Dobrý den, může mi prosím někdo poradit se zavirovaným počítačem? Nemůžu se už nějakou dobu dostat do emailu a do některých aplikací (hry, programy) a navíc jsem zjistil že je na mě napojený nějaký neznámý účet. Když jsem řešil problém s chrome_elf.dll (nejdou kvůli tomu spustit nějaké aplikace) narazil jsem na neznámý účet který tento soubor ovládá (přiložené foto). Potřeboval bych poradit jak počítač pročistit a vše opravit. Děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by Tom78 (administrator) on STROJ (ASUS All Series) (18-07-2019 21:26:47)
Running from C:\Users\Tom78\Desktop
Loaded Profiles: Tom78 (Available Profiles: Tom78)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe
(A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(MPC-HC Team) [File not signed] C:\Program Files\Combined Community Codec Pack 64bit\MPC\mpc-hc64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Opera Software AS -> Opera Software) C:\Users\Tom78\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Tom78\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Tom78\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Tom78\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Tom78\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Tom78\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Tom78\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Tom78\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Tom78\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Tom78\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Tom78\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Tom78\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Tom78\AppData\Local\Programs\Opera\62.0.3331.72\opera_crashreporter.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-11-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Winlogon: [Shell] c:\windows\system32\explorer.exe [2616320 2017-06-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\Run: [BloodyKeyboard] => C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe [11374080 2017-11-02] () [File not signed]
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [16442096 2018-07-20] (A FOUR TECH CO., LTD. -> )
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-18] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-18] (On2.com) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-18] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0DA61B7B-4010-4682-A6B6-79107AE7F5BE} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {14AC9ED5-16D1-440E-80F7-2831842C07BE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1CE3C2ED-DD67-4E9F-84A2-42AFFFD6C3AB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {2EA62DBA-A4B1-45D8-9C35-6F39CB8BCB48} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {30C84C42-22D2-4D32-9883-21C60CF3C137} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {35CB327F-6E9E-4873-9EBD-2E148F87CCBA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-10] (Adobe Inc. -> Adobe)
Task: {5AA301E4-AD64-4B3C-AEAA-DEFB1A0498AE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-10] (Adobe Inc. -> Adobe)
Task: {67DC3216-99AD-47FE-AC88-EA2B7944CBC5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6BF9A69D-C5CE-4ECA-991F-A5EE7234A1D6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6C92F902-187A-4398-9BEE-903B7D923BD3} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
Task: {81E2514D-5420-4D16-91FF-78B9027A7499} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {83640DE0-F799-4646-A817-2B7774271A77} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A81FFF11-86E8-4DFE-A437-9A77957E25A6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-11-20] (Piriform Ltd -> Piriform Ltd)
Task: {AD79FC5C-F5A7-4B2C-8D49-4854FE1DCB67} - System32\Tasks\Opera scheduled Autoupdate 1561384036 => C:\Users\Tom78\AppData\Local\Programs\Opera\launcher.exe [1519640 2019-07-11] (Opera Software AS -> Opera Software)
Task: {BFA9E04A-7707-41A3-90AA-90BFB8BC5C80} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3788144 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C15291D0-0646-4389-8945-1FF047B0D0B1} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C3B0B22A-67C2-4563-BAD1-7D4B80586525} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-10] (Adobe Inc. -> Adobe)
Task: {CAB67667-24A7-4D34-8DAC-DA5EE79C7F6E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-18] (Google Inc -> Google LLC)
Task: {D41C3A75-4D42-4AB1-B670-7E43E0D790A7} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E168FA3D-060D-44FB-83EE-10F7A0B83CED} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F0531922-22F4-4231-BAE6-CF86DB2ECDFE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-18] (Google Inc -> Google LLC)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 185.73.101.1 8.8.4.4
Tcpip\..\Interfaces\{3E23E901-49BD-4232-B46C-DCEB20E89345}: [DhcpNameServer] 82.99.143.180 8.8.4.4
Tcpip\..\Interfaces\{54FFDA33-F641-4D2B-8030-41EF90A57627}: [DhcpNameServer] 185.73.101.1 8.8.4.4
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FireFox:
========
FF DefaultProfile: 0xsqg3cl.default
FF ProfilePath: C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\0xsqg3cl.default [2019-07-18]
FF Session Restore: Mozilla\Firefox\Profiles\0xsqg3cl.default -> is enabled.
