Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Vir nebo defender

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
mania
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 16 říj 2015 09:14

Vir nebo defender

#1 Příspěvek od mania »

Ahojky, muj problem je v pomalém načítaní samotného pc stránek i her ty které tedy jdou. Některé hry nefungují vůbec. Mám podezření na win defender neraději bych ho vyhodila ale nevím kde používam avast přijde mi to zbytečné mí dva antiviry. Chtěla jsem provest obnovu systemu a to se mi nepovedlo jsou tam asi 4 body ani jeden nešel.


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-01-2020 01
Ran by LuciFafa (administrator) on LUCIFAFA-PC (25-01-2020 20:19:47)
Running from C:\Users\LuciFafa\Desktop
Loaded Profiles: LuciFafa (Available Profiles: LuciFafa)
Platform: Microsoft Windows 10 Home Version 1903 18362.592 (X86) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(Google Inc -> Google LLC) C:\Program Files\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [7519960 2015-01-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [232840 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [AMDDVR] => C:\Program Files\AMD\CNext\CNext\amddvr.exe [1617800 2018-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {070A3EA9-8DA3-4559-899E-70484CD95521} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [405088 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0ACA8AED-E8A5-403C-A1FE-FD963AC6D50E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [405088 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0CA094BA-D37D-4BD1-9B8D-1F4C7EBF760B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {1341ABBB-78DB-4E4D-8A35-5DDA86AF973F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {1770BB4B-35E9-40B1-A407-932BB5969459} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {1CF0C451-0775-4B00-AE47-7DFE8EDAB5AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-09] (Adobe Inc. -> Adobe)
Task: {1F37C4D6-8AD0-4740-9FBE-A223A8F92C72} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {2A5EB73E-0E29-4E90-8F07-424A175FF490} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {2D547F09-AB9B-458A-BE13-53287865A027} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {310EBAD5-3127-4767-84C7-ED217DDDA5EA} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {37EC1E74-6C44-4B30-A6F1-5AE69C4A7CFF} - System32\Tasks\StartCN => C:\Program Files\AMD\\CNext\CNext\cncmd.exe [43400 2018-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {37F687A7-A1EC-49D0-9C6C-FFF191B2D7E3} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {3A95B8C8-B1C9-402B-ADA9-0FC3D224F57C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3F983359-DF03-40CA-8C66-C8389544BBF5} - System32\Tasks\{002AE781-3C13-4988-9DD7-5C950841373F} => C:\Program Files\Nexon\Nexon Launcher\nexon_launcher.exe
Task: {4482917A-EDAE-4D7D-B621-4E21D0479CEE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {52A6C2AC-44AE-46B7-87DF-2D58DF54A27F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe [1457720 2019-12-09] (Adobe Inc. -> Adobe)
Task: {53648477-B30C-44F6-9421-2F7FF80DCBE9} - System32\Tasks\StartDVR => C:\Program Files\AMD\\CNext\CNext\dvrcmd.exe [59272 2018-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5F886570-6BD8-4254-8DC1-A38C78CEF3C5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {62FAB98F-0165-438C-A61C-6C354214A580} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {640E7AD3-7A65-4CB7-9197-ED2BAAFD2945} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {67F8D0E7-E897-4E22-9258-AFC61361BB1C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7099E0BC-E0DF-4B78-9C3F-03B1B646C041} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {70CB6F2E-9890-4DBA-9669-7B62A80B6BFE} - System32\Tasks\{2C168AB7-D565-42E8-9497-5F708AEBE37C} => C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe [5496880 2019-12-23] (valofe Co.,Ltd. -> Valofe)
Task: {83482C26-D5B0-4999-8965-1E221E559312} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
Task: {83CC6E3E-1B1E-46A5-9804-E32CB79B5FA5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {896F7C2D-C4EA-4A9A-BC21-4E33EA8C2C98} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {8D5C7F68-16C4-45B4-A8A5-F2E7382AB882} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8E5D4FB0-BC25-4160-9C8A-D8F458BE987F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {920D55A6-C75E-4757-87FD-A2A37D4B1079} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {935CFF16-E68D-466B-B047-C6B70A692112} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {97264EF2-3461-465C-9093-A98DFA9FF727} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9ED3DE3C-4F79-485B-9306-97AFE797BB4E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A7B2DD51-B885-4014-9E5A-9392F4848566} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {AB4E247F-3307-4A04-A06F-34E942D8613D} - System32\Tasks\Java Updater => C:\Users\LuciFafa\AppData\Roaming\nircmd.exe <==== ATTENTION
Task: {AFE2589B-2234-43EF-B0C4-9E8EBF7F9996} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1542536 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {AFFE6A38-F468-4E0C-9AE5-79997B583DF5} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B81AD758-FF6E-4883-9DBE-20865B218B98} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B8B2386F-6E5B-4023-8FFB-FE6F7B837124} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {C00E2B0D-CA13-43CC-937D-F08FC12B4D85} - System32\Tasks\{09BE175D-9DCD-448D-AA34-F529E6EF28EF} => C:\Program Files\Pro Evolution Soccer 2015\PES2015.exe [39109936 2014-11-12] (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.)
Task: {D2918185-EB46-4389-A9C2-066839A2C5FE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D5710AD8-16D6-4457-84FA-882F80D8D906} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
Task: {D81E909E-533E-4591-A6B2-BFF769F0E74C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D88BBE2B-CA68-46BC-BEA7-2DCA2047C6BE} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E54424BD-C227-47D3-BDFE-BADFA377BE33} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E5A10CDF-C165-46D4-92E0-60FE090D47C5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {EC244E0D-C77F-497E-A390-FF949660DBAA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [405088 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EC83EB21-36A3-4DB1-8A79-AB8089D77148} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\AVAST Software\SecureLine VPN\VpnUpdate.exe [1390472 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {F50BF105-4184-4DC3-BAE8-F8781FCAF8FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [405088 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F742D008-A50D-4F4B-B68D-9357ECEAD1C2} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {FB1390A3-48DC-4FFC-99FD-3A5B0B71774C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3250056 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {FD6432B4-732F-4165-A615-042B4A465273} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4950ECBA-8D72-493B-A0EB-CA9249133316}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{cfc5e456-e14c-404d-ae3c-686d78c7fa82}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{f5521eba-7c81-4192-bb08-29bb54988594}: [NameServer] 100.120.166.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-20] (Oracle America, Inc. -> Oracle Corporation)

