle Corporation)
R1 vmkbd3; C:\Windows\System32\DRIVERS\vmkbd.sys [52288 2018-05-11] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [93248 2017-09-05] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 wovad_micarray; C:\Windows\System32\drivers\womic.sys [35696 2017-11-25] (Beijing Wolicheng Technology Co., Ltd. -> Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-12 18:02 - 2019-07-12 18:02 - 002095104 _____ (Farbar) C:\Users\John\Downloads\FRST64.exe
2019-07-12 15:29 - 2019-07-12 15:29 - 000214846 _____ C:\Users\John\Downloads\curlpp-0.8.1 (1).zip
2019-07-12 15:09 - 2019-07-12 15:09 - 000214846 _____ C:\Users\John\Downloads\curlpp-0.8.1.zip
2019-07-12 14:54 - 2019-07-12 14:54 - 000000153 _____ C:\Users\John\Desktop\takt bisnis
2019-07-12 14:36 - 2019-07-12 14:36 - 000004416 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-12 14:33 - 2019-07-12 14:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-12 11:27 - 2019-07-12 11:27 - 000012666 _____ C:\Users\John\Downloads\GGModule.java
2019-07-11 13:14 - 2019-07-11 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-07-11 13:13 - 2019-06-27 14:52 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-07-11 13:12 - 2019-07-11 13:12 - 000549416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2019-07-11 13:12 - 2019-07-11 13:12 - 000038152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys
2019-07-10 16:09 - 2019-07-10 16:09 - 000026185 _____ C:\Users\John\Desktop\nastavnie.txt
2019-07-10 13:01 - 2019-07-10 13:01 - 000000000 ____D C:\Users\John\AppData\Local\Tempzxpsign8116301db2c8f574
2019-07-10 12:47 - 2019-07-10 12:47 - 000000000 ____D C:\Users\John\AppData\Local\Tempzxpsignd534ccc90a41cb79
2019-07-10 12:43 - 2019-07-10 12:43 - 000000000 ____D C:\Users\John\AppData\Local\Tempzxpsign23f218f613a06efe
2019-07-09 09:16 - 2019-07-09 09:16 - 007227870 _____ C:\Users\John\Downloads\launch4j-3.12-win32.exe
2019-07-07 22:30 - 2019-07-07 22:30 - 000000000 ____D C:\Users\John\AppData\Local\www.coderbag.com
2019-07-07 22:29 - 2019-07-07 22:29 - 000000738 _____ C:\Users\Public\Desktop\QuickCPU.lnk
2019-07-07 22:29 - 2019-07-07 22:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickCPU
2019-07-07 22:04 - 2019-06-12 18:30 - 000000000 ____D C:\Users\John\Desktop\Rust 2019 FPS Pack By Panj
2019-07-07 22:00 - 2019-07-07 22:00 - 002123105 _____ C:\Users\John\Downloads\Rust 2019 FPS Pack By Panj.rar
2019-07-07 11:39 - 2019-07-12 12:45 - 000000000 ____D C:\Users\John\Desktop\Popcorn Darkbot V1.13.11beta31
2019-07-07 11:38 - 2019-07-07 11:38 - 001214443 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta31.zip
2019-07-07 11:12 - 2019-07-07 11:12 - 000016113 _____ C:\Users\John\Downloads\document.pdf
2019-07-07 10:56 - 2019-07-07 10:56 - 000399348 _____ C:\Users\John\Downloads\DPD_cenník služieb medzinárodná preprava_2019 (1).pdf
2019-07-07 09:46 - 2019-07-12 14:32 - 000003454 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-John-PC-John
2019-07-06 22:59 - 2019-07-06 23:23 - 127056647 _____ C:\Users\John\Downloads\Videohive 11266469 - 140 Flash FX Elements V3.rar.opdownload
2019-07-06 12:21 - 2019-07-06 12:21 - 000000000 ____D C:\Users\John\AppData\Local\GameAnalytics
2019-07-05 12:17 - 2019-07-05 12:17 - 000001080 _____ C:\Users\Public\Desktop\Opera Browser.lnk
2019-07-03 14:56 - 2019-07-03 14:56 - 001214297 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta27.zip
2019-07-03 14:56 - 2019-07-03 14:56 - 000000000 ____D C:\Users\John\Desktop\Popcorn Darkbot V1.13.11beta27
2019-07-01 17:30 - 2019-07-01 17:33 - 000000000 ____D C:\Program Files (x86)\swiftwire
2019-07-01 17:30 - 2019-07-01 17:30 - 000000000 ____D C:\Users\John\AppData\Roaming\SWFWireDebugger
2019-07-01 10:55 - 2019-07-01 10:55 - 000001249 _____ C:\Users\John\Downloads\settings.ini
2019-07-01 10:39 - 2019-07-01 10:39 - 000202752 _____ () C:\Users\John\Downloads\Corvus.exe
2019-07-01 10:09 - 2019-07-01 10:09 - 000120523 _____ C:\Users\John\Downloads\report_5cfe96194f656_5cfe96194f6a4.pdf
2019-06-30 19:32 - 2019-06-30 19:32 - 000012789 _____ C:\Users\John\Downloads\beastformer.zip
2019-06-29 19:04 - 2019-07-01 14:32 - 000000000 ____D C:\Users\John\Desktop\Popcorn Darkbot V1.13.11beta22
2019-06-29 19:04 - 2019-06-29 19:04 - 001201064 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta22.zip
2019-06-29 01:44 - 2019-06-29 03:08 - 000000000 ____D C:\Users\John\Desktop\Popcorn Darkbot V1.13.11beta14
2019-06-29 01:43 - 2019-06-29 01:43 - 001198101 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta14.zip
2019-06-29 01:43 - 2019-06-29 01:43 - 001198101 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta14 (1).zip
2019-06-29 01:25 - 2019-07-12 14:32 - 000004428 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-06-29 01:24 - 2019-06-29 01:24 - 001207336 _____ (Adobe Inc) C:\Users\John\Downloads\flashplayer32pp_fa_install.exe
2019-06-28 23:35 - 2019-06-28 23:35 - 001528320 _____ (kernel-panik) C:\Users\John\Downloads\kprm_1.3.exe
2019-06-27 19:51 - 2019-06-27 19:51 - 000001003 _____ C:\Users\Public\Desktop\League of Legends.lnk
2019-06-27 19:50 - 2019-06-27 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2019-06-27 19:48 - 2019-06-27 19:48 - 098862144 _____ (Riot Games, Inc) C:\Users\John\Downloads\League%20of%20Legends%20installer%20NA.exe
2019-06-27 14:53 - 2019-06-27 14:52 - 000225816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-27 14:53 - 2019-06-27 14:52 - 000169112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-06-27 12:35 - 2019-06-27 12:35 - 000000000 ____D C:\Users\John\Desktop\dada
2019-06-26 11:50 - 2019-06-26 11:50 - 000000693 _____ C:\Users\Public\Desktop\Hextech Repair Tool.lnk
2019-06-26 11:49 - 2019-06-26 11:49 - 069902336 _____ C:\Users\John\Downloads\Hextech Repair Tool.msi
2019-06-26 11:46 - 2019-06-26 11:46 - 000002541 _____ C:\Users\John\Downloads\LOL_OPGG_Observer_2210294178_spectate.bat
2019-06-26 10:49 - 2019-06-26 10:49 - 000002545 _____ C:\Users\John\Downloads\LOL_OPGG_Observer_3717436160_replay.bat
2019-06-26 09:07 - 2019-06-26 09:07 - 000000076 _____ C:\Windows\system32\퐀െ
2019-06-24 21:52 - 2019-06-24 22:54 - 678873586 _____ C:\Users\John\Downloads\Bufo Alvarius (2017) ČR.mp4
2019-06-23 19:42 - 2019-06-23 19:42 - 000004446 _____ C:\Users\John\Downloads\2500.m3u8
2019-06-23 11:26 - 2019-07-12 14:32 - 000002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-06-22 22:09 - 2019-06-22 22:09 - 000875891 _____ C:\Users\John\Downloads\a24c6dada83097ef2eb6b38d4fe64aedc09fe61952237989333fd396a9d7284c.zip
2019-06-22 22:09 - 2019-06-22 22:09 - 000875765 _____ C:\Users\John\Downloads\flaggybird.apk
2019-06-19 13:34 - 2019-06-19 13:34 - 000003316 _____ C:\Users\John\Downloads\grafs.txt
2019-06-19 13:34 - 2019-06-19 13:34 - 000002412 _____ C:\Users\John\Downloads\amcharts.editor.html
2019-06-19 12:51 - 2019-06-19 12:51 - 000000897 _____ C:\Users\John\Desktop\desktop - Shortcut.lnk
2019-06-18 21:43 - 2019-06-18 21:43 - 000012202 _____ C:\Users\John\.bash_history
2019-06-17 15:29 - 2019-06-17 15:29 - 000021363 _____ C:\Users\John\Downloads\AdsManagerTemplate_v2.3_sk_SK.xltx
2019-06-17 15:24 - 2019-06-17 15:24 - 000024668 _____ C:\Users\John\Downloads\export_20190617_1524.csv
2019-06-17 15:23 - 2019-06-17 15:37 - 000024668 _____ C:\Users\John\Downloads\export.txt
2019-06-17 15:19 - 2019-06-17 15:21 - 000024512 _____ C:\Users\John\Downloads\export_20190617_1519.csv
2019-06-17 15:18 - 2019-06-17 15:18 - 000080728 _____ C:\Users\John\Downloads\export_20190617_1445.csv
2019-06-16 20:19 - 2019-06-16 20:19 - 000000000 ____D C:\Users\John\Downloads\VeraCrypt
2019-06-15 18:13 - 2019-06-15 18:13 - 004612343 _____ C:\Users\John\Downloads\forge-1.10.2-12.18.3.2185-installer-win.exe
2019-06-15 18:11 - 2019-06-15 18:11 - 003903829 _____ C:\Users\John\Downloads\Age+of+Engineering-1.1.2.zip
2019-06-15 14:56 - 2019-06-15 14:56 - 000001321 _____ C:\Users\John\Downloads\1.13.2-Aristois-Latest.zip
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-12 18:03 - 2017-02-03 16:18 - 000000000 ____D C:\FRST
2019-07-12 17:59 - 2018-02-01 00:19 - 000000000 ____D C:\Users\John\AppData\LocalLow\Mozilla
2019-07-12 15:54 - 2018-07-29 00:15 - 000000000 ____D C:\Users\John\AppData\Roaming\discord
2019-07-12 15:03 - 2016-06-13 14:01 - 000000000 ____D C:\Users\John\Documents\Visual Studio 2015
2019-07-12 14:53 - 2019-05-31 22:28 - 000001733 _____ C:\Users\John\Desktop\Co pozriet na aute
2019-07-12 14:38 - 2009-07-14 06:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-12 14:38 - 2009-07-14 06:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-12 14:36 - 2018-07-08 21:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-12 14:36 - 2016-10-21 15:21 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-07-12 14:36 - 2016-10-21 15:21 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-07-12 14:36 - 2016-10-21 15:21 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-07-12 14:36 - 2016-10-21 15:21 - 000000000 ____D C:\Windows\system32\Macromed
2019-07-12 14:36 - 2016-06-04 20:55 - 000000000 ____D C:\Users\John\AppData\Local\Adobe