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\0xsqg3cl.default\Extensions\sp@avast.com.xpi [2019-06-28]
FF Extension: (uBlock Origin) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\0xsqg3cl.default\Extensions\uBlock0@raymondhill.net.xpi [2019-07-09]
FF Extension: (Avast Online Security) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\0xsqg3cl.default\Extensions\wrc@avast.com.xpi [2019-07-13]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-10] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-10] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-07-18] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-07-18] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default [2019-07-18]
CHR Extension: (Prezentace) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-24]
CHR Extension: (Dokumenty) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-24]
CHR Extension: (Disk Google) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-24]
CHR Extension: (YouTube) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-24]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-24]
CHR Extension: (Tabulky) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-06-24]
CHR Extension: (Avast Online Security) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-06-24]
CHR Extension: (uBlock Plus Adblocker) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\oofnbdifeelbaidfgpikinijekkjcicg [2019-06-24]
CHR Extension: (Gmail) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-24]
CHR Extension: (Chrome Media Router) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-24]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\Tom78\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2019-06-24]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-05-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-06-12] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7170632 2019-06-12] (GOG Sp. z o.o. -> GOG.com)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-10-16] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-21] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37320 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [209256 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [263224 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206056 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61688 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279336 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42504 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169112 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030992 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477288 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225816 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [387392 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R3 AX88179; C:\Windows\System32\DRIVERS\ax88179_178a.sys [84960 2017-06-13] (Microsoft Windows Hardware Compatibility Publisher -> ASIX Electronics Corp.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2016-12-02] (Disc Soft Ltd -> Disc Soft Ltd)
S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Microsoft Windows -> Intel Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2016-11-08] (Martin Malik - REALiX -> REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31712 2016-11-11] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199760 2016-12-20] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2018-12-19] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-06-13] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] (Intel(R) Code Signing External -> )
S3 Ser2pl; C:\Windows\System32\DRIVERS\ser2pl64.sys [227248 2017-10-30] (WDKTestCert charles-yeh,131345514351795974 -> Prolific Technology Inc.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2017-04-22] (Disc Soft Ltd -> Duplex Secure Ltd.)
U3 axkb2rrk; C:\Windows\System32\Drivers\axkb2rrk.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-18 21:26 - 2019-07-18 21:27 - 000023703 _____ C:\Users\Tom78\Desktop\FRST.txt
2019-07-18 21:26 - 2019-07-18 21:26 - 000000000 ____D C:\FRST
2019-07-18 21:25 - 2019-07-18 21:25 - 002095104 _____ (Farbar) C:\Users\Tom78\Desktop\FRST64.exe
2019-07-18 17:51 - 2019-07-18 21:10 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-07-18 17:51 - 2019-07-18 21:10 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-07-18 17:51 - 2019-07-18 17:51 - 000002302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-18 17:51 - 2019-07-18 17:51 - 000002261 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-07-16 02:22 - 2019-07-16 02:22 - 000000000 ____D C:\Users\Tom78\Documents\TPFSM
2019-07-16 02:18 - 2019-07-16 02:18 - 000000769 _____ C:\Users\Tom78\Desktop\Transport Fever.lnk
2019-07-16 02:18 - 2019-07-16 02:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2019-07-15 17:57 - 2019-07-15 17:57 - 000000931 _____ C:\Users\Tom78\Desktop\SOVIET.lnk
2019-07-14 20:51 - 2019-07-14 20:51 - 000001012 _____ C:\Users\Tom78\Desktop\SUPERNATURAL (Lovci Duchů).lnk
2019-07-13 14:42 - 2019-07-13 14:42 - 000001123 _____ C:\Users\Public\Desktop\Workers Resources Soviet Republic.lnk
2019-07-13 14:42 - 2019-07-13 14:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Workers Resources Soviet Republic
2019-07-13 11:49 - 2019-07-13 11:48 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-07-13 11:49 - 2019-07-13 11:48 - 000225816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-07-13 11:49 - 2019-07-13 11:48 - 000169112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-07-11 00:15 - 2019-07-18 00:09 - 000001373 _____ C:\Users\Tom78\Desktop\Settlers_online_X.txt
2019-07-05 00:59 - 2019-07-05 00:59 - 000001354 _____ C:\Users\Public\Desktop\Apowersoft Video Konvertor.lnk
2019-07-05 00:59 - 2019-07-05 00:59 - 000000000 ____D C:\usr
2019-07-05 00:59 - 2019-07-05 00:59 - 000000000 ____D C:\Users\Tom78\Documents\Apowersoft
2019-07-05 00:59 - 2019-07-05 00:59 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\Apowersoft
2019-07-05 00:59 - 2019-07-05 00:59 - 000000000 ____D C:\Users\Tom78\AppData\Local\Apowersoft