Edge:
======
DownloadDir: C:\Users\LuciFafa\Downloads

FireFox:
========
FF DefaultProfile: o4nlojpb.default-1540287753942
FF ProfilePath: C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 [2020-01-25]
FF Homepage: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> hxxps://www.google.cz/
FF Notifications: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> hxxps://www.vitalitygames.com; hxxps://pacogames.os.tc
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\sp@avast.com.xpi [2020-01-18]
FF Extension: (Avast Online Security) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\wrc@avast.com.xpi [2020-01-24]
FF Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2018-10-24] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-12-09] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2018-01-04] (Nexon) [File not signed]
FF Plugin: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll [2009-11-19] (OGPlanet -> OGPlanet)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default [2020-01-22]
CHR Extension: (Prezentace) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-02]
CHR Extension: (Dokumenty) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-02]
CHR Extension: (Disk Google) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-02]
CHR Extension: (YouTube) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-02]
CHR Extension: (Tabulky) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-22]
CHR Extension: (Avast Online Security) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-02]
CHR Extension: (Gmail) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-02]
CHR Extension: (Chrome Media Router) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-31]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [383872 2017-05-16] (Advanced Micro Devices, Inc. -> AMD)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [163328 2018-09-25] () [File not signed]
R2 asComSvc; C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-07-23] (ASUSTeK Computer Inc. -> )
R2 AsSysCtrlService; C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-07-23] (ASUSTeK Computer Inc. -> ) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5106064 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [859096 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [7188752 2018-06-22] (Mail.Ru LLC -> LLC Mail.Ru)
S3 npggsvc; C:\Windows\system32\GameMon.des [7986848 2018-03-15] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2018-11-14] (Even Balance, Inc. -> )
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe [6828424 2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [2250992 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [85240 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmdag.sys [32682368 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmpag.sys [415104 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S0 amdkmpfd; C:\WINDOWS\System32\DRIVERS\amdkmpfd.sys [40136 2014-10-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [73928 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [36040 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [14720 2014-07-23] (ASUSTeK Computer Inc. -> )
S3 AsusVBus; C:\WINDOWS\System32\DRIVERS\AsusVBus.sys [33048 2017-01-09] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35512 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [174712 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [224008 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [169408 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [59368 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15792 2019-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [211088 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41200 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [136752 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [95168 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [73312 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [691528 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [394856 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [176760 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [48152 2018-09-07] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [277408 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT3.sys [82432 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 ATP; C:\WINDOWS\System32\DRIVERS\AsusTP.sys [66872 2017-01-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [252480 2019-10-21] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S0 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [19592 2009-09-24] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S3 btnetBUs; C:\WINDOWS\System32\Drivers\btnetBus.sys [22528 2009-09-24] () [File not signed]
R1 ccSet_NST; C:\WINDOWS\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation -> Symantec Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-10-14] (Disc Soft Ltd -> Disc Soft Ltd)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [25480 2009-08-26] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [17352 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [6456416 2018-06-22] (Mail.Ru LLC -> LLC Mail.Ru)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [15688 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] (MiniTool Solution Ltd -> )
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [5120 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 usbfilter; C:\WINDOWS\System32\DRIVERS\usbfilter.sys [48352 2014-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [15872 2019-09-06] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [37472 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [278456 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [39368 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [207360 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-25 20:19 - 2020-01-25 20:20 - 000030586 _____ C:\Users\LuciFafa\Desktop\FRST.txt
2020-01-25 20:19 - 2020-01-25 20:20 - 000000000 ____D C:\FRST
2020-01-25 20:18 - 2020-01-25 20:18 - 002311168 _____ (Farbar) C:\Users\LuciFafa\Desktop\FRST(1).exe
2020-01-25 20:17 - 2020-01-25 20:17 - 002580480 _____ (Farbar) C:\Users\LuciFafa\Desktop\FRST64.exe
2020-01-25 20:17 - 2020-01-25 20:17 - 000000000 _____ C:\Users\LuciFafa\Downloads\FRST.exe
2020-01-25 20:09 - 2020-01-25 20:11 - 000000000 ____D C:\AdwCleaner
2020-01-25 20:09 - 2020-01-25 20:09 - 008237744 _____ (Malwarebytes) C:\Users\LuciFafa\Desktop\adwcleaner_8.0.1.exe
2020-01-25 20:08 - 2020-01-25 20:08 - 000000000 ____D C:\Users\LuciFafa\Desktop\Nová složka (3)
2020-01-22 11:39 - 2020-01-22 12:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-20 17:41 - 2020-01-20 17:41 - 000000000 ____D C:\Program Files\Common Files\Oracle
2020-01-20 17:41 - 2020-01-20 17:41 - 000000000 ____D C:\Program Files\Common Files\Java
2020-01-20 11:38 - 2020-01-20 11:38 - 000001439 _____ C:\Users\LuciFafa\Desktop\Tajný život mazlíčků 2 CZ DABING 2019 – zástupce.lnk
2020-01-20 09:06 - 2020-01-20 10:30 - 1547217553 _____ C:\Users\LuciFafa\Downloads\Tajný život mazlíčků 2 CZ DABING 2019.mkv
2020-01-19 11:16 - 2008-08-18 18:18 - 000077824 _____ (Fox Magic Software) C:\WINDOWS\system32\fmcodec.DLL
2020-01-17 17:10 - 2020-01-17 17:10 - 000001259 _____ C:\Users\LuciFafa\Desktop\Velká šestka 2014 – zástupce.lnk
2020-01-16 13:52 - 2020-01-16 15:46 - 000000008 _____ C:\Users\LuciFafa\Desktop\Nový textový dokument (2).txt
2020-01-16 12:38 - 2020-01-16 12:38 - 003401208 _____ C:\Users\LuciFafa\Downloads\winrar-x64-580cz.exe
2020-01-16 12:38 - 2020-01-16 12:38 - 003175080 _____ C:\Users\LuciFafa\Downloads\wrar580cz.exe
2020-01-16 12:36 - 2020-01-16 12:36 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 002995712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-16 12:35 - 2020-01-16 12:35 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-16 12:35 - 2020-01-16 12:35 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 001539160 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-16 12:35 - 2020-01-16 12:35 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-16 12:35 - 2020-01-16 12:35 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-16 12:35 - 2020-01-16 12:35 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000277520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-16 12:35 - 2020-01-16 12:35 - 000261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-16 12:35 - 2020-01-16 12:35 - 000207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-16 12:35 - 2020-01-16 12:35 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000105384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-16 12:35 - 2020-01-16 12:35 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-16 12:28 - 2019-12-10 05:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-16 08:54 - 2020-01-16 09:39 - 831700580 _____ C:\Users\LuciFafa\Downloads\Velká šestka 2014.avi
2020-01-15 17:42 - 2020-01-15 17:42 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Media Player Utilities 4.46
2020-01-15 17:42 - 2020-01-15 17:42 - 000000000 ____D C:\Program Files\Media Player Utilities 4.46
2020-01-15 17:02 - 2020-01-23 22:15 - 000000000 ____D C:\Users\LuciFafa\Downloads\5
2020-01-15 12:33 - 2020-01-15 12:33 - 000001326 _____ C:\Users\LuciFafa\Desktop\Animované-Raubíř-Ralf-cz – zástupce.lnk
2020-01-15 12:25 - 2020-01-15 12:25 - 000001488 _____ C:\Users\LuciFafa\Desktop\V hlavě-animovaný rodinný film USA 2015 cz – zástupce.lnk
2020-01-15 09:35 - 2020-01-15 11:00 - 1564232642 _____ C:\Users\LuciFafa\Downloads\Animované-Raubíř-Ralf-cz.avi
2020-01-15 08:35 - 2020-01-15 09:25 - 920561298 _____ C:\Users\LuciFafa\Downloads\V hlavě-animovaný rodinný film USA 2015 cz.avi
2020-01-15 08:26 - 2020-01-15 08:29 - 000000000 ____D C:\Users\LuciFafa\Downloads\Nová složka (6)
2020-01-07 11:25 - 2020-01-07 13:01 - 1058216200 _____ C:\Users\LuciFafa\Downloads\angry-birds-ve-filmu-2016-cz-dabing-top-kvalita-avi 1.bin
2020-01-06 19:43 - 2020-01-06 19:43 - 000001471 _____ C:\Users\LuciFafa\Downloads\Angry Birds ve filmu 2 2019 1080p CZ.SK 5.1 – zástupce.lnk
2020-01-06 19:43 - 2020-01-06 19:43 - 000001471 _____ C:\Users\LuciFafa\Desktop\Angry Birds ve filmu 2 2019 1080p CZ.SK 5.1 – zástupce.lnk
2020-01-06 12:07 - 2020-01-06 16:15 - 2745262544 _____ C:\Users\LuciFafa\Downloads\Angry Birds ve filmu 2 2019 1080p CZ.SK 5.1.mkv
2020-01-04 19:39 - 2020-01-04 19:39 - 055961627 _____ C:\Users\LuciFafa\Downloads\EpicInstaller-10.7.0-fortnite.dmg
2020-01-04 19:39 - 2020-01-04 19:39 - 043749376 _____ C:\Users\LuciFafa\Downloads\EpicInstaller-10.7.0-fortnite.msi