2019-07-12 14:32 - 2019-02-15 21:50 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-07-12 14:32 - 2018-09-06 18:43 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-07-12 14:32 - 2016-06-22 19:24 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-07-12 13:57 - 2019-01-31 04:33 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2019-07-12 11:05 - 2018-06-28 20:47 - 000000000 ____D C:\Users\John\AppData\Local\LogMeIn Hamachi
2019-07-12 10:57 - 2017-03-06 06:53 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-07-12 10:54 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-12 02:32 - 2016-06-04 17:02 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-07-11 13:14 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-07-11 00:50 - 2016-06-05 18:45 - 000000000 ____D C:\Users\John\AppData\Roaming\TS3Client
2019-07-11 00:50 - 2016-06-04 17:49 - 000000000 ____D C:\Program Files (x86)\Steam
2019-07-10 15:01 - 2016-07-29 17:42 - 000000000 ____D C:\Users\John\AppData\Roaming\vlc
2019-07-10 15:01 - 2016-06-04 17:36 - 000000000 ____D C:\Users\John\AppData\Roaming\uTorrent
2019-07-10 14:44 - 2016-06-04 16:54 - 000000000 ____D C:\ProgramData\Package Cache
2019-07-10 13:14 - 2016-06-25 14:18 - 000000000 ____D C:\Program Files\Adobe
2019-07-10 12:51 - 2019-06-04 23:22 - 000000000 ____D C:\Users\John\AppData\Local\BitTorrentHelper
2019-07-09 20:18 - 2019-01-08 16:42 - 000034138 _____ C:\Users\John\AppData\Roaming\VoiceMeeterBananaDefault.xml
2019-07-09 10:02 - 2016-06-04 17:53 - 000000000 ____D C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-07-09 09:12 - 2018-11-01 10:47 - 000000000 __SHD C:\Users\Public\DRM
2019-07-07 22:07 - 2017-06-16 15:06 - 000007647 _____ C:\Users\John\AppData\Local\Resmon.ResmonCfg
2019-07-06 21:05 - 2019-02-01 11:44 - 000000000 ____D C:\Users\John\Desktop\runy
2019-07-06 21:00 - 2016-06-04 17:39 - 000000000 ___SD C:\Users\John\AppData\LocalLow\Temp
2019-07-06 16:57 - 2017-08-29 08:42 - 000000000 ____D C:\Users\John\AppData\Local\Sublime Text 3
2019-07-06 11:27 - 2016-09-21 22:26 - 000000000 ____D C:\Windows\pss
2019-07-06 11:27 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-07-06 11:27 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-07-06 08:07 - 2019-02-03 10:09 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-06 02:25 - 2018-07-19 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-07-05 12:17 - 2016-09-10 18:45 - 000000000 ____D C:\Program Files (x86)\Opera
2019-07-02 10:13 - 2017-02-21 17:47 - 000000000 ____D C:\Users\John\AppData\Roaming\obs-studio
2019-07-01 17:34 - 2016-06-04 20:55 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-07-01 17:30 - 2016-06-04 20:56 - 000000000 ____D C:\Users\John\AppData\Roaming\Adobe
2019-07-01 17:30 - 2016-06-04 20:55 - 000000000 ____D C:\ProgramData\Adobe
2019-07-01 08:55 - 2018-03-12 10:31 - 005069784 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-30 23:03 - 2018-03-11 15:57 - 000102224 _____ C:\Users\John\AppData\Local\GDIPFONTCACHEV1.DAT
2019-06-30 13:51 - 2017-06-12 12:19 - 000000000 ____D C:\Users\John\AppData\Roaming\VMware
2019-06-30 13:51 - 2017-06-12 12:19 - 000000000 ____D C:\Users\John\AppData\Local\VMware
2019-06-30 13:51 - 2016-07-12 10:05 - 000000000 ____D C:\Users\John\.VirtualBox
2019-06-29 12:06 - 2018-07-22 21:47 - 000000000 ____D C:\Users\John\Downloads\FRST-OlderVersion
2019-06-28 11:43 - 2019-04-12 05:45 - 000003732 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-06-28 11:43 - 2019-04-12 05:45 - 000003150 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-06-28 11:43 - 2018-03-23 11:25 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-06-27 23:19 - 2016-07-08 20:13 - 000000000 ____D C:\Users\John\AppData\Roaming\TeamViewer
2019-06-27 14:52 - 2019-01-14 16:28 - 000263224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-06-27 14:52 - 2019-01-05 12:29 - 000206056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-06-27 14:52 - 2019-01-05 12:29 - 000061688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-06-27 14:52 - 2018-10-20 02:00 - 000042504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-06-27 14:52 - 2017-11-16 17:05 - 000209256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 001030992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 000477288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 000387392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 000088160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-06-26 11:13 - 2018-02-06 00:34 - 000000000 ____D C:\Users\John\AppData\Roaming\.minecraft
2019-06-22 17:43 - 2018-11-13 18:31 - 000000000 ____D C:\Users\John\AppData\Local\Ubisoft Game Launcher
2019-06-22 00:24 - 2016-06-04 16:16 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-19 12:43 - 2016-06-16 20:58 - 000000000 ____D C:\folders shortcut
2019-06-18 21:43 - 2016-06-04 15:57 - 000000000 ____D C:\Users\John
2019-06-13 20:02 - 2016-06-04 20:55 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories ================
2018-12-26 12:13 - 2019-02-14 16:38 - 000000033 _____ () C:\Users\John\AppData\Roaming\AdobeWLCMCache.dat
2018-12-26 12:41 - 2018-12-27 15:25 - 000000028 _____ () C:\Users\John\AppData\Roaming\kulerdata.json
2019-01-08 16:42 - 2019-07-09 20:18 - 000034138 _____ () C:\Users\John\AppData\Roaming\VoiceMeeterBananaDefault.xml
2019-01-05 03:03 - 2019-01-06 18:26 - 000004634 _____ () C:\Users\John\AppData\Roaming\VoiceMeeterDefault.xml
2016-11-26 22:00 - 2017-09-23 21:52 - 000001480 _____ () C:\Users\John\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2017-01-06 04:05 - 2017-01-06 04:05 - 000003584 _____ () C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-06 09:27 - 2018-09-06 09:27 - 000001111 _____ () C:\Users\John\AppData\Local\gamma_ramp.reg
2018-01-29 00:40 - 2018-06-03 16:05 - 000000600 _____ () C:\Users\John\AppData\Local\PUTTY.RND
2018-07-27 14:26 - 2018-07-27 14:26 - 000000487 _____ () C:\Users\John\AppData\Local\ReclaiMe.config
2017-06-16 15:06 - 2019-07-07 22:07 - 000007647 _____ () C:\Users\John\AppData\Local\Resmon.ResmonCfg
2019-03-04 17:27 - 2019-03-04 17:27 - 000000003 _____ () C:\Users\John\AppData\Local\updater.log
2019-03-04 17:27 - 2019-03-04 17:27 - 000000425 _____ () C:\Users\John\AppData\Local\UserProducts.xml
==================== FLock ================
2017-10-28 00:09 C:\Windows\infpub.dat
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-07-02 09:57
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Procesor ide skoro na 100%
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Procesor ide skoro na 100%
- Přílohy
-
- Addition.rar
- (9.62 KiB) Staženo 53 x
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Procesor ide skoro na 100%
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Procesor ide skoro na 100%
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-12-2019
# Duration: 00:00:03
# OS: Windows 7 Home Premium
# Cleaned: 13
# Failed: 0
***** [ Services ] *****
Deleted Update service
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{09A0F42F-1160-4B6C-9D3B-37A15F60ECDA}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0E408BD1-9465-4B3D-A9D5-C206B8D82947}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{17EA89D8-514B-498B-B188-735661460E3F}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{65E495A2-A54D-4F0D-8864-1008FBD5B2A2}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B79F2B45-9C1D-4604-8FF4-5A73BEA0DE9A}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E505C01C-73B3-4674-8CFB-6732EEED1B97}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
Deleted http://search.conduit.com/?ctid=CT33218 ... 7BBE&SSPV=
Deleted http://www.istartsurf.com/?type=hp&ts=1 ... XXZ1D81TPZ
Deleted http://www.istartsurf.com/?type=hp&ts=1 ... XXZ1D81TPZ
Deleted http://www.istartsurf.com/?type=hp&ts=1 ... XXZ4Y3Y2NT
Deleted http://www.trovi.com/?gd=&ctid=CT332189 ... F073&SSPV=
Deleted http://www.trovi.com/?gd=&ctid=CT332189 ... F073&SSPV=
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3231 octets] - [12/07/2019 19:54:44]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-12-2019
# Duration: 00:00:03
# OS: Windows 7 Home Premium
# Cleaned: 13
# Failed: 0
***** [ Services ] *****
Deleted Update service
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{09A0F42F-1160-4B6C-9D3B-37A15F60ECDA}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0E408BD1-9465-4B3D-A9D5-C206B8D82947}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{17EA89D8-514B-498B-B188-735661460E3F}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{65E495A2-A54D-4F0D-8864-1008FBD5B2A2}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B79F2B45-9C1D-4604-8FF4-5A73BEA0DE9A}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E505C01C-73B3-4674-8CFB-6732EEED1B97}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
Deleted http://search.conduit.com/?ctid=CT33218 ... 7BBE&SSPV=
Deleted http://www.istartsurf.com/?type=hp&ts=1 ... XXZ1D81TPZ
Deleted http://www.istartsurf.com/?type=hp&ts=1 ... XXZ1D81TPZ
Deleted http://www.istartsurf.com/?type=hp&ts=1 ... XXZ4Y3Y2NT
Deleted http://www.trovi.com/?gd=&ctid=CT332189 ... F073&SSPV=
Deleted http://www.trovi.com/?gd=&ctid=CT332189 ... F073&SSPV=
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3231 octets] - [12/07/2019 19:54:44]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Procesor ide skoro na 100%
OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Procesor ide skoro na 100%
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2019
Ran by John (administrator) on JOHN-PC (13-07-2019 09:37:29)
Running from C:\Users\John\Downloads
Loaded Profiles: John (Available Profiles: John)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
() [File not signed] C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\SDK\CM_LibraryIO.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera_crashreporter.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Java\jre1.8.0_141\bin\javaw.exe
(SOKNO S.R.L. -> ) C:\Program Files (x86)\SpeedFan\speedfan.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-949114339-2066100574-2594248327-1000\...\Run: [BloodyToneMaker] => C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe [8555008 2017-10-16] () [File not signed]
HKU\S-1-5-21-949114339-2066100574-2594248327-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-949114339-2066100574-2594248327-1000\...\Run: [AvastBrowserAutoLaunch_D39FDF68DE73058B395809CCEB6C0150] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-949114339-2066100574-2594248327-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_pepper.exe [1452600 2019-06-29] (Adobe Inc. -> Adobe)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1456448 2017-03-01] (Image Line -> HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2017-12-22] (Beepa P/L) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-22] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.80\Installer\chrmstp.exe [2019-06-28] (AVAST Software s.r.o. -> AVAST Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A9D12E3-3DCF-40E3-80B9-803013CD2C22} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {20F2855A-9B28-4022-99B6-36E4DB6293AE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-06] (Piriform Ltd -> Piriform Ltd)
Task: {77064960-AE74-4218-80A6-5D2E16039A6D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
Task: {8D7E6AF0-44BB-402D-8C2C-A835EF2CFD2D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
Task: {9124367A-90C1-401F-99FD-79EA7552AA01} - System32\Tasks\AdobeGCInvoker-1.0-John-PC-John => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {9D6C3930-F621-4296-A748-5865083AD527} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {A30993DD-B4C8-45A6-B8B7-83DDFCF1B0D1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B1D77E51-7D67-444E-B3F5-61FD2F00823D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_pepper.exe [1452600 2019-06-29] (Adobe Inc. -> Adobe)
Task: {B7A4BB3A-B24E-42D8-9830-1D21197540A8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {EBC23B6F-5E09-43B9-A2B5-964A74F04CFA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {F5D2FE26-6C34-457B-A652-1E96E58C6E01} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {FE05E3C4-0EEA-458C-9464-41A491FBEE03} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-12] (Adobe Inc. -> Adobe)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{54287F57-F62E-4A77-887F-98CFD53339ED}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B1477436-BDB7-43DB-8368-4FEBFCEBABA8}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-25] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll [2005-09-23] (Microsoft Corporation) [File not signed]
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: dpdx1dpi.default
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default [2019-07-13]
FF NetworkProxy: Mozilla\Firefox\Profiles\dpdx1dpi.default -> backup.ftp", "127.0.0.1"
FF Extension: (Flash Debugger) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\@flash_debugger.xpi [2019-07-01]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\sp@avast.com.xpi [2019-01-23]
FF Extension: (Avast Online Security) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\wrc@avast.com.xpi [2018-07-17]
FF Extension: (Video DownloadHelper) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-07-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-12] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.co ... google.com"
CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default [2019-07-12]
CHR Extension: (Google Drive) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-04]
CHR Extension: (YouTube) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-04]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2019-07-03]
CHR Extension: (Slither.io Skins, Mods, Hack & Guide) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\dggomkijbihggjgcgdbnleolpleddaid [2016-06-12]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-15]
CHR Extension: (DarkOrbit SID Login) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgkcmijdllamjcbfeeheebbphpnbmbco [2019-07-01]
CHR Extension: (Avast Online Security) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-01]
CHR Extension: (Stream Video Downloader) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\imkngaibigegepnlckfcbecjoilcjbhf [2019-04-01]
CHR Extension: (Chromebook Recovery Utility) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2019-02-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-07-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-23]
CHR HKU\S-1-5-21-949114339-2066100574-2594248327-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (AdBlock) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-09-10]
OPR Extension: (Nimbus Screenshot & Screen Video Recorder) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\gjpihpkhgfngnbhhfdehlcmgfahbciip [2018-05-08]
OPR Extension: (Twitch Now) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\hiahmjdojdodmjjhhddegdnhcpjmokmo [2018-02-20]
OPR Extension: (Scripter) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\hpochgedhgonjnpbepkbnkkibkjigknc [2018-04-19]
OPR Extension: (Direct Currency Converter) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\jionklhcihkojemcnabgmdahckalngcl [2019-06-05]
OPR Extension: (Quasimodo) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbioggfbkfijplhkfhaedclnadjdcbnn [2018-07-05]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-02-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [499592 2019-03-27] (Advanced Micro Devices, Inc. -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-23] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [423288 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-23] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.80\elevation_service.exe [978720 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8577760 2019-05-08] (BattlEye Innovations e.K. -> )
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-05-30] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803456 2019-07-06] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S4 ewserver; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [191664 2018-02-26] (Trace Software International -> )
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S4 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [File not signed]
S3 impi_hydra; C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe [880296 2018-02-26] (Intel(R) Software Development Products -> Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
S4 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] (Razer USA Ltd. -> )
S4 RemoteSolverDispatcher; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe [264704 2018-02-26] (Mentor Graphics Corporation -> Mentor Graphics Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2018-05-27] (SolidWorks) [File not signed]
S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
S4 SWVisualize2018.BoostService; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe [59280 2018-02-26] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
S4 SWVisualize2018.Queue.Server; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe [24976 2018-02-26] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11446104 2019-04-24] (TeamViewer GmbH -> TeamViewer GmbH)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14346680 2018-05-11] (VMware, Inc. -> )
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation -> Microsoft Corporation)
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe [30720 2018-03-18] (Apache Software Foundation) [File not signed]
S3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.2.14\bin\mysqld.exe [14550440 2018-03-26] (MariaDB Corporation Ab -> )
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe [39551488 2017-12-28] () [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [52879752 2019-03-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [581512 2019-03-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [130536 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [395752 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [209256 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [263224 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206056 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61688 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42504 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169112 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [549416 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030992 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477288 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225816 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [387392 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.5.1\dbk64.sys [94040 2016-05-19] (Cheat Engine -> )