2019-07-05 00:59 - 2019-07-05 00:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2019-07-05 00:59 - 2018-12-19 21:44 - 000370424 _____ (Riverbed Technology, Inc.) C:\Windows\system32\wpcap.dll
2019-07-05 00:59 - 2018-12-19 21:44 - 000282360 _____ (Riverbed Technology, Inc.) C:\Windows\SysWOW64\wpcap.dll
2019-07-05 00:59 - 2018-12-19 21:44 - 000107768 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Packet.dll
2019-07-05 00:59 - 2018-12-19 21:44 - 000098040 _____ (Riverbed Technology, Inc.) C:\Windows\SysWOW64\Packet.dll
2019-07-05 00:59 - 2018-12-19 21:44 - 000053299 _____ C:\Windows\SysWOW64\pthreadVC.dll
2019-07-05 00:59 - 2018-12-19 21:44 - 000036600 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Drivers\npf.sys
2019-07-05 00:58 - 2019-07-05 00:59 - 000000000 ____D C:\ProgramData\Apowersoft
2019-07-05 00:58 - 2019-07-05 00:58 - 000000000 ____D C:\Program Files (x86)\Apowersoft
2019-06-26 14:29 - 2019-06-26 14:29 - 000000000 ____D C:\chrome_cache
2019-06-24 21:50 - 2019-06-24 21:57 - 000000000 ____D C:\Users\Tom78\AppData\Local\Thunderbird
2019-06-24 21:50 - 2019-06-24 21:50 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\Thunderbird
2019-06-24 15:47 - 2019-06-26 01:39 - 000004042 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1561384036
2019-06-24 15:47 - 2019-06-25 15:23 - 000001356 _____ C:\Users\Tom78\Desktop\Prohlížeč Opera.lnk
2019-06-24 15:47 - 2019-06-24 15:47 - 000001282 _____ C:\Users\Tom78\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-06-24 15:47 - 2019-06-24 15:47 - 000000000 ____D C:\Users\Tom78\AppData\Local\Opera Software
2019-06-24 15:46 - 2019-06-24 15:46 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\Opera Software
2019-06-19 23:25 - 2019-07-10 15:32 - 038595778 _____ C:\Users\Tom78\AppData\Roaming\gta5_patch.bin
2019-06-19 23:25 - 2019-06-19 23:25 - 000332800 _____ C:\Users\Tom78\AppData\Roaming\patcher.dll
2019-06-19 22:08 - 2019-06-19 22:08 - 000000656 _____ C:\Users\Tom78\Desktop\YouTube – zástupce.lnk
2019-06-18 18:08 - 2019-06-18 18:08 - 000001070 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-06-18 18:03 - 2019-06-18 18:03 - 000002085 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-06-18 18:03 - 2019-06-18 18:03 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\AVAST Software
2019-06-18 18:03 - 2019-06-18 18:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-06-18 18:02 - 2019-07-13 11:49 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-06-18 18:02 - 2019-07-13 11:48 - 001030992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-06-18 18:02 - 2019-07-13 11:48 - 000477288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-06-18 18:02 - 2019-07-13 11:48 - 000387392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-06-18 18:02 - 2019-07-13 11:48 - 000279336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-06-18 18:02 - 2019-07-13 11:48 - 000263224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-06-18 18:02 - 2019-07-13 11:48 - 000209256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-06-18 18:02 - 2019-07-13 11:48 - 000206056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-06-18 18:02 - 2019-07-13 11:48 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-06-18 18:02 - 2019-07-13 11:48 - 000088160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-06-18 18:02 - 2019-07-13 11:48 - 000061688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-06-18 18:02 - 2019-07-13 11:48 - 000042504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-06-18 18:02 - 2019-07-13 11:48 - 000037320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-06-18 18:01 - 2019-06-18 18:01 - 000000000 ____D C:\Program Files\AVAST Software
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-18 21:16 - 2009-07-14 06:45 - 000021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-18 21:16 - 2009-07-14 06:45 - 000021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-18 21:10 - 2019-06-05 17:43 - 000003704 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-18 21:10 - 2019-06-05 17:43 - 000003704 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-18 21:10 - 2019-06-05 17:43 - 000003704 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-18 21:10 - 2019-06-05 17:43 - 000003704 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-18 21:10 - 2018-11-20 18:48 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-07-18 21:10 - 2018-08-23 20:18 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-18 21:10 - 2018-08-23 20:18 - 000003940 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-18 21:10 - 2018-08-23 20:18 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-18 21:10 - 2018-08-23 20:18 - 000003790 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-18 21:10 - 2018-03-01 20:55 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-07-18 21:10 - 2018-02-14 12:32 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-18 21:10 - 2018-02-14 12:32 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-18 21:10 - 2016-11-06 23:54 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-07-18 17:51 - 2017-10-04 15:46 - 000000000 ____D C:\Program Files (x86)\Google
2019-07-18 14:48 - 2017-11-08 14:20 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-18 14:46 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-18 00:12 - 2018-09-10 15:27 - 000000000 ____D C:\Users\Tom78\AppData\LocalLow\Mozilla
2019-07-16 02:38 - 2018-10-18 14:48 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\Transport Fever
2019-07-16 02:18 - 2016-12-05 17:23 - 000000000 ____D C:\Windows\SysWOW64\directx
2019-07-16 02:08 - 2016-12-04 15:14 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\uTorrent
2019-07-15 16:52 - 2017-11-16 23:05 - 000000000 ____D C:\Program Files (x86)\Steam
2019-07-15 01:00 - 2019-03-15 23:36 - 000000000 ____D C:\Users\Tom78\AppData\Local\CrashDumps
2019-07-12 13:31 - 2016-12-31 13:53 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\vlc
2019-07-11 15:30 - 2017-11-09 22:20 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\obs-studio
2019-07-10 19:14 - 2019-06-05 13:28 - 000000000 ____D C:\Users\Tom78\AppData\Local\ElevatedDiagnostics