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-25 20:19 - 2019-09-06 19:41 - 001839106 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-25 20:19 - 2019-03-19 08:13 - 000764824 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-25 20:19 - 2019-03-19 08:13 - 000169506 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-25 20:19 - 2019-03-19 03:44 - 000000000 ____D C:\WINDOWS\INF
2020-01-25 20:19 - 2016-11-18 15:12 - 000000000 ____D C:\Users\LuciFafa\AppData\LocalLow\Mozilla
2020-01-25 20:13 - 2019-03-19 03:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-25 20:13 - 2018-10-23 10:17 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\CrashDumps
2020-01-25 20:13 - 2017-09-05 08:37 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\AVAST Software
2020-01-25 20:12 - 2019-09-06 19:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-25 20:11 - 2019-03-19 03:35 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-25 20:11 - 2015-09-25 11:42 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-01-25 19:21 - 2019-03-19 03:35 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-01-25 18:29 - 2015-09-26 07:21 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2020-01-25 18:09 - 2019-10-18 07:31 - 000002097 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-01-25 17:57 - 2019-09-06 19:48 - 000002312 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-01-25 17:57 - 2019-09-06 19:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-01-25 17:14 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-25 12:16 - 2017-11-22 14:44 - 000001725 _____ C:\Users\LuciFafa\Desktop\Assassin`s Creed III.lnk
2020-01-25 12:10 - 2017-11-24 21:24 - 000000000 ____D C:\Program Files\Assassins Creed IV Black Flag
2020-01-25 12:05 - 2015-10-15 14:59 - 000000000 ____D C:\Program Files\GRID 2
2020-01-25 12:04 - 2017-02-14 19:26 - 000000000 ____D C:\Program Files\GRID Autosport
2020-01-25 12:04 - 2015-12-10 12:44 - 000000000 ____D C:\Program Files\DiRT Rally
2020-01-25 12:04 - 2015-10-14 21:06 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\DAEMON Tools Lite
2020-01-25 11:43 - 2019-09-06 19:48 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-01-23 23:35 - 2019-03-19 03:46 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-23 22:23 - 2015-12-26 20:36 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\AIMP
2020-01-23 21:54 - 2015-09-29 18:05 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\vlc
2020-01-22 12:10 - 2015-09-26 07:21 - 000001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-21 21:19 - 2019-11-02 18:19 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-21 21:19 - 2019-11-02 18:19 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-20 17:41 - 2019-10-18 07:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-01-20 17:41 - 2019-10-18 07:45 - 000000000 ____D C:\Program Files\Java
2020-01-20 17:40 - 2019-10-18 07:46 - 000112696 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2020-01-19 20:05 - 2015-10-25 18:51 - 000000000 ____D C:\Program Files\Steam
2020-01-19 11:16 - 2019-12-07 20:00 - 000002147 _____ C:\Users\Public\Desktop\Music Search MP3.lnk
2020-01-19 11:16 - 2019-12-07 20:00 - 000001221 _____ C:\Users\Public\Desktop\aTube Catcher.lnk
2020-01-19 11:16 - 2015-10-05 13:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2020-01-16 18:21 - 2019-09-06 19:34 - 000274608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-16 18:19 - 2019-03-19 03:46 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-16 18:19 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-16 18:19 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-16 18:19 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-16 17:12 - 2019-09-06 19:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-16 12:48 - 2019-03-19 03:35 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-16 12:47 - 2015-09-29 15:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-16 12:45 - 2019-09-06 20:07 - 000000000 ____D C:\ProgramData\Packages
2020-01-16 12:45 - 2019-09-06 19:55 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\PlaceholderTileLogoFolder
2020-01-16 12:45 - 2019-09-06 19:49 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\Packages
2020-01-16 12:39 - 2015-09-29 15:22 - 117005720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-16 12:38 - 2015-10-05 13:40 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-01-16 12:38 - 2015-10-05 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-01-16 12:38 - 2015-10-05 13:40 - 000000000 ____D C:\Program Files\WinRAR
2020-01-15 17:01 - 2019-09-13 18:17 - 000000000 ____D C:\Program Files\bookingDesktopApp
2020-01-15 09:23 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-01-13 17:45 - 2015-09-29 16:33 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\ElevatedDiagnostics
2020-01-12 18:03 - 2015-09-25 11:46 - 000000000 ____D C:\Program Files\SpeedFan
2020-01-12 17:27 - 2015-10-25 18:51 - 000000000 ____D C:\Program Files\Common Files\Steam
2020-01-08 18:52 - 2017-09-05 08:37 - 000000128 _____ C:\Users\LuciFafa\Desktop\HESLO VIRY.txt
2020-01-08 18:47 - 2019-01-15 11:21 - 000001038 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-30 16:53 - 2019-11-15 21:54 - 000002872 _____ C:\WINDOWS\system32\Tasks\Java Updater
2019-12-30 16:53 - 2019-10-29 18:43 - 000003026 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2019-12-30 16:53 - 2019-09-06 19:56 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1117677789-4214877554-3075564690-1000
2019-12-30 16:53 - 2019-09-06 19:48 - 000003450 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-30 16:53 - 2019-09-06 19:48 - 000003226 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories ========

2016-06-03 14:03 - 2016-06-03 14:03 - 000000603 _____ () C:\Program Files\Blacklight Retribution_enUpdaterLog.txt
2016-06-03 14:01 - 2017-10-17 18:38 - 000022328 _____ () C:\Users\LuciFafa\AppData\Roaming\PnkBstrK.sys
2019-11-02 17:41 - 2019-11-02 17:41 - 000000038 _____ () C:\Users\LuciFafa\AppData\Local\cloudready_installer_uuid
2015-09-28 09:38 - 2018-10-03 07:50 - 000007602 _____ () C:\Users\LuciFafa\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

mania
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 16 říj 2015 09:14

Re: Vir nebo defender

#2 Příspěvek od mania »

# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-25-2020
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

Deleted Smart Defender
Deleted Smart Defender

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1385 octets] - [25/01/2020 20:10:28]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########






# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-25-2020
# Duration: 00:00:24
# OS: Windows 10 Home
# Scanned: 34795
# Detected: 2


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

PUP.Optional.Vondos Smart Defender
PUP.Optional.Vondos Smart Defender

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vir nebo defender

#3 Příspěvek od Rudy »

Zdravím!
Pokud nainstalujete antivirus 3. strany, windefender se automaticky deaktivuje. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

mania
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 16 říj 2015 09:14

Re: Vir nebo defender

#4 Příspěvek od mania »