R3 CMUAC; C:\Windows\System32\DRIVERS\Headset6400x1.SYS [386560 2013-10-03] (C-MEDIA ELECTRONICS INC. -> A4Tech Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-06-04] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-06-04] (Disc Soft Ltd -> Disc Soft Ltd)
R3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [66728 2016-07-06] (NTONYX Ltd. -> Eugene V. Muzychenko)
R0 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [10265032 2018-03-17] (FACE IT LIMITED -> )
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [32384 2018-05-03] (Sony Mobile Communications AB -> Sony Mobile Communications)
S3 libusbK; C:\Windows\System32\DRIVERS\libusbK.sys [47200 2018-07-23] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S4 RsFx0310; C:\Windows\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [51224 2016-05-12] (Razer USA Ltd. -> Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer Inc. -> Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer Inc. -> Razer, Inc.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [40664 2015-02-03] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-05-04] (Apple, Inc.) [File not signed]
R3 VBAudioVMAUXVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmauxvaio64_win7.sys [41192 2019-01-06] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2019-01-05] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [213080 2018-06-29] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [222872 2018-06-29] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135768 2016-06-28] (Oracle Corporation -> Oracle Corporation)
R1 vmkbd3; C:\Windows\System32\DRIVERS\vmkbd.sys [52288 2018-05-11] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [93248 2017-09-05] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 wovad_micarray; C:\Windows\System32\drivers\womic.sys [35696 2017-11-25] (Beijing Wolicheng Technology Co., Ltd. -> Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-13 09:36 - 2019-07-13 09:37 - 000000000 ____D C:\Users\John\Desktop\rstasdf
2019-07-12 19:54 - 2019-07-12 19:55 - 000000000 ____D C:\AdwCleaner
2019-07-12 19:54 - 2019-07-12 19:54 - 007025360 _____ (Malwarebytes) C:\Users\John\Downloads\AdwCleaner.exe
2019-07-12 18:02 - 2019-07-12 18:02 - 002095104 _____ (Farbar) C:\Users\John\Downloads\FRST64.exe
2019-07-12 15:29 - 2019-07-12 15:29 - 000214846 _____ C:\Users\John\Downloads\curlpp-0.8.1 (1).zip
2019-07-12 15:09 - 2019-07-12 15:09 - 000214846 _____ C:\Users\John\Downloads\curlpp-0.8.1.zip
2019-07-12 14:54 - 2019-07-12 14:54 - 000000153 _____ C:\Users\John\Desktop\takt bisnis
2019-07-12 14:36 - 2019-07-12 14:36 - 000004416 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-12 14:33 - 2019-07-12 14:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-12 11:27 - 2019-07-12 11:27 - 000012666 _____ C:\Users\John\Downloads\GGModule.java
2019-07-11 13:14 - 2019-07-11 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-07-11 13:13 - 2019-06-27 14:52 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-07-11 13:12 - 2019-07-11 13:12 - 000549416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2019-07-11 13:12 - 2019-07-11 13:12 - 000038152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys
2019-07-10 16:09 - 2019-07-10 16:09 - 000026185 _____ C:\Users\John\Desktop\nastavnie.txt
2019-07-10 13:01 - 2019-07-10 13:01 - 000000000 ____D C:\Users\John\AppData\Local\Tempzxpsign8116301db2c8f574
2019-07-10 12:47 - 2019-07-10 12:47 - 000000000 ____D C:\Users\John\AppData\Local\Tempzxpsignd534ccc90a41cb79
2019-07-10 12:43 - 2019-07-10 12:43 - 000000000 ____D C:\Users\John\AppData\Local\Tempzxpsign23f218f613a06efe
2019-07-09 09:16 - 2019-07-09 09:16 - 007227870 _____ C:\Users\John\Downloads\launch4j-3.12-win32.exe
2019-07-07 22:30 - 2019-07-07 22:30 - 000000000 ____D C:\Users\John\AppData\Local\www.coderbag.com
2019-07-07 22:29 - 2019-07-07 22:29 - 000000738 _____ C:\Users\Public\Desktop\QuickCPU.lnk
2019-07-07 22:29 - 2019-07-07 22:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickCPU
2019-07-07 22:04 - 2019-06-12 18:30 - 000000000 ____D C:\Users\John\Desktop\Rust 2019 FPS Pack By Panj
2019-07-07 22:00 - 2019-07-07 22:00 - 002123105 _____ C:\Users\John\Downloads\Rust 2019 FPS Pack By Panj.rar
2019-07-07 11:39 - 2019-07-12 12:45 - 000000000 ____D C:\Users\John\Desktop\Popcorn Darkbot V1.13.11beta31
2019-07-07 11:38 - 2019-07-07 11:38 - 001214443 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta31.zip
2019-07-07 11:12 - 2019-07-07 11:12 - 000016113 _____ C:\Users\John\Downloads\document.pdf
2019-07-07 10:56 - 2019-07-07 10:56 - 000399348 _____ C:\Users\John\Downloads\DPD_cenník služieb medzinárodná preprava_2019 (1).pdf
2019-07-07 09:46 - 2019-07-12 14:32 - 000003454 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-John-PC-John
2019-07-06 22:59 - 2019-07-06 23:23 - 127056647 _____ C:\Users\John\Downloads\Videohive 11266469 - 140 Flash FX Elements V3.rar.opdownload
2019-07-06 12:21 - 2019-07-06 12:21 - 000000000 ____D C:\Users\John\AppData\Local\GameAnalytics
2019-07-05 12:17 - 2019-07-05 12:17 - 000001080 _____ C:\Users\Public\Desktop\Opera Browser.lnk
2019-07-03 14:56 - 2019-07-03 14:56 - 001214297 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta27.zip
2019-07-03 14:56 - 2019-07-03 14:56 - 000000000 ____D C:\Users\John\Desktop\Popcorn Darkbot V1.13.11beta27
2019-07-01 17:30 - 2019-07-01 17:33 - 000000000 ____D C:\Program Files (x86)\swiftwire
2019-07-01 17:30 - 2019-07-01 17:30 - 000000000 ____D C:\Users\John\AppData\Roaming\SWFWireDebugger
2019-07-01 10:55 - 2019-07-01 10:55 - 000001249 _____ C:\Users\John\Downloads\settings.ini
2019-07-01 10:39 - 2019-07-01 10:39 - 000202752 _____ () C:\Users\John\Downloads\Corvus.exe
2019-07-01 10:09 - 2019-07-01 10:09 - 000120523 _____ C:\Users\John\Downloads\report_5cfe96194f656_5cfe96194f6a4.pdf
2019-06-30 19:32 - 2019-06-30 19:32 - 000012789 _____ C:\Users\John\Downloads\beastformer.zip
2019-06-29 19:04 - 2019-07-01 14:32 - 000000000 ____D C:\Users\John\Desktop\Popcorn Darkbot V1.13.11beta22
2019-06-29 19:04 - 2019-06-29 19:04 - 001201064 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta22.zip
2019-06-29 01:44 - 2019-06-29 03:08 - 000000000 ____D C:\Users\John\Desktop\Popcorn Darkbot V1.13.11beta14
2019-06-29 01:43 - 2019-06-29 01:43 - 001198101 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta14.zip
2019-06-29 01:43 - 2019-06-29 01:43 - 001198101 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta14 (1).zip
2019-06-29 01:25 - 2019-07-12 14:32 - 000004428 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-06-29 01:24 - 2019-06-29 01:24 - 001207336 _____ (Adobe Inc) C:\Users\John\Downloads\flashplayer32pp_fa_install.exe
2019-06-28 23:35 - 2019-06-28 23:35 - 001528320 _____ (kernel-panik) C:\Users\John\Downloads\kprm_1.3.exe
2019-06-27 19:51 - 2019-06-27 19:51 - 000001003 _____ C:\Users\Public\Desktop\League of Legends.lnk
2019-06-27 19:50 - 2019-06-27 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2019-06-27 19:48 - 2019-06-27 19:48 - 098862144 _____ (Riot Games, Inc) C:\Users\John\Downloads\League%20of%20Legends%20installer%20NA.exe
2019-06-27 14:53 - 2019-06-27 14:52 - 000225816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-27 14:53 - 2019-06-27 14:52 - 000169112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-06-27 12:35 - 2019-06-27 12:35 - 000000000 ____D C:\Users\John\Desktop\dada
2019-06-26 11:50 - 2019-06-26 11:50 - 000000693 _____ C:\Users\Public\Desktop\Hextech Repair Tool.lnk
2019-06-26 11:49 - 2019-06-26 11:49 - 069902336 _____ C:\Users\John\Downloads\Hextech Repair Tool.msi
2019-06-26 11:46 - 2019-06-26 11:46 - 000002541 _____ C:\Users\John\Downloads\LOL_OPGG_Observer_2210294178_spectate.bat
2019-06-26 10:49 - 2019-06-26 10:49 - 000002545 _____ C:\Users\John\Downloads\LOL_OPGG_Observer_3717436160_replay.bat
2019-06-26 09:07 - 2019-06-26 09:07 - 000000076 _____ C:\Windows\system32\퐀െ
2019-06-24 21:52 - 2019-06-24 22:54 - 678873586 _____ C:\Users\John\Downloads\Bufo Alvarius (2017) ČR.mp4
2019-06-23 19:42 - 2019-06-23 19:42 - 000004446 _____ C:\Users\John\Downloads\2500.m3u8
2019-06-23 11:26 - 2019-07-12 14:32 - 000002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-06-22 22:09 - 2019-06-22 22:09 - 000875891 _____ C:\Users\John\Downloads\a24c6dada83097ef2eb6b38d4fe64aedc09fe61952237989333fd396a9d7284c.zip
2019-06-22 22:09 - 2019-06-22 22:09 - 000875765 _____ C:\Users\John\Downloads\flaggybird.apk
2019-06-19 13:34 - 2019-06-19 13:34 - 000003316 _____ C:\Users\John\Downloads\grafs.txt
2019-06-19 13:34 - 2019-06-19 13:34 - 000002412 _____ C:\Users\John\Downloads\amcharts.editor.html
2019-06-19 12:51 - 2019-06-19 12:51 - 000000897 _____ C:\Users\John\Desktop\desktop - Shortcut.lnk
2019-06-18 21:43 - 2019-06-18 21:43 - 000012202 _____ C:\Users\John\.bash_history