2019-07-10 14:27 - 2017-11-08 14:20 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-07-10 02:38 - 2018-03-01 20:55 - 000004536 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-07-10 02:38 - 2017-06-30 22:59 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-07-10 02:38 - 2017-06-30 22:59 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-07-10 02:38 - 2016-11-07 03:54 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-07-10 02:38 - 2016-11-07 03:54 - 000000000 ____D C:\Windows\system32\Macromed
2019-07-10 01:38 - 2018-03-13 15:15 - 000004524 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-09 15:14 - 2017-11-08 14:18 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-07-09 15:13 - 2017-11-08 14:17 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-07-09 15:13 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-07-05 23:45 - 2016-11-17 23:20 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2019-07-05 01:00 - 2017-11-08 14:27 - 000000000 ____D C:\Users\Tom78\AppData\Local\NVIDIA
2019-06-28 15:01 - 2019-06-08 13:28 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-06-24 15:40 - 2017-10-18 23:32 - 000000000 ____D C:\Users\Tom78\AppData\Local\Google
2019-06-24 14:06 - 2016-12-24 01:19 - 000000000 ____D C:\Users\Tom78\Desktop\Progr
2019-06-22 02:15 - 2019-03-04 19:26 - 000000000 ____D C:\Users\Tom78\Desktop\Plocha2
2019-06-22 00:41 - 2011-04-12 10:34 - 000668542 _____ C:\Windows\system32\perfh005.dat
2019-06-22 00:41 - 2011-04-12 10:34 - 000141202 _____ C:\Windows\system32\perfc005.dat
2019-06-22 00:41 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-19 16:12 - 2016-11-08 20:00 - 000007645 _____ C:\Users\Tom78\AppData\Local\Resmon.ResmonCfg
2019-06-18 18:10 - 2016-11-06 23:17 - 000000000 ____D C:\Program Files\WinRAR
2019-06-18 18:07 - 2016-11-22 00:39 - 000000000 ____D C:\Program Files\IrfanView
2019-06-18 18:07 - 2016-11-06 23:17 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-18 18:07 - 2016-11-06 23:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-18 18:03 - 2018-06-21 14:14 - 000000000 ____D C:\Users\Tom78\AppData\Local\AVAST Software
2019-06-18 18:01 - 2016-11-06 23:52 - 000000000 ____D C:\ProgramData\AVAST Software
2019-06-18 17:48 - 2019-06-15 21:14 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\TS3Client
2019-06-18 10:59 - 2018-08-23 20:18 - 002785776 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2019-06-18 10:59 - 2018-08-23 20:18 - 002164080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2019-06-18 10:59 - 2018-08-23 20:18 - 001316664 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2019-06-18 10:56 - 2017-11-03 23:28 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
==================== Files in the root of some directories ================
2019-06-19 23:25 - 2019-07-10 15:32 - 038595778 _____ () C:\Users\Tom78\AppData\Roaming\gta5_patch.bin
2019-06-19 23:25 - 2019-06-19 23:25 - 000332800 _____ () C:\Users\Tom78\AppData\Roaming\patcher.dll
2016-11-08 20:00 - 2019-06-19 16:12 - 000007645 _____ () C:\Users\Tom78\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-07-13 01:05
==================== End of FRST.txt ============================
-----------------------------------------------------------------------------------------------------------------
------------------------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------------------------------
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by Tom78 (18-07-2019 21:27:37)
Running from C:\Users\Tom78\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-11-06 21:06:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4101578857-3757837661-3053645589-500 - Administrator - Disabled)
Guest (S-1-5-21-4101578857-3757837661-3053645589-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4101578857-3757837661-3053645589-1002 - Limited - Enabled)
Tom78 (S-1-5-21-4101578857-3757837661-3053645589-1000 - Administrator - Enabled) => C:\Users\Tom78
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
Acronis Disk Director (HKLM-x32\...\{AE372858-B1BD-49EF-8308-648322846008}) (Version: 12.0.3223 - Acronis)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
Aktualizace NVIDIA 37.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 37.0.0.0 - NVIDIA Corporation) Hidden
Apowersoft Video Konvertor V4.8.2 (HKLM-x32\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.8.2 - APOWERSOFT LIMITED)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 18.07.0009 - Bloody)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Disney Princezna - Kouzelná cesta (HKLM-x32\...\{E375D72E-5343-4F73-986C-1B00C35F1DFC}) (Version: 1.0 - Disney Interactive Studios)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: "1.0.0.10" - Rockstar Games)
HWiNFO64 Version 5.38 (HKLM\...\HWiNFO64_is1) (Version: 5.38 - Martin Malík - REALiX)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
IrfanView 4.53 (64-bit) (HKLM\...\IrfanView64) (Version: 4.53 - Irfan Skiljan)
KeyDominator2 (HKLM-x32\...\BloodyKeyboard) (Version: 17.11.0002 - Bloody)
Kyodai Mahjongg 2006 v1.2 (HKLM-x32\...\Kyodai Mahjongg 2006_is1) (Version: - Rene-Gilles Deberdt)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Mozilla Firefox 67.0.4 (x64 cs) (HKLM\...\Mozilla Firefox 67.0.4 (x64 cs)) (Version: 67.0.4 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 430.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 430.86 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenOffice 4.1.3 (HKLM-x32\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
Opera Stable 62.0.3331.72 (HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\Opera 62.0.3331.72) (Version: 62.0.3331.72 - Opera Software)
Organizér (HKLM-x32\...\{4154BF17-EE1F-4F25-9696-2FF191FE0787}) (Version: 5.3.5.1 - Fireluke Software)
Ovládací panel NVIDIA 430.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 430.86 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\TeamSpeak 3 Client) (Version: 3.2.5 - TeamSpeak Systems GmbH)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
Tom Clancy's Ghost Recon Wildlands (HKLM-x32\...\Uplay Install 1771) (Version: - Ubisoft)