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-01-2020
Ran by LuciFafa (administrator) on LUCIFAFA-PC (26-01-2020 12:01:45)
Running from C:\Users\LuciFafa\Desktop
Loaded Profiles: LuciFafa (Available Profiles: LuciFafa)
Platform: Microsoft Windows 10 Home Version 1903 18362.592 (X86) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(Google Inc -> Google LLC) C:\Program Files\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x86__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x86__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SystemSettingsAdminFlows.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.590_none_02ddb990a0b3db83\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [7519960 2015-01-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [232840 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [AMDDVR] => C:\Program Files\AMD\CNext\CNext\amddvr.exe [1617800 2018-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3311568 2020-01-18] (Valve -> Valve Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {070A3EA9-8DA3-4559-899E-70484CD95521} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [405088 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0ACA8AED-E8A5-403C-A1FE-FD963AC6D50E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [405088 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0CA094BA-D37D-4BD1-9B8D-1F4C7EBF760B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {1341ABBB-78DB-4E4D-8A35-5DDA86AF973F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {1770BB4B-35E9-40B1-A407-932BB5969459} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {1CF0C451-0775-4B00-AE47-7DFE8EDAB5AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-09] (Adobe Inc. -> Adobe)
Task: {1F37C4D6-8AD0-4740-9FBE-A223A8F92C72} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {2A5EB73E-0E29-4E90-8F07-424A175FF490} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {2D547F09-AB9B-458A-BE13-53287865A027} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {310EBAD5-3127-4767-84C7-ED217DDDA5EA} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {37EC1E74-6C44-4B30-A6F1-5AE69C4A7CFF} - System32\Tasks\StartCN => C:\Program Files\AMD\\CNext\CNext\cncmd.exe [43400 2018-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {37F687A7-A1EC-49D0-9C6C-FFF191B2D7E3} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {3A95B8C8-B1C9-402B-ADA9-0FC3D224F57C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3F983359-DF03-40CA-8C66-C8389544BBF5} - System32\Tasks\{002AE781-3C13-4988-9DD7-5C950841373F} => C:\Program Files\Nexon\Nexon Launcher\nexon_launcher.exe
Task: {4482917A-EDAE-4D7D-B621-4E21D0479CEE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {52A6C2AC-44AE-46B7-87DF-2D58DF54A27F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe [1457720 2019-12-09] (Adobe Inc. -> Adobe)
Task: {53648477-B30C-44F6-9421-2F7FF80DCBE9} - System32\Tasks\StartDVR => C:\Program Files\AMD\\CNext\CNext\dvrcmd.exe [59272 2018-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5F886570-6BD8-4254-8DC1-A38C78CEF3C5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {62FAB98F-0165-438C-A61C-6C354214A580} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {640E7AD3-7A65-4CB7-9197-ED2BAAFD2945} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {67F8D0E7-E897-4E22-9258-AFC61361BB1C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7099E0BC-E0DF-4B78-9C3F-03B1B646C041} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {70CB6F2E-9890-4DBA-9669-7B62A80B6BFE} - System32\Tasks\{2C168AB7-D565-42E8-9497-5F708AEBE37C} => C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe [5496880 2019-12-23] (valofe Co.,Ltd. -> Valofe)
Task: {83482C26-D5B0-4999-8965-1E221E559312} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
Task: {83CC6E3E-1B1E-46A5-9804-E32CB79B5FA5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {896F7C2D-C4EA-4A9A-BC21-4E33EA8C2C98} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {8D5C7F68-16C4-45B4-A8A5-F2E7382AB882} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8E5D4FB0-BC25-4160-9C8A-D8F458BE987F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {920D55A6-C75E-4757-87FD-A2A37D4B1079} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {935CFF16-E68D-466B-B047-C6B70A692112} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {97264EF2-3461-465C-9093-A98DFA9FF727} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9ED3DE3C-4F79-485B-9306-97AFE797BB4E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A7B2DD51-B885-4014-9E5A-9392F4848566} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {AB4E247F-3307-4A04-A06F-34E942D8613D} - System32\Tasks\Java Updater => C:\Users\LuciFafa\AppData\Roaming\nircmd.exe <==== ATTENTION
Task: {AFE2589B-2234-43EF-B0C4-9E8EBF7F9996} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1542536 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {AFFE6A38-F468-4E0C-9AE5-79997B583DF5} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B81AD758-FF6E-4883-9DBE-20865B218B98} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B8B2386F-6E5B-4023-8FFB-FE6F7B837124} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {C00E2B0D-CA13-43CC-937D-F08FC12B4D85} - System32\Tasks\{09BE175D-9DCD-448D-AA34-F529E6EF28EF} => C:\Program Files\Pro Evolution Soccer 2015\PES2015.exe [39109936 2014-11-12] (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.)
Task: {D2918185-EB46-4389-A9C2-066839A2C5FE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D5710AD8-16D6-4457-84FA-882F80D8D906} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
Task: {D81E909E-533E-4591-A6B2-BFF769F0E74C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D88BBE2B-CA68-46BC-BEA7-2DCA2047C6BE} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E54424BD-C227-47D3-BDFE-BADFA377BE33} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E5A10CDF-C165-46D4-92E0-60FE090D47C5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {EC244E0D-C77F-497E-A390-FF949660DBAA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [405088 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EC83EB21-36A3-4DB1-8A79-AB8089D77148} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\AVAST Software\SecureLine VPN\VpnUpdate.exe [1390472 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {F50BF105-4184-4DC3-BAE8-F8781FCAF8FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [405088 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F742D008-A50D-4F4B-B68D-9357ECEAD1C2} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {FB1390A3-48DC-4FFC-99FD-3A5B0B71774C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3250056 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {FD6432B4-732F-4165-A615-042B4A465273} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4950ECBA-8D72-493B-A0EB-CA9249133316}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{cfc5e456-e14c-404d-ae3c-686d78c7fa82}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{f5521eba-7c81-4192-bb08-29bb54988594}: [NameServer] 100.120.166.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-20] (Oracle America, Inc. -> Oracle Corporation)