2019-06-17 15:29 - 2019-06-17 15:29 - 000021363 _____ C:\Users\John\Downloads\AdsManagerTemplate_v2.3_sk_SK.xltx
2019-06-17 15:24 - 2019-06-17 15:24 - 000024668 _____ C:\Users\John\Downloads\export_20190617_1524.csv
2019-06-17 15:23 - 2019-06-17 15:37 - 000024668 _____ C:\Users\John\Downloads\export.txt
2019-06-17 15:19 - 2019-06-17 15:21 - 000024512 _____ C:\Users\John\Downloads\export_20190617_1519.csv
2019-06-17 15:18 - 2019-06-17 15:18 - 000080728 _____ C:\Users\John\Downloads\export_20190617_1445.csv
2019-06-16 20:19 - 2019-06-16 20:19 - 000000000 ____D C:\Users\John\Downloads\VeraCrypt
2019-06-15 18:13 - 2019-06-15 18:13 - 004612343 _____ C:\Users\John\Downloads\forge-1.10.2-12.18.3.2185-installer-win.exe
2019-06-15 18:11 - 2019-06-15 18:11 - 003903829 _____ C:\Users\John\Downloads\Age+of+Engineering-1.1.2.zip
2019-06-15 14:56 - 2019-06-15 14:56 - 000001321 _____ C:\Users\John\Downloads\1.13.2-Aristois-Latest.zip
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-13 09:40 - 2018-05-27 14:28 - 000029324 _____ C:\Users\John\Downloads\FRST.txt
2019-07-13 09:37 - 2017-02-03 16:18 - 000000000 ____D C:\FRST
2019-07-12 17:59 - 2018-02-01 00:19 - 000000000 ____D C:\Users\John\AppData\LocalLow\Mozilla
2019-07-12 15:54 - 2018-07-29 00:15 - 000000000 ____D C:\Users\John\AppData\Roaming\discord
2019-07-12 15:03 - 2016-06-13 14:01 - 000000000 ____D C:\Users\John\Documents\Visual Studio 2015
2019-07-12 14:53 - 2019-05-31 22:28 - 000001733 _____ C:\Users\John\Desktop\Co pozriet na aute
2019-07-12 14:38 - 2009-07-14 06:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-12 14:38 - 2009-07-14 06:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-12 14:36 - 2018-07-08 21:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-12 14:36 - 2016-10-21 15:21 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-07-12 14:36 - 2016-10-21 15:21 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-07-12 14:36 - 2016-10-21 15:21 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-07-12 14:36 - 2016-10-21 15:21 - 000000000 ____D C:\Windows\system32\Macromed
2019-07-12 14:36 - 2016-06-04 20:55 - 000000000 ____D C:\Users\John\AppData\Local\Adobe
2019-07-12 14:32 - 2019-02-15 21:50 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-07-12 14:32 - 2018-09-06 18:43 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-07-12 14:32 - 2016-06-22 19:24 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-07-12 13:57 - 2019-01-31 04:33 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2019-07-12 11:05 - 2018-06-28 20:47 - 000000000 ____D C:\Users\John\AppData\Local\LogMeIn Hamachi
2019-07-12 10:57 - 2017-03-06 06:53 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-07-12 10:54 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-12 02:32 - 2016-06-04 17:02 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-07-11 13:14 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-07-11 00:50 - 2016-06-05 18:45 - 000000000 ____D C:\Users\John\AppData\Roaming\TS3Client
2019-07-11 00:50 - 2016-06-04 17:49 - 000000000 ____D C:\Program Files (x86)\Steam
2019-07-10 15:01 - 2016-07-29 17:42 - 000000000 ____D C:\Users\John\AppData\Roaming\vlc
2019-07-10 15:01 - 2016-06-04 17:36 - 000000000 ____D C:\Users\John\AppData\Roaming\uTorrent
2019-07-10 14:44 - 2016-06-04 16:54 - 000000000 ____D C:\ProgramData\Package Cache
2019-07-10 13:14 - 2016-06-25 14:18 - 000000000 ____D C:\Program Files\Adobe
2019-07-10 12:51 - 2019-06-04 23:22 - 000000000 ____D C:\Users\John\AppData\Local\BitTorrentHelper
2019-07-09 20:18 - 2019-01-08 16:42 - 000034138 _____ C:\Users\John\AppData\Roaming\VoiceMeeterBananaDefault.xml
2019-07-09 10:02 - 2016-06-04 17:53 - 000000000 ____D C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-07-09 09:12 - 2018-11-01 10:47 - 000000000 __SHD C:\Users\Public\DRM
2019-07-07 22:07 - 2017-06-16 15:06 - 000007647 _____ C:\Users\John\AppData\Local\Resmon.ResmonCfg
2019-07-06 21:05 - 2019-02-01 11:44 - 000000000 ____D C:\Users\John\Desktop\runy
2019-07-06 21:00 - 2016-06-04 17:39 - 000000000 ___SD C:\Users\John\AppData\LocalLow\Temp
2019-07-06 16:57 - 2017-08-29 08:42 - 000000000 ____D C:\Users\John\AppData\Local\Sublime Text 3
2019-07-06 11:27 - 2016-09-21 22:26 - 000000000 ____D C:\Windows\pss
2019-07-06 11:27 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-07-06 11:27 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-07-06 08:07 - 2019-02-03 10:09 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-06 02:25 - 2018-07-19 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-07-05 12:17 - 2016-09-10 18:45 - 000000000 ____D C:\Program Files (x86)\Opera
2019-07-02 10:13 - 2017-02-21 17:47 - 000000000 ____D C:\Users\John\AppData\Roaming\obs-studio
2019-07-01 17:34 - 2016-06-04 20:55 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-07-01 17:30 - 2016-06-04 20:56 - 000000000 ____D C:\Users\John\AppData\Roaming\Adobe
2019-07-01 17:30 - 2016-06-04 20:55 - 000000000 ____D C:\ProgramData\Adobe
2019-07-01 08:55 - 2018-03-12 10:31 - 005069784 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-30 23:03 - 2018-03-11 15:57 - 000102224 _____ C:\Users\John\AppData\Local\GDIPFONTCACHEV1.DAT
2019-06-30 13:51 - 2017-06-12 12:19 - 000000000 ____D C:\Users\John\AppData\Roaming\VMware
2019-06-30 13:51 - 2017-06-12 12:19 - 000000000 ____D C:\Users\John\AppData\Local\VMware
2019-06-30 13:51 - 2016-07-12 10:05 - 000000000 ____D C:\Users\John\.VirtualBox
2019-06-29 12:06 - 2018-07-22 21:47 - 000000000 ____D C:\Users\John\Downloads\FRST-OlderVersion
2019-06-28 11:43 - 2019-04-12 05:45 - 000003732 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-06-28 11:43 - 2019-04-12 05:45 - 000003150 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-06-28 11:43 - 2018-03-23 11:25 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-06-27 23:19 - 2016-07-08 20:13 - 000000000 ____D C:\Users\John\AppData\Roaming\TeamViewer
2019-06-27 14:52 - 2019-01-14 16:28 - 000263224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-06-27 14:52 - 2019-01-05 12:29 - 000206056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-06-27 14:52 - 2019-01-05 12:29 - 000061688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-06-27 14:52 - 2018-10-20 02:00 - 000042504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-06-27 14:52 - 2017-11-16 17:05 - 000209256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 001030992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 000477288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 000387392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 000088160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-06-26 11:13 - 2018-02-06 00:34 - 000000000 ____D C:\Users\John\AppData\Roaming\.minecraft
2019-06-22 17:43 - 2018-11-13 18:31 - 000000000 ____D C:\Users\John\AppData\Local\Ubisoft Game Launcher
2019-06-22 00:24 - 2016-06-04 16:16 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-19 12:43 - 2016-06-16 20:58 - 000000000 ____D C:\folders shortcut
2019-06-18 21:43 - 2016-06-04 15:57 - 000000000 ____D C:\Users\John
2019-06-13 20:02 - 2016-06-04 20:55 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories ================
2018-12-26 12:13 - 2019-02-14 16:38 - 000000033 _____ () C:\Users\John\AppData\Roaming\AdobeWLCMCache.dat
2018-12-26 12:41 - 2018-12-27 15:25 - 000000028 _____ () C:\Users\John\AppData\Roaming\kulerdata.json
2019-01-08 16:42 - 2019-07-09 20:18 - 000034138 _____ () C:\Users\John\AppData\Roaming\VoiceMeeterBananaDefault.xml
2019-01-05 03:03 - 2019-01-06 18:26 - 000004634 _____ () C:\Users\John\AppData\Roaming\VoiceMeeterDefault.xml
2016-11-26 22:00 - 2017-09-23 21:52 - 000001480 _____ () C:\Users\John\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2017-01-06 04:05 - 2017-01-06 04:05 - 000003584 _____ () C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-06 09:27 - 2018-09-06 09:27 - 000001111 _____ () C:\Users\John\AppData\Local\gamma_ramp.reg
2018-01-29 00:40 - 2018-06-03 16:05 - 000000600 _____ () C:\Users\John\AppData\Local\PUTTY.RND
2018-07-27 14:26 - 2018-07-27 14:26 - 000000487 _____ () C:\Users\John\AppData\Local\ReclaiMe.config
2017-06-16 15:06 - 2019-07-07 22:07 - 000007647 _____ () C:\Users\John\AppData\Local\Resmon.ResmonCfg
2019-03-04 17:27 - 2019-03-04 17:27 - 000000003 _____ () C:\Users\John\AppData\Local\updater.log
2019-03-04 17:27 - 2019-03-04 17:27 - 000000425 _____ () C:\Users\John\AppData\Local\UserProducts.xml
==================== FLock ================
2017-10-28 00:09 C:\Windows\infpub.dat
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-07-02 09:57
==================== End of FRST.txt ============================
Ran by John (administrator) on JOHN-PC (13-07-2019 09:37:29)
Running from C:\Users\John\Downloads
Loaded Profiles: John (Available Profiles: John)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
() [File not signed] C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\SDK\CM_LibraryIO.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera_crashreporter.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Java\jre1.8.0_141\bin\javaw.exe