Transport Fever v.Build 18381 (HKLM-x32\...\Transport Fever_is1) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 24.0.2 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Workers Resources Soviet Republic (HKLM-x32\...\Workers Resources Soviet Republic_is1) (Version: - torrent-igruha.org)
XMedia Recode verze 3.3.8.6 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.3.8.6 - XMedia Recode)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-05-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) ==============
2018-09-08 16:20 - 2017-04-17 10:43 - 003852800 _____ () [File not signed] C:\Program Files (x86)\Bloody6\Bloody6\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2017-11-27 14:26 - 2014-01-10 11:48 - 004260352 _____ () [File not signed] C:\Program Files (x86)\KeyDominator2\KeyDominator2\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2017-11-27 14:26 - 2017-11-02 10:32 - 011374080 _____ () [File not signed] C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe
2017-02-01 14:11 - 2015-10-04 22:12 - 000300544 _____ () [File not signed] C:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\libbluray.dll
2017-02-01 14:11 - 2015-10-04 22:12 - 000296448 _____ (1f0.de - Hendrik Leppkes) [File not signed] C:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\LAVAudio.ax
2017-02-01 14:11 - 2015-10-04 22:12 - 000587776 _____ (1f0.de - Hendrik Leppkes) [File not signed] C:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\LAVSplitter.ax
2017-02-01 14:11 - 2015-10-04 22:12 - 001153024 _____ (1f0.de - Hendrik Leppkes) [File not signed] C:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\LAVVideo.ax
2017-02-01 14:11 - 2015-10-04 22:10 - 009806336 _____ (FFmpeg Project) [File not signed] C:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\avcodec-lav-56.dll
2017-02-01 14:11 - 2015-10-04 22:10 - 000186368 _____ (FFmpeg Project) [File not signed] C:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\avfilter-lav-5.dll
2017-02-01 14:11 - 2015-10-04 22:10 - 001422336 _____ (FFmpeg Project) [File not signed] C:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\avformat-lav-56.dll
2017-02-01 14:11 - 2015-10-04 22:10 - 000161280 _____ (FFmpeg Project) [File not signed] C:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\avresample-lav-2.dll
2017-02-01 14:11 - 2015-10-04 22:10 - 000429568 _____ (FFmpeg Project) [File not signed] C:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\avutil-lav-54.dll
2017-02-01 14:11 - 2015-10-04 22:10 - 000467968 _____ (FFmpeg Project) [File not signed] C:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\swscale-lav-3.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2017-02-01 14:11 - 2015-10-18 21:55 - 012075008 _____ (MPC-HC Team) [File not signed] C:\Program Files\Combined Community Codec Pack 64bit\MPC\mpc-hc64.exe
2017-02-01 14:11 - 2015-05-03 19:49 - 002034176 _____ (xy-VSFilter Team) [File not signed] C:\Program Files\Combined Community Codec Pack 64bit\Filters\VSFilter.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\24teen.com -> 24teen.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\30search.com -> 30search.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\31234.com -> 31234.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\34yo.com -> 34yo.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\356563.net -> 356563.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\36site.com -> 36site.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\4-counter.com -> 4-counter.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\4corn.net -> 4corn.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\4pokertips.com -> 4pokertips.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\600pics.com -> 600pics.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\69teenage.com -> 69teenage.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\75tz.com -> 75tz.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\777search.com -> 777search.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\777top.com -> 777top.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\7adpower.com -> 7adpower.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\888.sooe.cn -> 888.sooe.cn
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\888net.net -> 888net.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\8da.com -> 8da.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\99livecam.com -> 99livecam.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\a2zlinks.com -> a2zlinks.com
There are 1520 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2019-06-07 01:01 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\program files (x86)\intel\icls client\;c:\program files\intel\icls client\;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\program files (x86)\intel\intel(r) management engine components\dal;c:\program files\intel\intel(r) management engine components\dal;c:\program files (x86)\intel\intel(r) management engine components\ipt;c:\program files\intel\intel(r) management engine components\ipt;c:\program files (x86)\common files\acronis\snapapi\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tom78\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 185.73.101.1 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{32A89603-4C93-4E83-96AB-8DB858A5AB73}] => (Block) %SystemDrive%\Moje\DiskDirector\DiskDirector.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{1D37AC3A-A0A0-46E5-9D31-40F1B00704D9}] => (Block) %SystemDrive%\Moje\DiskDirector\DiskDirector.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{A8428BF2-B651-4BFB-A229-5A159785B944}] => (Allow) C:\Users\Tom78\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{5AB598F2-4265-4261-B9BB-0ACCB703855B}] => (Allow) C:\Users\Tom78\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{324F436C-E05F-4C4C-83F0-8F0858B97736}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{952F2547-AC48-4238-80EF-4F7E71AEA8D6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{01E02B80-E74B-4178-BBE6-BDB8288DC91A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Novus Inceptio\NovusInceptio.exe () [File not signed]
FirewallRules: [{DA6584F7-F8AE-4CDA-AD16-DEE30ED154F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Novus Inceptio\NovusInceptio.exe () [File not signed]