Edge:
======
DownloadDir: C:\Users\LuciFafa\Downloads

FireFox:
========
FF DefaultProfile: o4nlojpb.default-1540287753942
FF ProfilePath: C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 [2020-01-26]
FF Homepage: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> hxxps://www.google.cz/
FF Notifications: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> hxxps://www.vitalitygames.com; hxxps://pacogames.os.tc
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\sp@avast.com.xpi [2020-01-18]
FF Extension: (Avast Online Security) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\wrc@avast.com.xpi [2020-01-24]
FF Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2018-10-24] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-12-09] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2018-01-04] (Nexon) [File not signed]
FF Plugin: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll [2009-11-19] (OGPlanet -> OGPlanet)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default [2020-01-22]
CHR Extension: (Prezentace) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-02]
CHR Extension: (Dokumenty) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-02]
CHR Extension: (Disk Google) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-02]
CHR Extension: (YouTube) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-02]
CHR Extension: (Tabulky) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-22]
CHR Extension: (Avast Online Security) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-02]
CHR Extension: (Gmail) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-02]
CHR Extension: (Chrome Media Router) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-31]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [383872 2017-05-16] (Advanced Micro Devices, Inc. -> AMD)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [163328 2018-09-25] () [File not signed]
R2 asComSvc; C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-07-23] (ASUSTeK Computer Inc. -> )
R2 AsSysCtrlService; C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-07-23] (ASUSTeK Computer Inc. -> ) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5106064 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [859096 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [7188752 2018-06-22] (Mail.Ru LLC -> LLC Mail.Ru)
S3 npggsvc; C:\Windows\system32\GameMon.des [7986848 2018-03-15] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2018-11-14] (Even Balance, Inc. -> )
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe [6828424 2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [2250992 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [85240 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmdag.sys [32682368 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmpag.sys [415104 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S0 amdkmpfd; C:\WINDOWS\System32\DRIVERS\amdkmpfd.sys [40136 2014-10-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [73928 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [36040 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [14720 2014-07-23] (ASUSTeK Computer Inc. -> )
S3 AsusVBus; C:\WINDOWS\System32\DRIVERS\AsusVBus.sys [33048 2017-01-09] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35512 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [174712 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [224008 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [169408 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [59368 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15792 2019-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [211088 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41200 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [136752 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [95168 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [73312 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [691528 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [394856 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [176760 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [48152 2018-09-07] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [277408 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT3.sys [82432 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 ATP; C:\WINDOWS\System32\DRIVERS\AsusTP.sys [66872 2017-01-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [252480 2019-10-21] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S0 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [19592 2009-09-24] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S3 btnetBUs; C:\WINDOWS\System32\Drivers\btnetBus.sys [22528 2009-09-24] () [File not signed]
R1 ccSet_NST; C:\WINDOWS\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation -> Symantec Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-10-14] (Disc Soft Ltd -> Disc Soft Ltd)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [25480 2009-08-26] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [17352 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [241760 2020-01-26] (Malwarebytes Corporation -> Malwarebytes)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [6456416 2018-06-22] (Mail.Ru LLC -> LLC Mail.Ru)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [15688 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] (MiniTool Solution Ltd -> )
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [5120 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 usbfilter; C:\WINDOWS\System32\DRIVERS\usbfilter.sys [48352 2014-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [15872 2019-09-06] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [37472 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [278456 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [39368 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [207360 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 kxldrkob; C:\Users\LuciFafa\AppData\Local\Temp\kxldrkob.sys [104960 2020-01-26] (GMER) [File not signed] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-26 12:00 - 2020-01-26 12:00 - 000000000 ____D C:\Users\LuciFafa\Desktop\FRST-OlderVersion
2020-01-26 11:49 - 2020-01-26 11:49 - 000241760 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-01-26 11:04 - 2020-01-26 11:04 - 000000000 _____ C:\Users\LuciFafa\Desktop\Nový textový dokument (3).txt
2020-01-25 20:21 - 2020-01-25 20:22 - 000045045 _____ C:\Users\LuciFafa\Desktop\Addition.txt
2020-01-25 20:19 - 2020-01-26 12:03 - 000032093 _____ C:\Users\LuciFafa\Desktop\FRST.txt
2020-01-25 20:19 - 2020-01-26 12:02 - 000000000 ____D C:\FRST
2020-01-25 20:18 - 2020-01-26 12:00 - 002311680 _____ (Farbar) C:\Users\LuciFafa\Desktop\FRST(1).exe
2020-01-25 20:17 - 2020-01-25 20:17 - 000000000 _____ C:\Users\LuciFafa\Downloads\FRST.exe
2020-01-25 20:09 - 2020-01-25 20:11 - 000000000 ____D C:\AdwCleaner
2020-01-25 20:09 - 2020-01-25 20:09 - 008237744 _____ (Malwarebytes) C:\Users\LuciFafa\Desktop\adwcleaner_8.0.1.exe
2020-01-25 20:08 - 2020-01-25 20:08 - 000000000 ____D C:\Users\LuciFafa\Desktop\Nová složka (3)
2020-01-22 11:39 - 2020-01-22 12:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-20 17:41 - 2020-01-20 17:41 - 000000000 ____D C:\Program Files\Common Files\Oracle
2020-01-20 17:41 - 2020-01-20 17:41 - 000000000 ____D C:\Program Files\Common Files\Java
2020-01-20 11:38 - 2020-01-20 11:38 - 000001439 _____ C:\Users\LuciFafa\Desktop\Tajný život mazlíčků 2 CZ DABING 2019 – zástupce.lnk
2020-01-20 09:06 - 2020-01-20 10:30 - 1547217553 _____ C:\Users\LuciFafa\Downloads\Tajný život mazlíčků 2 CZ DABING 2019.mkv
2020-01-19 11:16 - 2008-08-18 18:18 - 000077824 _____ (Fox Magic Software) C:\WINDOWS\system32\fmcodec.DLL
2020-01-17 17:10 - 2020-01-17 17:10 - 000001259 _____ C:\Users\LuciFafa\Desktop\Velká šestka 2014 – zástupce.lnk
2020-01-16 13:52 - 2020-01-16 15:46 - 000000008 _____ C:\Users\LuciFafa\Desktop\Nový textový dokument (2).txt
2020-01-16 12:38 - 2020-01-16 12:38 - 003401208 _____ C:\Users\LuciFafa\Downloads\winrar-x64-580cz.exe
2020-01-16 12:38 - 2020-01-16 12:38 - 003175080 _____ C:\Users\LuciFafa\Downloads\wrar580cz.exe
2020-01-16 12:36 - 2020-01-16 12:36 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 002995712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-16 12:35 - 2020-01-16 12:35 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-16 12:35 - 2020-01-16 12:35 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 001539160 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-16 12:35 - 2020-01-16 12:35 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-16 12:35 - 2020-01-16 12:35 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-16 12:35 - 2020-01-16 12:35 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000277520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-16 12:35 - 2020-01-16 12:35 - 000261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-16 12:35 - 2020-01-16 12:35 - 000207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-16 12:35 - 2020-01-16 12:35 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000105384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-16 12:35 - 2020-01-16 12:35 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-16 12:35 - 2020-01-16 12:35 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-16 12:28 - 2019-12-10 05:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-16 08:54 - 2020-01-16 09:39 - 831700580 _____ C:\Users\LuciFafa\Downloads\Velká šestka 2014.avi
2020-01-15 17:42 - 2020-01-15 17:42 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Media Player Utilities 4.46
2020-01-15 17:42 - 2020-01-15 17:42 - 000000000 ____D C:\Program Files\Media Player Utilities 4.46
2020-01-15 17:02 - 2020-01-23 22:15 - 000000000 ____D C:\Users\LuciFafa\Downloads\5
2020-01-15 12:33 - 2020-01-15 12:33 - 000001326 _____ C:\Users\LuciFafa\Desktop\Animované-Raubíř-Ralf-cz – zástupce.lnk
2020-01-15 12:25 - 2020-01-15 12:25 - 000001488 _____ C:\Users\LuciFafa\Desktop\V hlavě-animovaný rodinný film USA 2015 cz – zástupce.lnk
2020-01-15 09:35 - 2020-01-15 11:00 - 1564232642 _____ C:\Users\LuciFafa\Downloads\Animované-Raubíř-Ralf-cz.avi
2020-01-15 08:35 - 2020-01-15 09:25 - 920561298 _____ C:\Users\LuciFafa\Downloads\V hlavě-animovaný rodinný film USA 2015 cz.avi
2020-01-15 08:26 - 2020-01-15 08:29 - 000000000 ____D C:\Users\LuciFafa\Downloads\Nová složka (6)
2020-01-07 11:25 - 2020-01-07 13:01 - 1058216200 _____ C:\Users\LuciFafa\Downloads\angry-birds-ve-filmu-2016-cz-dabing-top-kvalita-avi 1.bin
2020-01-06 19:43 - 2020-01-06 19:43 - 000001471 _____ C:\Users\LuciFafa\Downloads\Angry Birds ve filmu 2 2019 1080p CZ.SK 5.1 – zástupce.lnk
2020-01-06 19:43 - 2020-01-06 19:43 - 000001471 _____ C:\Users\LuciFafa\Desktop\Angry Birds ve filmu 2 2019 1080p CZ.SK 5.1 – zástupce.lnk
2020-01-06 12:07 - 2020-01-06 16:15 - 2745262544 _____ C:\Users\LuciFafa\Downloads\Angry Birds ve filmu 2 2019 1080p CZ.SK 5.1.mkv
2020-01-04 19:39 - 2020-01-04 19:39 - 055961627 _____ C:\Users\LuciFafa\Downloads\EpicInstaller-10.7.0-fortnite.dmg
2020-01-04 19:39 - 2020-01-04 19:39 - 043749376 _____ C:\Users\LuciFafa\Downloads\EpicInstaller-10.7.0-fortnite.msi