(SOKNO S.R.L. -> ) C:\Program Files (x86)\SpeedFan\speedfan.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-949114339-2066100574-2594248327-1000\...\Run: [BloodyToneMaker] => C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe [8555008 2017-10-16] () [File not signed]
HKU\S-1-5-21-949114339-2066100574-2594248327-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-949114339-2066100574-2594248327-1000\...\Run: [AvastBrowserAutoLaunch_D39FDF68DE73058B395809CCEB6C0150] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-949114339-2066100574-2594248327-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_pepper.exe [1452600 2019-06-29] (Adobe Inc. -> Adobe)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1456448 2017-03-01] (Image Line -> HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2017-12-22] (Beepa P/L) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-22] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.80\Installer\chrmstp.exe [2019-06-28] (AVAST Software s.r.o. -> AVAST Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A9D12E3-3DCF-40E3-80B9-803013CD2C22} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {20F2855A-9B28-4022-99B6-36E4DB6293AE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-06] (Piriform Ltd -> Piriform Ltd)
Task: {77064960-AE74-4218-80A6-5D2E16039A6D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
Task: {8D7E6AF0-44BB-402D-8C2C-A835EF2CFD2D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
Task: {9124367A-90C1-401F-99FD-79EA7552AA01} - System32\Tasks\AdobeGCInvoker-1.0-John-PC-John => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {9D6C3930-F621-4296-A748-5865083AD527} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {A30993DD-B4C8-45A6-B8B7-83DDFCF1B0D1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B1D77E51-7D67-444E-B3F5-61FD2F00823D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_pepper.exe [1452600 2019-06-29] (Adobe Inc. -> Adobe)
Task: {B7A4BB3A-B24E-42D8-9830-1D21197540A8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {EBC23B6F-5E09-43B9-A2B5-964A74F04CFA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {F5D2FE26-6C34-457B-A652-1E96E58C6E01} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {FE05E3C4-0EEA-458C-9464-41A491FBEE03} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-12] (Adobe Inc. -> Adobe)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{54287F57-F62E-4A77-887F-98CFD53339ED}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B1477436-BDB7-43DB-8368-4FEBFCEBABA8}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-25] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll [2005-09-23] (Microsoft Corporation) [File not signed]
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: dpdx1dpi.default
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default [2019-07-13]
FF NetworkProxy: Mozilla\Firefox\Profiles\dpdx1dpi.default -> backup.ftp", "127.0.0.1"
FF Extension: (Flash Debugger) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\@flash_debugger.xpi [2019-07-01]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\sp@avast.com.xpi [2019-01-23]
FF Extension: (Avast Online Security) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\wrc@avast.com.xpi [2018-07-17]
FF Extension: (Video DownloadHelper) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-07-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-12] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.co ... google.com"
CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default [2019-07-12]
CHR Extension: (Google Drive) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-04]
CHR Extension: (YouTube) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-04]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2019-07-03]
CHR Extension: (Slither.io Skins, Mods, Hack & Guide) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\dggomkijbihggjgcgdbnleolpleddaid [2016-06-12]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-15]
CHR Extension: (DarkOrbit SID Login) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgkcmijdllamjcbfeeheebbphpnbmbco [2019-07-01]
CHR Extension: (Avast Online Security) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-01]
CHR Extension: (Stream Video Downloader) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\imkngaibigegepnlckfcbecjoilcjbhf [2019-04-01]
CHR Extension: (Chromebook Recovery Utility) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2019-02-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-07-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-23]
CHR HKU\S-1-5-21-949114339-2066100574-2594248327-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (AdBlock) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-09-10]
OPR Extension: (Nimbus Screenshot & Screen Video Recorder) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\gjpihpkhgfngnbhhfdehlcmgfahbciip [2018-05-08]
OPR Extension: (Twitch Now) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\hiahmjdojdodmjjhhddegdnhcpjmokmo [2018-02-20]
OPR Extension: (Scripter) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\hpochgedhgonjnpbepkbnkkibkjigknc [2018-04-19]
OPR Extension: (Direct Currency Converter) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\jionklhcihkojemcnabgmdahckalngcl [2019-06-05]
OPR Extension: (Quasimodo) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbioggfbkfijplhkfhaedclnadjdcbnn [2018-07-05]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-02-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [499592 2019-03-27] (Advanced Micro Devices, Inc. -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-23] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [423288 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-23] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.80\elevation_service.exe [978720 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8577760 2019-05-08] (BattlEye Innovations e.K. -> )
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-05-30] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803456 2019-07-06] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S4 ewserver; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [191664 2018-02-26] (Trace Software International -> )
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S4 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [File not signed]
S3 impi_hydra; C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe [880296 2018-02-26] (Intel(R) Software Development Products -> Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
S4 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] (Razer USA Ltd. -> )
S4 RemoteSolverDispatcher; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe [264704 2018-02-26] (Mentor Graphics Corporation -> Mentor Graphics Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2018-05-27] (SolidWorks) [File not signed]
S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
S4 SWVisualize2018.BoostService; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe [59280 2018-02-26] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
S4 SWVisualize2018.Queue.Server; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe [24976 2018-02-26] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11446104 2019-04-24] (TeamViewer GmbH -> TeamViewer GmbH)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14346680 2018-05-11] (VMware, Inc. -> )
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation -> Microsoft Corporation)
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe [30720 2018-03-18] (Apache Software Foundation) [File not signed]
S3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.2.14\bin\mysqld.exe [14550440 2018-03-26] (MariaDB Corporation Ab -> )
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe [39551488 2017-12-28] () [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [52879752 2019-03-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [581512 2019-03-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [130536 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [395752 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [209256 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [263224 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206056 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61688 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42504 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169112 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [549416 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030992 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477288 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225816 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [387392 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.5.1\dbk64.sys [94040 2016-05-19] (Cheat Engine -> )
R3 CMUAC; C:\Windows\System32\DRIVERS\Headset6400x1.SYS [386560 2013-10-03] (C-MEDIA ELECTRONICS INC. -> A4Tech Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-06-04] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-06-04] (Disc Soft Ltd -> Disc Soft Ltd)
R3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [66728 2016-07-06] (NTONYX Ltd. -> Eugene V. Muzychenko)
R0 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [10265032 2018-03-17] (FACE IT LIMITED -> )