FirewallRules: [{02DC5B5A-75DC-4566-8978-E78C971278CA}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{FAD87EC9-A0A7-4E60-A7A1-A5C7D7E404C6}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{F2BC386C-9C9F-46CB-B1E7-F201AC7F34F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7D330CD6-AE25-43CE-BAAC-321F36A07D7A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4B4A97B0-3FF6-48E2-B8BA-20472EB33043}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8370320D-557F-4A34-8879-38126EB4FD09}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E6EC7424-35EF-44F8-ABFE-11D1E6995FAB}] => (Allow) %ProgramFiles% (x86)\GOG Galaxy\GalaxyClient.exe No File
FirewallRules: [{06B1C26B-ED72-467F-888E-D5FBBA1A6373}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7E78973B-823F-45B7-94FB-1213F6BFEE04}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D917749C-54C9-4192-A79A-5E2C92E32DF7}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{80ABEA09-7889-4B17-AE58-6B692C4AAE90}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{8FF2607A-A572-4527-9981-94AD72C474BC}] => (Allow) D:\Games\GTA\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{48F593F2-6FBF-4C9B-A06C-C25981C71519}] => (Allow) D:\Games\GTA\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{CA76EC64-5D8A-4DF3-87EB-13738D2ABA76}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7098BFB6-FA54-4D5F-81F5-244CCD05E301}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{663D8CA7-3262-4823-91F6-971B17C95E14}] => (Block) D:\Games\Princezny\play.exe (Disney Interactive Studios) [File not signed]
FirewallRules: [{73F67E4B-1974-4E1B-B77A-53D901915C88}] => (Block) D:\Games\Princezny\play.exe (Disney Interactive Studios) [File not signed]
FirewallRules: [{F0C15B98-2827-4144-8939-CEC6547F7A54}] => (Block) E:\Kyodai Mahjongg 2006\kmj.exe (Rene-Gilles Deberdt) [File not signed]
FirewallRules: [{899926B8-E8E6-4C74-BD9F-5A4900EFD34E}] => (Block) E:\Kyodai Mahjongg 2006\kmj.exe (Rene-Gilles Deberdt) [File not signed]
FirewallRules: [{A2354B08-1F5B-4905-9CAE-63B1A7646F2E}] => (Allow) D:\Games\Ubisoft\Tom Clancy's Ghost Recon Wildlands\GRW.exe (Blue Byte GmbH -> )
FirewallRules: [{FFCBC4B6-C676-434D-9D9F-2BEB9C3198DE}] => (Allow) C:\Users\Tom78\AppData\Local\Programs\Opera\60.0.3255.170\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{C7D3FE2A-984E-457C-B3D7-9AEF3676EF99}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{6D9C9F47-D997-463D-A35A-B234B8B5961B}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{D5332DC9-8560-466C-A00C-861E902E91F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CE2232F8-ABC5-4D41-B834-F18E60C03026}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B66CAC70-54F3-469D-9031-965A2DB2FBE9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0006F580-DE43-4F13-A4E7-4B853D8ADB93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{49B3EE46-342F-47AD-AF9C-869D1EBE0353}] => (Block) E:\Workers and Resources Soviet Republic\Workers Resources Soviet Republic\GameLauncher.exe () [File not signed]
FirewallRules: [{70A46686-729C-49E7-9ABA-902648E328EA}] => (Block) E:\Workers and Resources Soviet Republic\Workers Resources Soviet Republic\SETUPAPPLICATIONSOVIET.exe (3DIVISION) [File not signed]
FirewallRules: [{68A61979-6D83-4996-A572-1EA3BC90FEA3}] => (Block) E:\Workers and Resources Soviet Republic\Workers Resources Soviet Republic\SOVIET.exe () [File not signed]
FirewallRules: [{EA221D0D-2E3F-450C-8E4C-56624149A882}] => (Block) E:\Workers and Resources Soviet Republic\Workers Resources Soviet Republic\SOVIET64.exe () [File not signed]
FirewallRules: [{583E1AD8-FBF5-447B-B64A-A50163734233}] => (Block) E:\Workers and Resources Soviet Republic\Workers Resources Soviet Republic\GameLauncher.exe () [File not signed]
FirewallRules: [{523C38D8-F972-4BF9-86EB-92C91DD9A728}] => (Block) E:\Workers and Resources Soviet Republic\Workers Resources Soviet Republic\SETUPAPPLICATIONSOVIET.exe (3DIVISION) [File not signed]
FirewallRules: [{F4028CD7-A732-43F2-88A0-99B450BD2962}] => (Block) E:\Workers and Resources Soviet Republic\Workers Resources Soviet Republic\SOVIET.exe () [File not signed]
FirewallRules: [{524E7AF7-733B-46DB-B997-C63B7C9FCC5E}] => (Block) E:\Workers and Resources Soviet Republic\Workers Resources Soviet Republic\SOVIET64.exe () [File not signed]
FirewallRules: [{58888A1E-2A2D-463B-BE54-3CD4188AB2EC}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{3EF4720C-1298-4DFF-B0CB-0C9168A02F36}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{3B9F9BD1-B592-40A8-82C2-811EE77748A9}] => (Block) E:\Transport\Transport Fever\TransportFever.exe () [File not signed]
FirewallRules: [{D6CE2F31-0A86-44AE-ACF0-B03D6BC8DB8A}] => (Block) E:\Transport\Transport Fever\TransportFever.exe () [File not signed]
FirewallRules: [{6BBE9EED-4860-4FD4-84D7-85E3F54A5816}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
13-07-2019 19:20:07 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/18/2019 02:46:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (07/17/2019 02:53:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (07/16/2019 01:50:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (07/15/2019 02:14:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (07/15/2019 01:00:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SOVIET.exe, verze: 0.0.0.0, časové razítko: 0x5d123ccf
Název chybujícího modulu: MSVCR110.dll, verze: 11.0.51106.1, časové razítko: 0x5098858e
Kód výjimky: 0x40000015
Posun chyby: 0x000a327c
ID chybujícího procesu: 0x1958
Čas spuštění chybující aplikace: 0x01d53a82f970d907
Cesta k chybující aplikaci: E:\Workers and Resources Soviet Republic\Workers Resources Soviet Republic\SOVIET.exe
Cesta k chybujícímu modulu: C:\Windows\system32\MSVCR110.dll
ID zprávy: 1eeb7cd2-a68b-11e9-be9f-74da38fe0bd6
Error: (07/14/2019 11:40:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (07/13/2019 11:52:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (07/13/2019 11:43:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (07/18/2019 02:48:22 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (07/18/2019 02:46:04 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.