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-26 12:00 - 2015-10-25 18:51 - 000000000 ____D C:\Program Files\Steam
2020-01-26 11:59 - 2016-11-18 15:12 - 000000000 ____D C:\Users\LuciFafa\AppData\LocalLow\Mozilla
2020-01-26 11:57 - 2015-10-25 18:51 - 000000000 ____D C:\Program Files\Common Files\Steam
2020-01-26 11:52 - 2015-10-25 18:51 - 000000994 _____ C:\Users\Public\Desktop\Steam.lnk
2020-01-26 11:49 - 2019-10-18 07:31 - 000002097 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-01-26 11:12 - 2019-03-19 03:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-26 11:10 - 2017-11-24 21:24 - 000000000 ____D C:\Program Files\Assassins Creed IV Black Flag
2020-01-26 10:47 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-01-26 10:26 - 2015-10-23 10:14 - 000001827 _____ C:\Users\Public\Desktop\Defraggler.lnk
2020-01-26 09:54 - 2017-09-05 08:37 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\AVAST Software
2020-01-26 09:53 - 2018-10-23 10:17 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\CrashDumps
2020-01-25 20:19 - 2019-09-06 19:41 - 001839106 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-25 20:19 - 2019-03-19 08:13 - 000764824 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-25 20:19 - 2019-03-19 08:13 - 000169506 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-25 20:19 - 2019-03-19 03:44 - 000000000 ____D C:\WINDOWS\INF
2020-01-25 20:12 - 2019-09-06 19:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-25 20:11 - 2019-03-19 03:35 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-25 20:11 - 2015-09-25 11:42 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-01-25 19:21 - 2019-03-19 03:35 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-01-25 18:29 - 2015-09-26 07:21 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2020-01-25 17:57 - 2019-09-06 19:48 - 000002312 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-01-25 17:57 - 2019-09-06 19:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-01-25 17:14 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-25 12:16 - 2017-11-22 14:44 - 000001725 _____ C:\Users\LuciFafa\Desktop\Assassin`s Creed III.lnk
2020-01-25 12:05 - 2015-10-15 14:59 - 000000000 ____D C:\Program Files\GRID 2
2020-01-25 12:04 - 2017-02-14 19:26 - 000000000 ____D C:\Program Files\GRID Autosport
2020-01-25 12:04 - 2015-12-10 12:44 - 000000000 ____D C:\Program Files\DiRT Rally
2020-01-25 12:04 - 2015-10-14 21:06 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\DAEMON Tools Lite
2020-01-25 11:43 - 2019-09-06 19:48 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-01-23 23:35 - 2019-03-19 03:46 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-23 22:23 - 2015-12-26 20:36 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\AIMP
2020-01-23 21:54 - 2015-09-29 18:05 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\vlc
2020-01-22 12:10 - 2015-09-26 07:21 - 000001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-21 21:19 - 2019-11-02 18:19 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-21 21:19 - 2019-11-02 18:19 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-20 17:41 - 2019-10-18 07:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-01-20 17:41 - 2019-10-18 07:45 - 000000000 ____D C:\Program Files\Java
2020-01-20 17:40 - 2019-10-18 07:46 - 000112696 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2020-01-19 11:16 - 2019-12-07 20:00 - 000002147 _____ C:\Users\Public\Desktop\Music Search MP3.lnk
2020-01-19 11:16 - 2019-12-07 20:00 - 000001221 _____ C:\Users\Public\Desktop\aTube Catcher.lnk
2020-01-19 11:16 - 2015-10-05 13:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2020-01-16 18:21 - 2019-09-06 19:34 - 000274608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-16 18:19 - 2019-03-19 03:46 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-16 18:19 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-16 18:19 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-16 18:19 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-16 17:12 - 2019-09-06 19:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-16 12:48 - 2019-03-19 03:35 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-16 12:47 - 2015-09-29 15:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-16 12:45 - 2019-09-06 20:07 - 000000000 ____D C:\ProgramData\Packages
2020-01-16 12:45 - 2019-09-06 19:55 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\PlaceholderTileLogoFolder
2020-01-16 12:45 - 2019-09-06 19:49 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\Packages
2020-01-16 12:39 - 2015-09-29 15:22 - 117005720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-16 12:38 - 2015-10-05 13:40 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-01-16 12:38 - 2015-10-05 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-01-16 12:38 - 2015-10-05 13:40 - 000000000 ____D C:\Program Files\WinRAR
2020-01-15 17:01 - 2019-09-13 18:17 - 000000000 ____D C:\Program Files\bookingDesktopApp
2020-01-15 09:23 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-01-13 17:45 - 2015-09-29 16:33 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\ElevatedDiagnostics
2020-01-12 18:03 - 2015-09-25 11:46 - 000000000 ____D C:\Program Files\SpeedFan
2020-01-08 18:52 - 2017-09-05 08:37 - 000000128 _____ C:\Users\LuciFafa\Desktop\HESLO VIRY.txt
2020-01-08 18:47 - 2019-01-15 11:21 - 000001038 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-30 16:53 - 2019-11-15 21:54 - 000002872 _____ C:\WINDOWS\system32\Tasks\Java Updater
2019-12-30 16:53 - 2019-10-29 18:43 - 000003026 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2019-12-30 16:53 - 2019-09-06 19:56 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1117677789-4214877554-3075564690-1000
2019-12-30 16:53 - 2019-09-06 19:48 - 000003450 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-30 16:53 - 2019-09-06 19:48 - 000003226 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories ========

2016-06-03 14:03 - 2016-06-03 14:03 - 000000603 _____ () C:\Program Files\Blacklight Retribution_enUpdaterLog.txt
2016-06-03 14:01 - 2017-10-17 18:38 - 000022328 _____ () C:\Users\LuciFafa\AppData\Roaming\PnkBstrK.sys
2019-11-02 17:41 - 2019-11-02 17:41 - 000000038 _____ () C:\Users\LuciFafa\AppData\Local\cloudready_installer_uuid
2015-09-28 09:38 - 2018-10-03 07:50 - 000007602 _____ () C:\Users\LuciFafa\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

mania
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 16 říj 2015 09:14

Re: Vir nebo defender

#5 Příspěvek od mania »

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-01-2020
Ran by LuciFafa (26-01-2020 12:04:23)
Running from C:\Users\LuciFafa\Desktop
Microsoft Windows 10 Home Version 1903 18362.592 (X86) (2019-09-06 18:49:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1117677789-4214877554-3075564690-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1117677789-4214877554-3075564690-503 - Limited - Disabled)
Guest (S-1-5-21-1117677789-4214877554-3075564690-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1117677789-4214877554-3075564690-1004 - Limited - Enabled)
LuciFafa (S-1-5-21-1117677789-4214877554-3075564690-1000 - Administrator - Enabled) => C:\Users\LuciFafa
WDAGUtilityAccount (S-1-5-21-1117677789-4214877554-3075564690-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

«Assassin`s Creed III» 1.06 (HKLM\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}_is1) (Version: 1.06 - Ubisoft)
ACP Application (HKLM\...\{1BF06C12-832F-28F4-A2F2-D6261871D418}) (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.293 - Adobe)
AIMP (HKLM\...\AIMP) (Version: v4.13.1897, 26.06.2017 - AIMP DevTeam)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2018.0925.2319.41966 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.9.3 - Advanced Micro Devices, Inc.)
Angry Birds (HKLM\...\{24066C1A-104E-4577-9C28-2AE772005C1F}) (Version: 4.0.0 - Rovio Entertainment Ltd.)
Assassin's Creed ® III v1.06 (HKLM\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Assassins Creed IV Black Flag (HKLM\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
aTube Catcher verze 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.1.2 (HKLM\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Avast SecureLine VPN (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 5.5.522 - AVAST Software)
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - )
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.140.12.1002 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Combat Arms the Classic (HKLM\...\CA_Classic) (Version: - )
CombatArms (HKLM\...\CombatArms) (Version: - )
CrystalDiskInfo 7.6.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.6.0 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DiRT Rally (HKLM\...\ZGlydHJhbGx5_is1) (Version: 1 - )
Far Cry 2 (HKLM\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.03.00 - Ubisoft)
Far Cry 3 v1.01 (HKLM\...\Far Cry 3_is1) (Version: 1.01 - Ubisoft)
Gameforge Live 2.0.13 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge)
Google Chrome (HKLM\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
GRID 2 (c) Codemasters version 1 (HKLM\...\R1JJRDI=_is1) (Version: 1 - )
GRID Autosport Complete Edition (HKLM\...\Z3JpZGF1dG9zcG9ydA_is1) (Version: 1 - )
HPLJDXPHelper (HKLM\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden
HPLJUTCore (HKLM\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
hppLaserJetService (HKLM\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden
Java 8 Update 241 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
K-Lite Mega Codec Pack 11.5.5 (HKLM\...\KLiteCodecPack_is1) (Version: 11.5.5 - )
Lame ACM MP3 Codec (HKLM\...\LameACM) (Version: - )
LJDXPHelperUI (HKLM\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Media Player Utilities 4.46 (HKLM\...\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}) (Version: 4.46 - )
Metric Collection SDK 35 (HKLM\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x86 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x86 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.2.7321 - Mozilla)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MY.GAMES GameCenter (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\GameCenter) (Version: 4.1542 - MY.COM B.V.)
Need for Speed Most Wanted Limited Edition (HKLM\...\Need for Speed Most Wanted Limited Edition_is1) (Version: 1.0 - PLAZA)
NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version: - )
Pinnacle VideoSpin (HKLM\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Pro Evolution Soccer 2015 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
Pro Evolution Soccer 2016 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7443 - Realtek Semiconductor Corp.)
S.K.I.L.L. - Special Force 2 (HKLM\...\Special Force 2 Beta_is1) (Version: - Gameforge 4D GmbH)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-2) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Warface My.Com (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Warface My.Com) (Version: 1.74 - My.com B.V.)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.80 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM\...\x264vfw) (Version: - )
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x86__8wekyb3d8bbwe [2019-12-13] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x86__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x86__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios) [MS Ad]
Trio Office -> C:\Program Files\WindowsApps\64343GTDocStudio.OfficeDocOpener_3.2.14.0_x86__3h5nez1g3qt2c [2020-01-23] (GT Office PDF Studio)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2017-07-19] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2017-07-19] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1117677789-4214877554-3075564690-1000: [VIDEOTRANS] -> {C8CA0A66-AF32-4D5E-879E-F0809ACEDC55} => C:\Program Files\Media Player Utilities 4.46\AMVConverter\AmvTransform.dll [2007-06-16] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FMVC] => C:\WINDOWS\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\WINDOWS\system32\LameACM.acm [839680 2014-03-25] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\pvmjpg30.dll [401408 2007-06-21] (Pegasus Imaging Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv.dll [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega.acm [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [vidc.mjpx] => C:\WINDOWS\system32\bdmjpeg.dll [14848 2010-02-17] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2
ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2