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [32384 2018-05-03] (Sony Mobile Communications AB -> Sony Mobile Communications)
S3 libusbK; C:\Windows\System32\DRIVERS\libusbK.sys [47200 2018-07-23] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S4 RsFx0310; C:\Windows\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [51224 2016-05-12] (Razer USA Ltd. -> Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer Inc. -> Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer Inc. -> Razer, Inc.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [40664 2015-02-03] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-05-04] (Apple, Inc.) [File not signed]
R3 VBAudioVMAUXVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmauxvaio64_win7.sys [41192 2019-01-06] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2019-01-05] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [213080 2018-06-29] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [222872 2018-06-29] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135768 2016-06-28] (Oracle Corporation -> Oracle Corporation)
R1 vmkbd3; C:\Windows\System32\DRIVERS\vmkbd.sys [52288 2018-05-11] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [93248 2017-09-05] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 wovad_micarray; C:\Windows\System32\drivers\womic.sys [35696 2017-11-25] (Beijing Wolicheng Technology Co., Ltd. -> Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-13 09:36 - 2019-07-13 09:37 - 000000000 ____D C:\Users\John\Desktop\rstasdf
2019-07-12 19:54 - 2019-07-12 19:55 - 000000000 ____D C:\AdwCleaner
2019-07-12 19:54 - 2019-07-12 19:54 - 007025360 _____ (Malwarebytes) C:\Users\John\Downloads\AdwCleaner.exe
2019-07-12 18:02 - 2019-07-12 18:02 - 002095104 _____ (Farbar) C:\Users\John\Downloads\FRST64.exe
2019-07-12 15:29 - 2019-07-12 15:29 - 000214846 _____ C:\Users\John\Downloads\curlpp-0.8.1 (1).zip
2019-07-12 15:09 - 2019-07-12 15:09 - 000214846 _____ C:\Users\John\Downloads\curlpp-0.8.1.zip
2019-07-12 14:54 - 2019-07-12 14:54 - 000000153 _____ C:\Users\John\Desktop\takt bisnis
2019-07-12 14:36 - 2019-07-12 14:36 - 000004416 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-12 14:33 - 2019-07-12 14:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-12 11:27 - 2019-07-12 11:27 - 000012666 _____ C:\Users\John\Downloads\GGModule.java
2019-07-11 13:14 - 2019-07-11 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-07-11 13:13 - 2019-06-27 14:52 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-07-11 13:12 - 2019-07-11 13:12 - 000549416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2019-07-11 13:12 - 2019-07-11 13:12 - 000038152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys
2019-07-10 16:09 - 2019-07-10 16:09 - 000026185 _____ C:\Users\John\Desktop\nastavnie.txt
2019-07-10 13:01 - 2019-07-10 13:01 - 000000000 ____D C:\Users\John\AppData\Local\Tempzxpsign8116301db2c8f574
2019-07-10 12:47 - 2019-07-10 12:47 - 000000000 ____D C:\Users\John\AppData\Local\Tempzxpsignd534ccc90a41cb79
2019-07-10 12:43 - 2019-07-10 12:43 - 000000000 ____D C:\Users\John\AppData\Local\Tempzxpsign23f218f613a06efe
2019-07-09 09:16 - 2019-07-09 09:16 - 007227870 _____ C:\Users\John\Downloads\launch4j-3.12-win32.exe
2019-07-07 22:30 - 2019-07-07 22:30 - 000000000 ____D C:\Users\John\AppData\Local\www.coderbag.com
2019-07-07 22:29 - 2019-07-07 22:29 - 000000738 _____ C:\Users\Public\Desktop\QuickCPU.lnk
2019-07-07 22:29 - 2019-07-07 22:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickCPU
2019-07-07 22:04 - 2019-06-12 18:30 - 000000000 ____D C:\Users\John\Desktop\Rust 2019 FPS Pack By Panj
2019-07-07 22:00 - 2019-07-07 22:00 - 002123105 _____ C:\Users\John\Downloads\Rust 2019 FPS Pack By Panj.rar
2019-07-07 11:39 - 2019-07-12 12:45 - 000000000 ____D C:\Users\John\Desktop\Popcorn Darkbot V1.13.11beta31
2019-07-07 11:38 - 2019-07-07 11:38 - 001214443 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta31.zip
2019-07-07 11:12 - 2019-07-07 11:12 - 000016113 _____ C:\Users\John\Downloads\document.pdf
2019-07-07 10:56 - 2019-07-07 10:56 - 000399348 _____ C:\Users\John\Downloads\DPD_cenník služieb medzinárodná preprava_2019 (1).pdf
2019-07-07 09:46 - 2019-07-12 14:32 - 000003454 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-John-PC-John
2019-07-06 22:59 - 2019-07-06 23:23 - 127056647 _____ C:\Users\John\Downloads\Videohive 11266469 - 140 Flash FX Elements V3.rar.opdownload
2019-07-06 12:21 - 2019-07-06 12:21 - 000000000 ____D C:\Users\John\AppData\Local\GameAnalytics
2019-07-05 12:17 - 2019-07-05 12:17 - 000001080 _____ C:\Users\Public\Desktop\Opera Browser.lnk
2019-07-03 14:56 - 2019-07-03 14:56 - 001214297 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta27.zip
2019-07-03 14:56 - 2019-07-03 14:56 - 000000000 ____D C:\Users\John\Desktop\Popcorn Darkbot V1.13.11beta27
2019-07-01 17:30 - 2019-07-01 17:33 - 000000000 ____D C:\Program Files (x86)\swiftwire
2019-07-01 17:30 - 2019-07-01 17:30 - 000000000 ____D C:\Users\John\AppData\Roaming\SWFWireDebugger
2019-07-01 10:55 - 2019-07-01 10:55 - 000001249 _____ C:\Users\John\Downloads\settings.ini
2019-07-01 10:39 - 2019-07-01 10:39 - 000202752 _____ () C:\Users\John\Downloads\Corvus.exe
2019-07-01 10:09 - 2019-07-01 10:09 - 000120523 _____ C:\Users\John\Downloads\report_5cfe96194f656_5cfe96194f6a4.pdf
2019-06-30 19:32 - 2019-06-30 19:32 - 000012789 _____ C:\Users\John\Downloads\beastformer.zip
2019-06-29 19:04 - 2019-07-01 14:32 - 000000000 ____D C:\Users\John\Desktop\Popcorn Darkbot V1.13.11beta22
2019-06-29 19:04 - 2019-06-29 19:04 - 001201064 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta22.zip
2019-06-29 01:44 - 2019-06-29 03:08 - 000000000 ____D C:\Users\John\Desktop\Popcorn Darkbot V1.13.11beta14
2019-06-29 01:43 - 2019-06-29 01:43 - 001198101 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta14.zip
2019-06-29 01:43 - 2019-06-29 01:43 - 001198101 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta14 (1).zip
2019-06-29 01:25 - 2019-07-12 14:32 - 000004428 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-06-29 01:24 - 2019-06-29 01:24 - 001207336 _____ (Adobe Inc) C:\Users\John\Downloads\flashplayer32pp_fa_install.exe
2019-06-28 23:35 - 2019-06-28 23:35 - 001528320 _____ (kernel-panik) C:\Users\John\Downloads\kprm_1.3.exe
2019-06-27 19:51 - 2019-06-27 19:51 - 000001003 _____ C:\Users\Public\Desktop\League of Legends.lnk
2019-06-27 19:50 - 2019-06-27 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2019-06-27 19:48 - 2019-06-27 19:48 - 098862144 _____ (Riot Games, Inc) C:\Users\John\Downloads\League%20of%20Legends%20installer%20NA.exe
2019-06-27 14:53 - 2019-06-27 14:52 - 000225816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-27 14:53 - 2019-06-27 14:52 - 000169112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-06-27 12:35 - 2019-06-27 12:35 - 000000000 ____D C:\Users\John\Desktop\dada
2019-06-26 11:50 - 2019-06-26 11:50 - 000000693 _____ C:\Users\Public\Desktop\Hextech Repair Tool.lnk
2019-06-26 11:49 - 2019-06-26 11:49 - 069902336 _____ C:\Users\John\Downloads\Hextech Repair Tool.msi
2019-06-26 11:46 - 2019-06-26 11:46 - 000002541 _____ C:\Users\John\Downloads\LOL_OPGG_Observer_2210294178_spectate.bat
2019-06-26 10:49 - 2019-06-26 10:49 - 000002545 _____ C:\Users\John\Downloads\LOL_OPGG_Observer_3717436160_replay.bat
2019-06-26 09:07 - 2019-06-26 09:07 - 000000076 _____ C:\Windows\system32\퐀െ
2019-06-24 21:52 - 2019-06-24 22:54 - 678873586 _____ C:\Users\John\Downloads\Bufo Alvarius (2017) ČR.mp4
2019-06-23 19:42 - 2019-06-23 19:42 - 000004446 _____ C:\Users\John\Downloads\2500.m3u8
2019-06-23 11:26 - 2019-07-12 14:32 - 000002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-06-22 22:09 - 2019-06-22 22:09 - 000875891 _____ C:\Users\John\Downloads\a24c6dada83097ef2eb6b38d4fe64aedc09fe61952237989333fd396a9d7284c.zip
2019-06-22 22:09 - 2019-06-22 22:09 - 000875765 _____ C:\Users\John\Downloads\flaggybird.apk
2019-06-19 13:34 - 2019-06-19 13:34 - 000003316 _____ C:\Users\John\Downloads\grafs.txt
2019-06-19 13:34 - 2019-06-19 13:34 - 000002412 _____ C:\Users\John\Downloads\amcharts.editor.html
2019-06-19 12:51 - 2019-06-19 12:51 - 000000897 _____ C:\Users\John\Desktop\desktop - Shortcut.lnk
2019-06-18 21:43 - 2019-06-18 21:43 - 000012202 _____ C:\Users\John\.bash_history
2019-06-17 15:29 - 2019-06-17 15:29 - 000021363 _____ C:\Users\John\Downloads\AdsManagerTemplate_v2.3_sk_SK.xltx
2019-06-17 15:24 - 2019-06-17 15:24 - 000024668 _____ C:\Users\John\Downloads\export_20190617_1524.csv
2019-06-17 15:23 - 2019-06-17 15:37 - 000024668 _____ C:\Users\John\Downloads\export.txt
2019-06-17 15:19 - 2019-06-17 15:21 - 000024512 _____ C:\Users\John\Downloads\export_20190617_1519.csv
2019-06-17 15:18 - 2019-06-17 15:18 - 000080728 _____ C:\Users\John\Downloads\export_20190617_1445.csv
2019-06-16 20:19 - 2019-06-16 20:19 - 000000000 ____D C:\Users\John\Downloads\VeraCrypt
2019-06-15 18:13 - 2019-06-15 18:13 - 004612343 _____ C:\Users\John\Downloads\forge-1.10.2-12.18.3.2185-installer-win.exe
2019-06-15 18:11 - 2019-06-15 18:11 - 003903829 _____ C:\Users\John\Downloads\Age+of+Engineering-1.1.2.zip
2019-06-15 14:56 - 2019-06-15 14:56 - 000001321 _____ C:\Users\John\Downloads\1.13.2-Aristois-Latest.zip
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-13 09:40 - 2018-05-27 14:28 - 000029324 _____ C:\Users\John\Downloads\FRST.txt
2019-07-13 09:37 - 2017-02-03 16:18 - 000000000 ____D C:\FRST
2019-07-12 17:59 - 2018-02-01 00:19 - 000000000 ____D C:\Users\John\AppData\LocalLow\Mozilla
2019-07-12 15:54 - 2018-07-29 00:15 - 000000000 ____D C:\Users\John\AppData\Roaming\discord
2019-07-12 15:03 - 2016-06-13 14:01 - 000000000 ____D C:\Users\John\Documents\Visual Studio 2015
2019-07-12 14:53 - 2019-05-31 22:28 - 000001733 _____ C:\Users\John\Desktop\Co pozriet na aute
2019-07-12 14:38 - 2009-07-14 06:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-12 14:38 - 2009-07-14 06:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-12 14:36 - 2018-07-08 21:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-12 14:36 - 2016-10-21 15:21 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-07-12 14:36 - 2016-10-21 15:21 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-07-12 14:36 - 2016-10-21 15:21 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-07-12 14:36 - 2016-10-21 15:21 - 000000000 ____D C:\Windows\system32\Macromed
2019-07-12 14:36 - 2016-06-04 20:55 - 000000000 ____D C:\Users\John\AppData\Local\Adobe
2019-07-12 14:32 - 2019-02-15 21:50 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-07-12 14:32 - 2018-09-06 18:43 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-07-12 14:32 - 2016-06-22 19:24 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-07-12 13:57 - 2019-01-31 04:33 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2019-07-12 11:05 - 2018-06-28 20:47 - 000000000 ____D C:\Users\John\AppData\Local\LogMeIn Hamachi
2019-07-12 10:57 - 2017-03-06 06:53 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-07-12 10:54 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-12 02:32 - 2016-06-04 17:02 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-07-11 13:14 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-07-11 00:50 - 2016-06-05 18:45 - 000000000 ____D C:\Users\John\AppData\Roaming\TS3Client
2019-07-11 00:50 - 2016-06-04 17:49 - 000000000 ____D C:\Program Files (x86)\Steam
2019-07-10 15:01 - 2016-07-29 17:42 - 000000000 ____D C:\Users\John\AppData\Roaming\vlc
2019-07-10 15:01 - 2016-06-04 17:36 - 000000000 ____D C:\Users\John\AppData\Roaming\uTorrent
2019-07-10 14:44 - 2016-06-04 16:54 - 000000000 ____D C:\ProgramData\Package Cache
2019-07-10 13:14 - 2016-06-25 14:18 - 000000000 ____D C:\Program Files\Adobe
2019-07-10 12:51 - 2019-06-04 23:22 - 000000000 ____D C:\Users\John\AppData\Local\BitTorrentHelper
2019-07-09 20:18 - 2019-01-08 16:42 - 000034138 _____ C:\Users\John\AppData\Roaming\VoiceMeeterBananaDefault.xml
2019-07-09 10:02 - 2016-06-04 17:53 - 000000000 ____D C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-07-09 09:12 - 2018-11-01 10:47 - 000000000 __SHD C:\Users\Public\DRM
2019-07-07 22:07 - 2017-06-16 15:06 - 000007647 _____ C:\Users\John\AppData\Local\Resmon.ResmonCfg
2019-07-06 21:05 - 2019-02-01 11:44 - 000000000 ____D C:\Users\John\Desktop\runy
2019-07-06 21:00 - 2016-06-04 17:39 - 000000000 ___SD C:\Users\John\AppData\LocalLow\Temp
2019-07-06 16:57 - 2017-08-29 08:42 - 000000000 ____D C:\Users\John\AppData\Local\Sublime Text 3
2019-07-06 11:27 - 2016-09-21 22:26 - 000000000 ____D C:\Windows\pss
2019-07-06 11:27 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-07-06 11:27 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-07-06 08:07 - 2019-02-03 10:09 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-06 02:25 - 2018-07-19 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-07-05 12:17 - 2016-09-10 18:45 - 000000000 ____D C:\Program Files (x86)\Opera
2019-07-02 10:13 - 2017-02-21 17:47 - 000000000 ____D C:\Users\John\AppData\Roaming\obs-studio
2019-07-01 17:34 - 2016-06-04 20:55 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-07-01 17:30 - 2016-06-04 20:56 - 000000000 ____D C:\Users\John\AppData\Roaming\Adobe
2019-07-01 17:30 - 2016-06-04 20:55 - 000000000 ____D C:\ProgramData\Adobe
2019-07-01 08:55 - 2018-03-12 10:31 - 005069784 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-30 23:03 - 2018-03-11 15:57 - 000102224 _____ C:\Users\John\AppData\Local\GDIPFONTCACHEV1.DAT
2019-06-30 13:51 - 2017-06-12 12:19 - 000000000 ____D C:\Users\John\AppData\Roaming\VMware
2019-06-30 13:51 - 2017-06-12 12:19 - 000000000 ____D C:\Users\John\AppData\Local\VMware
2019-06-30 13:51 - 2016-07-12 10:05 - 000000000 ____D C:\Users\John\.VirtualBox
2019-06-29 12:06 - 2018-07-22 21:47 - 000000000 ____D C:\Users\John\Downloads\FRST-OlderVersion
2019-06-28 11:43 - 2019-04-12 05:45 - 000003732 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-06-28 11:43 - 2019-04-12 05:45 - 000003150 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-06-28 11:43 - 2018-03-23 11:25 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-06-27 23:19 - 2016-07-08 20:13 - 000000000 ____D C:\Users\John\AppData\Roaming\TeamViewer
2019-06-27 14:52 - 2019-01-14 16:28 - 000263224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-06-27 14:52 - 2019-01-05 12:29 - 000206056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-06-27 14:52 - 2019-01-05 12:29 - 000061688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-06-27 14:52 - 2018-10-20 02:00 - 000042504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-06-27 14:52 - 2017-11-16 17:05 - 000209256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 001030992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 000477288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 000387392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 000088160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-06-26 11:13 - 2018-02-06 00:34 - 000000000 ____D C:\Users\John\AppData\Roaming\.minecraft
2019-06-22 17:43 - 2018-11-13 18:31 - 000000000 ____D C:\Users\John\AppData\Local\Ubisoft Game Launcher
2019-06-22 00:24 - 2016-06-04 16:16 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-19 12:43 - 2016-06-16 20:58 - 000000000 ____D C:\folders shortcut
2019-06-18 21:43 - 2016-06-04 15:57 - 000000000 ____D C:\Users\John
2019-06-13 20:02 - 2016-06-04 20:55 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories ================
2018-12-26 12:13 - 2019-02-14 16:38 - 000000033 _____ () C:\Users\John\AppData\Roaming\AdobeWLCMCache.dat
2018-12-26 12:41 - 2018-12-27 15:25 - 000000028 _____ () C:\Users\John\AppData\Roaming\kulerdata.json
2019-01-08 16:42 - 2019-07-09 20:18 - 000034138 _____ () C:\Users\John\AppData\Roaming\VoiceMeeterBananaDefault.xml
2019-01-05 03:03 - 2019-01-06 18:26 - 000004634 _____ () C:\Users\John\AppData\Roaming\VoiceMeeterDefault.xml
2016-11-26 22:00 - 2017-09-23 21:52 - 000001480 _____ () C:\Users\John\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2017-01-06 04:05 - 2017-01-06 04:05 - 000003584 _____ () C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-06 09:27 - 2018-09-06 09:27 - 000001111 _____ () C:\Users\John\AppData\Local\gamma_ramp.reg
2018-01-29 00:40 - 2018-06-03 16:05 - 000000600 _____ () C:\Users\John\AppData\Local\PUTTY.RND
2018-07-27 14:26 - 2018-07-27 14:26 - 000000487 _____ () C:\Users\John\AppData\Local\ReclaiMe.config
2017-06-16 15:06 - 2019-07-07 22:07 - 000007647 _____ () C:\Users\John\AppData\Local\Resmon.ResmonCfg
2019-03-04 17:27 - 2019-03-04 17:27 - 000000003 _____ () C:\Users\John\AppData\Local\updater.log
2019-03-04 17:27 - 2019-03-04 17:27 - 000000425 _____ () C:\Users\John\AppData\Local\UserProducts.xml
==================== FLock ================
2017-10-28 00:09 C:\Windows\infpub.dat
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-07-02 09:57
==================== End of FRST.txt ============================
- Přílohy
-
- Addition.rar
- (45.77 KiB) Staženo 61 x
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Procesor ide skoro na 100%
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\John\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {F5D2FE26-6C34-457B-A652-1E96E58C6E01} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
C:\Users\John\AppData\Local\Tempzxpsign8116301db2c8f574
C:\Users\John\AppData\Local\Tempzxpsignd534ccc90a41cb79
C:\Users\John\AppData\Local\Tempzxpsign23f218f613a06efe
C:\Windows\system32\퐀െ
C:\Users\John\AppData\LocalLow\Temp
C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
AlternateDataStreams: C:\Users\Public\DRM:احتضان [48]
FirewallRules: [TCP Query User{5226ADAC-6FAA-41E7-B770-208A682DCA19}C:\folders shortcut\downloads 2\anydesk (1).exe] => (Allow) C:\folders shortcut\downloads 2\anydesk (1).exe No File
FirewallRules: [UDP Query User{733B039C-7736-4043-98CC-0CAABC6F58AB}C:\folders shortcut\downloads 2\anydesk (1).exe] => (Allow) C:\folders shortcut\downloads 2\anydesk (1).exe No File
FirewallRules: [{2BD2A10B-4619-43F6-8742-16FE0CEEC6C9}] => (Block) C:\folders shortcut\downloads 2\anydesk (1).exe No File
FirewallRules: [{6C77169E-C246-4364-829F-72D370B00328}] => (Block) C:\folders shortcut\downloads 2\anydesk (1).exe No File
Hosts:
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?