Error: (07/18/2019 02:46:04 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.
Error: (07/18/2019 02:45:55 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.
Error: (07/18/2019 02:45:55 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.
Error: (07/18/2019 02:45:55 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.
Error: (07/17/2019 02:51:49 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.
Error: (07/17/2019 02:51:49 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.
CodeIntegrity:
===================================
Date: 2017-10-28 14:18:10.956
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-10-28 14:18:10.925
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-10-28 14:18:10.379
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-10-28 14:18:10.348
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-08 12:34:51.423
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-08 12:34:51.392
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-08 12:34:50.519
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-08 12:34:50.487
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2107 08/08/2014
Motherboard: ASUSTeK COMPUTER INC. B85-PLUS
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 64%
Total physical RAM: 8097.73 MB
Available physical RAM: 2840.39 MB
Total Virtual: 24291.38 MB
Available Virtual: 18258.53 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:126.95 GB) (Free:28.53 GB) NTFS
Drive d: (Hry) (Fixed) (Total:226.74 GB) (Free:16.44 GB) NTFS
Drive e: () (Fixed) (Total:134.65 GB) (Free:18.85 GB) NTFS
Drive f: () (Fixed) (Total:931.41 GB) (Free:9.31 GB) NTFS
Drive h: (Záloha) (Fixed) (Total:443.16 GB) (Free:33.39 GB) NTFS
\\?\Volume{954ccc49-a461-11e6-a407-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 82382C7D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 12DF12DE)
Partition 1: (Not Active) - (Size=127 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=804.6 GB) - (Type=0F Extended)
==================== End of Addition.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zavirovaný počítač a neznámý účet
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zavirovaný počítač a neznámý účet
- Přílohy
-
- ucet_neznamy2.jpg (241.12 KiB) Zobrazeno 1619 x
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný počítač a neznámý účet
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný počítač a neznámý účet
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-07-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-18-2019
# Duration: 00:00:01
# OS: Windows 7 Home Premium
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1257 octets] - [18/07/2019 22:12:58]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-07-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-18-2019
# Duration: 00:00:01
# OS: Windows 7 Home Premium
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1257 octets] - [18/07/2019 22:12:58]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný počítač a neznámý účet
Toto je OK.
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {CAB67667-24A7-4D34-8DAC-DA5EE79C7F6E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-18] (Google Inc -> Google LLC)
Task: {F0531922-22F4-4231-BAE6-CF86DB2ECDFE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-18] (Google Inc -> Google LLC)
U3 axkb2rrk; C:\Windows\System32\Drivers\axkb2rrk.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
FirewallRules: [{E6EC7424-35EF-44F8-ABFE-11D1E6995FAB}] => (Allow) %ProgramFiles% (x86)\GOG Galaxy\GalaxyClient.exe No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný počítač a neznámý účet
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by Tom78 (19-07-2019 14:56:55) Run:1
Running from C:\Users\Tom78\Desktop
Loaded Profiles: Tom78 (Available Profiles: Tom78)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {CAB67667-24A7-4D34-8DAC-DA5EE79C7F6E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-18] (Google Inc -> Google LLC)
Task: {F0531922-22F4-4231-BAE6-CF86DB2ECDFE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-18] (Google Inc -> Google LLC)
U3 axkb2rrk; C:\Windows\System32\Drivers\axkb2rrk.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
FirewallRules: [{E6EC7424-35EF-44F8-ABFE-11D1E6995FAB}] => (Allow) %ProgramFiles% (x86)\GOG Galaxy\GalaxyClient.exe No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CAB67667-24A7-4D34-8DAC-DA5EE79C7F6E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CAB67667-24A7-4D34-8DAC-DA5EE79C7F6E}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F0531922-22F4-4231-BAE6-CF86DB2ECDFE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0531922-22F4-4231-BAE6-CF86DB2ECDFE}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
axkb2rrk => service not found.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UnLockerMenu => removed successfully
HKLM\Software\Classes\CLSID\{410BF280-86EF-4E0F-8279-EC5848546AD3} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\UnLockerMenu => removed successfully
HKLM\Software\Classes\CLSID\{410BF280-86EF-4E0F-8279-EC5848546AD3} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UnLockerMenu => removed successfully
HKLM\Software\Classes\CLSID\{410BF280-86EF-4E0F-8279-EC5848546AD3} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E6EC7424-35EF-44F8-ABFE-11D1E6995FAB}" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22286346 B