==================== Loaded Modules (Whitelisted) =============

2015-09-25 11:56 - 2014-07-23 02:59 - 000104448 ____R () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\ATKEX.dll
2015-09-25 11:56 - 2020-01-25 20:12 - 000026112 _____ () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2007-06-16 16:18 - 2007-06-16 16:18 - 000032768 _____ () [File not signed] C:\Program Files\Media Player Utilities 4.46\AMVConverter\AmvTransform.dll
2012-04-11 09:40 - 2012-04-11 09:40 - 000067584 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.dll
2015-09-25 11:56 - 2014-07-23 02:59 - 000028672 ____R (ASUSTek Computer Inc.) [File not signed] C:\WINDOWS\SYSTEM32\asio.dll
2009-09-16 17:37 - 2009-09-16 17:37 - 000118784 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 17:38 - 2009-09-16 17:38 - 000200704 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 10:44 - 2009-09-16 10:44 - 000139264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2009-09-16 17:40 - 2009-09-16 17:40 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
2019-11-03 14:53 - 2018-09-07 09:07 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\SecureLine VPN\libcrypto-1_1.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2019-11-03 15:00 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2018-11-25 13:19 - 2018-11-25 13:28 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 LuciFafa-PC.mshome.net # 2023 11 5 24 12 28 50 123

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Pinnacle\Shared Files\;C:\Windows\system32\Wbem;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\LuciFafa\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\wallpapers.jpg
DNS Servers: 10.0.0.138
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: bthserv => 2
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: MyComGames => "C:\Users\LuciFafa\AppData\Local\MyComGames\MyComGames.exe" -autostart
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C2C938D0-FF05-49C9-896D-4AF0FCCF670D}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [{F311D39B-F000-4043-BB9A-068CA6FFAE17}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [UDP Query User{6C5050AF-2961-45EE-8CE0-062ACF12A65F}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{63968150-81BF-476E-A288-660AD9FB5B96}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{7268D25D-F217-4CA9-86E2-FB6B413E2033}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{A048AB68-9C44-4BAA-93F6-D7CB77BB7F31}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{3E15E737-175B-4C45-B5DC-5A51FA4AE876}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{220C6B6F-CA5A-4F4C-9728-D0CEFCDA7C97}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{A2DB8D43-00BD-45FC-BF13-8EA1A9C1A210}C:\hry\far cry 3\bin\farcry3_d3d11.exe] => (Block) C:\hry\far cry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{8B6EE969-AB4F-41D6-A9F0-C69E7977D707}C:\hry\far cry 3\bin\farcry3_d3d11.exe] => (Block) C:\hry\far cry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{B6926273-C227-4257-B1FE-08D4F0CE1B8E}C:\hry\far cry 3\bin\farcry3.exe] => (Block) C:\hry\far cry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{4E229442-7D4C-472A-A70D-42275423D539}C:\hry\far cry 3\bin\farcry3.exe] => (Block) C:\hry\far cry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{0957E6CE-664B-4153-818A-2F79CEFC3259}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [TCP Query User{F53E705D-E7F5-45B9-915F-19E5944A1C59}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [UDP Query User{69C9079B-9B00-426D-AABB-B00D88887BD0}C:\program files\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files\pro evolution soccer 2015\pes2015.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.)
FirewallRules: [TCP Query User{B7BB4090-2C73-422F-AEB7-2348B04D42B4}C:\program files\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files\pro evolution soccer 2015\pes2015.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.)
FirewallRules: [{D446791A-4EC4-4388-9308-91E40AE6E082}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [{F9DDEA7B-3523-497E-BE08-4FE3153575F6}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [{8857EC3E-97CB-4162-978D-67E0E074E9D2}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D95C7E3B-0885-4494-8F1D-52E56FAFE42F}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CE685811-8353-43A0-A229-8CCF53A9D23D}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{28D684D2-201F-4CCE-86A4-569C7B53CFB8}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FE8601DC-5AF1-4D41-9EE1-43B036E365C3}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{B62F51D2-CB7F-4467-B68F-05ADACF73D9B}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{D94F133B-68D5-4D67-802E-BBAB479A690A}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [{7EF9D1B9-A961-412F-8121-54703B007668}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [UDP Query User{F17FB0C8-34E4-46D7-AC4E-904C298FBB45}C:\program files\need for speed most wanted limited edition\nfs13.exe] => (Allow) C:\program files\need for speed most wanted limited edition\nfs13.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{89475DD2-DA4C-41E5-AB84-B2D139CF1148}C:\program files\need for speed most wanted limited edition\nfs13.exe] => (Allow) C:\program files\need for speed most wanted limited edition\nfs13.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{F3F2ABE5-DE71-4224-A7CC-C5F87635F948}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [TCP Query User{FCF751CB-8BE5-4862-BF29-4484D9A2273E}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{7B950B8E-B792-4B3C-9C6B-16CA488974BC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CDD954B7-20A5-498C-9D61-42E0CAA801E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EC87A27C-4074-4AA5-BBFD-9211877F2D38}] => (Allow) C:\Program Files\GameforgeLive\gfl_client.exe (Gameforge 4D GmbH -> )
FirewallRules: [UDP Query User{5924A848-8939-4C13-8B64-78E52BDA3201}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [TCP Query User{5F5E8BA7-F670-4C0D-AA6E-672A45ABB128}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [UDP Query User{2C28F662-DBB7-4C63-8E6A-8E59B6BC29C2}C:\valofeeu\combatarms\engine.exe] => (Allow) C:\valofeeu\combatarms\engine.exe (valofe Co.,Ltd. -> VALOFE)
FirewallRules: [TCP Query User{E7331683-6880-4A36-BD1B-78B727AA92DC}C:\valofeeu\combatarms\engine.exe] => (Allow) C:\valofeeu\combatarms\engine.exe (valofe Co.,Ltd. -> VALOFE)
FirewallRules: [UDP Query User{3B1B9D02-F2AA-4AE3-8F5E-34376C338569}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [TCP Query User{46399DCA-573F-4286-B236-9030E170AA85}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [UDP Query User{3CA8CBDB-5221-4288-BF33-C534FD8F1A45}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [TCP Query User{9E875B8D-F6E8-44C8-B83F-FE562A8DA167}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [{83B67CD3-593C-4E91-8D75-AD5856BD5745}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc.) [File not signed]
FirewallRules: [TCP Query User{F2A83DB1-07EE-433B-AF71-CBE1BA6EFA7A}C:\program files\assassins creed iv black flag\ac4bfmp.exe] => (Block) C:\program files\assassins creed iv black flag\ac4bfmp.exe (Ubisoft Entertainment SA -> ) [File not signed]
FirewallRules: [UDP Query User{C9D5680E-B989-4E48-BE51-378F27EA5DD0}C:\program files\assassins creed iv black flag\ac4bfmp.exe] => (Block) C:\program files\assassins creed iv black flag\ac4bfmp.exe (Ubisoft Entertainment SA -> ) [File not signed]
FirewallRules: [{D3CC9DFD-9FCF-49F0-BFF9-B6E34B191401}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe] => :*Enabled:CombatArmsClassic.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CA_Classic\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe] => :*Enabled:CombatArmsClassic.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CA_Classic\Engine.exe] => :*Enabled:Engine.exe

==================== Restore Points =========================

31-12-2019 14:44:55 Naplánovaný kontrolní bod
10-01-2020 14:32:18 Naplánovaný kontrolní bod
15-01-2020 17:41:36 Installed Media Player Utilities 4.46
23-01-2020 13:54:04 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/26/2020 12:06:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9596,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/26/2020 11:48:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (712,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/26/2020 11:26:21 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6664,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/26/2020 11:11:27 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7348,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/26/2020 10:59:01 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1600,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/26/2020 10:35:12 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1172,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/26/2020 10:09:35 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7480,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/26/2020 10:01:34 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3312,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (01/26/2020 11:57:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/26/2020 11:57:01 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (01/26/2020 11:03:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba kxldrkob neuspěla při spuštění v důsledku následující chyby:
Přístup byl odepřen.