Java, Flash, Steam htmlcache => 90893482 B
Windows/system/drivers => 2441129 B
Edge => 0 B
Chrome => 362012599 B
Firefox => 1066632048 B
Opera => 1112535992 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
Tom78 => 63017322 B
RecycleBin => 0 B
EmptyTemp: => 2.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:57:42 ====
Ran by Tom78 (19-07-2019 14:56:55) Run:1
Running from C:\Users\Tom78\Desktop
Loaded Profiles: Tom78 (Available Profiles: Tom78)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {CAB67667-24A7-4D34-8DAC-DA5EE79C7F6E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-18] (Google Inc -> Google LLC)
Task: {F0531922-22F4-4231-BAE6-CF86DB2ECDFE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-18] (Google Inc -> Google LLC)
U3 axkb2rrk; C:\Windows\System32\Drivers\axkb2rrk.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
FirewallRules: [{E6EC7424-35EF-44F8-ABFE-11D1E6995FAB}] => (Allow) %ProgramFiles% (x86)\GOG Galaxy\GalaxyClient.exe No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CAB67667-24A7-4D34-8DAC-DA5EE79C7F6E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CAB67667-24A7-4D34-8DAC-DA5EE79C7F6E}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F0531922-22F4-4231-BAE6-CF86DB2ECDFE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0531922-22F4-4231-BAE6-CF86DB2ECDFE}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
axkb2rrk => service not found.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UnLockerMenu => removed successfully
HKLM\Software\Classes\CLSID\{410BF280-86EF-4E0F-8279-EC5848546AD3} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\UnLockerMenu => removed successfully
HKLM\Software\Classes\CLSID\{410BF280-86EF-4E0F-8279-EC5848546AD3} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UnLockerMenu => removed successfully
HKLM\Software\Classes\CLSID\{410BF280-86EF-4E0F-8279-EC5848546AD3} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E6EC7424-35EF-44F8-ABFE-11D1E6995FAB}" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22286346 B
Java, Flash, Steam htmlcache => 90893482 B
Windows/system/drivers => 2441129 B
Edge => 0 B
Chrome => 362012599 B
Firefox => 1066632048 B
Opera => 1112535992 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
Tom78 => 63017322 B
RecycleBin => 0 B
EmptyTemp: => 2.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:57:42 ====
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný počítač a neznámý účet
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný počítač a neznámý účet
Ne, pořád stejný.
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný počítač a neznámý účet
OK. Udělejte kompletní sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte, nechte pracovat a po skončení akce smažte vše, co najde.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný počítač a neznámý účet
Ten AVPTool je jinej než ten v návodu (žádná Version 11) a já nevím jak to správně nastavit, protože tam nejsou ty volby jak u návodu. Tenhle je nějakej zjednodušenej a nikde nevidím "Hidden startup objects" a taky to "Poté klepněte vlevo uprostřed na záložku Actions, vyberte možnost Select action a ujistěte se, že jsou zaškrtlé volby Disinfect a Delete if disinfection fails." - nikde to tam není. Nechci udělat něco blbě, tak se radši ptám co s tím?
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný počítač a neznámý účet
Spusťte v defaultu. Víme, že ten návod je na jinou verzi, proto zvlášť píši:
Pokud tam něco je, AVP to najde. Odkaz jsem dal jen kvůli stažení souboru.Utilitu stáhněte, spusťte, nechte pracovat...
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný počítač a neznámý účet
Hotovo, ale v defaultu bylo zaškrtnuto jen System memory, Startup objects a Boot sectors. Nenašel nic. Dál se tomu můžu věnovat bohužel až v pondělí. Musím řešit nějaké rodinné záležitosti a nebudu v dosahu internetu. Doufám že to nevadí, rád bych to dořešil.
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný počítač a neznámý účet
To nevadí. Já mám dnes k řešení něco podobného, navíc poměrně daleko od bydliště. Jak vidno, PC zavirován není a ty účty, které vám vadí odstraňte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný počítač a neznámý účet
Ty účty odstranit nejdou (a ani nevím jak když nejsou vidět v "Uživatelských účtech") a pořád ovládají ten soubor který já ovládat nemohu. Zkoušel jsem i přeinstalovat ten program, ale je to pořád stejný i po reinstallu. Do tý emailový schránky se taky z tohoto pc pořád nemohu dostat.
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný počítač a neznámý účet
OK. Zkuste tedy obnovu systému k datu, kdy korketně fungoval. Soubor není virus, zřejmě má nějakou chybu, nebo je poškozen registr.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný počítač a neznámý účet
To bohužel taky nejde, není žádný bod obnovy (nemám dostatek místa na disku) a registr jsem pročištil, programy co soubor používaly jsem taky přeinstaloval...nic nepomohlo a samo to nevzniklo (proto to ted řeším, ale zatim marně). Jenže ten soubor třeba používají hry co mají i 60GB i víc a přeinstalovávat pořád dokola takový hry, když internet to tahá celý den, je dost peklo. Fakt už nevím, hry nefungují, systém přeinstalovat nemůžu (nemám ted funkční DVD-ROM) a veškerý rady co jsem k tomu našel nefungují.
Přispějete na provoz fóra?