Error: (01/25/2020 08:11:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS Com Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2020 08:11:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Řízení front zpráv byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (01/25/2020 08:11:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2020 08:11:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PnkBstrA byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2020 08:11:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS System Control Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2020-01-25 19:28:39.483
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {1B356CAA-7680-452F-AB54-DEA5EAA5B06B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: LuciFafa-PC\LuciFafa

Date: 2020-01-25 12:09:24.735
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Dynamer!rfn
ID: 2147721515
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Program Files\Assassins Creed IV Black Flag\uplay_r1.dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: LuciFafa-PC\LuciFafa
Název procesu: C:\Program Files\Assassins Creed IV Black Flag\AC4BFSP.exe
Verze bezpečnostních informací: AV: 1.307.3000.0, AS: 1.307.3000.0, NIS: 1.307.3000.0
Verze modulu: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2020-01-25 12:08:59.188
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.A!rfn
ID: 2147746577
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_E:\Crack\steam_api.dll
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LuciFafa-PC\LuciFafa
Název procesu: E:\Crack\GRIDAutosport.exe
Verze bezpečnostních informací: AV: 1.307.3000.0, AS: 1.307.3000.0, NIS: 1.307.3000.0
Verze modulu: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2020-01-25 12:04:03.303
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/Obfuscator.XZ
ID: 2147625929
Závažnost: Vážné
Kategorie: Nástroj
Cesta: file:_C:\Program Files\GRID 2\steam_api.dll
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\GRID 2\grid2_avx.exe
Verze bezpečnostních informací: AV: 1.307.3000.0, AS: 1.307.3000.0, NIS: 1.307.3000.0
Verze modulu: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2020-01-25 12:04:02.378
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/Obfuscator.XZ
ID: 2147625929
Závažnost: Vážné
Kategorie: Nástroj
Cesta: file:_C:\Program Files\GRID 2\steam_api.dll
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.307.3000.0, AS: 1.307.3000.0, NIS: 1.307.3000.0
Verze modulu: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2019-12-09 15:29:03.019
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o načtení bezpečnostních informací a pokusí se o obnovení poslední známé funkční verze.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

CodeIntegrity:
===================================

Date: 2020-01-26 09:53:25.493
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-25 20:14:46.814
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-01-25 20:14:46.799
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-01-25 20:14:46.766
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-01-25 20:13:51.656
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-25 20:13:51.638
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-25 20:13:51.620
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-25 20:13:51.601
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2301 04/24/2015
Motherboard: ASUSTeK COMPUTER INC. A88XM-A
Processor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 77%
Total physical RAM: 3030.36 MB
Available physical RAM: 692.55 MB
Total Virtual: 6102.36 MB
Available Virtual: 3118.04 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.97 GB) (Free:415.34 GB) NTFS
Drive d: (DiRT Rally) (CDROM) (Total:20.44 GB) (Free:0 GB) UDF
Drive e: (GRID Autosport Complete) (CDROM) (Total:13.65 GB) (Free:0 GB) UDF
Drive g: (AC4 Black Flag) (CDROM) (Total:23.13 GB) (Free:0 GB) CDFS
Drive h: (Pro Evolution Soccer 2015) (CDROM) (Total:5.98 GB) (Free:0 GB) UDF

\\?\Volume{bfa7490a-636e-11e5-a8d8-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{09292a41-0000-0000-0000-90c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 09292A41)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vir nebo defender

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
C:\Program Files\Assassins Creed IV Black Flag\uplay_r1.dll
E:\Crack\steam_api.dll
C:\Program Files\GRID 2\steam_api.dll
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {83482C26-D5B0-4999-8965-1E221E559312} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
Task: {D5710AD8-16D6-4457-84FA-882F80D8D906} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
S3 mracsvc; C:\Windows\System32\mracsvc.exe [7188752 2018-06-22] (Mail.Ru LLC -> LLC Mail.Ru)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [6456416 2018-06-22] (Mail.Ru LLC -> LLC Mail.Ru)
S3 kxldrkob; C:\Users\LuciFafa\AppData\Local\Temp\kxldrkob.sys [104960 2020-01-26] (GMER) [File not signed] <==== ATTENTION
C:\Users\LuciFafa\AppData\Local\Temp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

mania
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 16 říj 2015 09:14

Re: Vir nebo defender

#7 Příspěvek od mania »

Fix result of Farbar Recovery Scan Tool (x86) Version: 26-01-2020
Ran by LuciFafa (26-01-2020 12:53:46) Run:1
Running from C:\Users\LuciFafa\Desktop
Loaded Profiles: LuciFafa (Available Profiles: LuciFafa)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
C:\Program Files\Assassins Creed IV Black Flag\uplay_r1.dll
E:\Crack\steam_api.dll
C:\Program Files\GRID 2\steam_api.dll
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {83482C26-D5B0-4999-8965-1E221E559312} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
Task: {D5710AD8-16D6-4457-84FA-882F80D8D906} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
S3 mracsvc; C:\Windows\System32\mracsvc.exe [7188752 2018-06-22] (Mail.Ru LLC -> LLC Mail.Ru)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [6456416 2018-06-22] (Mail.Ru LLC -> LLC Mail.Ru)
S3 kxldrkob; C:\Users\LuciFafa\AppData\Local\Temp\kxldrkob.sys [104960 2020-01-26] (GMER) [File not signed] <==== ATTENTION
C:\Users\LuciFafa\AppData\Local\Temp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"C:\Program Files\Assassins Creed IV Black Flag\uplay_r1.dll" => not found
"E:\Crack\steam_api.dll" => not found
"C:\Program Files\GRID 2\steam_api.dll" => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{83482C26-D5B0-4999-8965-1E221E559312}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83482C26-D5B0-4999-8965-1E221E559312}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5710AD8-16D6-4457-84FA-882F80D8D906}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5710AD8-16D6-4457-84FA-882F80D8D906}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully.
HKLM\System\CurrentControlSet\Services\mracsvc => removed successfully.
mracsvc => service removed successfully.
HKLM\System\CurrentControlSet\Services\mracdrv => removed successfully.
mracdrv => service removed successfully.
kxldrkob => service not found.
C:\Users\LuciFafa\AppData\Local\Temp => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 11558912 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 60479115 B
Java, Flash, Steam htmlcache => 186529493 B
Windows/system/drivers => 2139045 B
Edge => 8192 B
Chrome => 11850014 B
Firefox => 1533791980 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 23506 B
NetworkService => 53948 B
LuciFafa => 2542307 B

RecycleBin => 7 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:55:19 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vir nebo defender

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

mania
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 16 říj 2015 09:14

Re: Vir nebo defender

#9 Příspěvek od mania »

Ahojky omlouvám se že píši se zpožděním. Některé hry již funguji pár staých sem beztak vyhodila. Stránky i pc se načítají bez velkých časových prodlev. Koukala jsem i na tu obnovu sys. a všechny body jsou smazané musela jsem ho ale ručně vytvořit snad je to ok.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vir nebo defender

#10 Příspěvek od Rudy »

To jsem rád. Snad to bude OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět