Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Podezření na virus z ovladačů
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
- Návštěvník
- Příspěvky: 34
- Registrován: 14 bře 2014 09:41
Podezření na virus z ovladačů
Zdravím,
chtěl bych požádat o kontrolu přiložených logů z FRST z důvodu následujícího problému, případné další rady.
Popis problému:
Po instalaci ovladačů pro arduino desku CH340G (arduino je levný, robustní jednodeskový počítač) pro Windows 10 ze zdroje: https://iotta.cz/ovladace-pro-ch340g/ zablokoval Avast tyto soubory:
arduino-builder.exe
arduino.exe
Soubory byly umístěny v: C:\Program Files\WindowsApps\ArduinoLLC.ArduinoIDE_1.8.33.0_x86_mdqgnx93n4wtt .
Hrozbu prvního souboru pojmenoval Avast jako: IDP.ALEXA.51 , hrozbu druhého souboru pojmenoval jako: IDP.Generic .
V důsledku zablokování antivirem byl znemožněn chod celé Windows aplikace Arduino IDE (vývojové prostředí společnosti Arduino).
Popis problému přidávám pro úplnost situace. Chtěl bych požádat hlavně o kontrolu bezpečnosti počítače.
Předem děkuji,
BigGuava69
chtěl bych požádat o kontrolu přiložených logů z FRST z důvodu následujícího problému, případné další rady.
Popis problému:
Po instalaci ovladačů pro arduino desku CH340G (arduino je levný, robustní jednodeskový počítač) pro Windows 10 ze zdroje: https://iotta.cz/ovladace-pro-ch340g/ zablokoval Avast tyto soubory:
arduino-builder.exe
arduino.exe
Soubory byly umístěny v: C:\Program Files\WindowsApps\ArduinoLLC.ArduinoIDE_1.8.33.0_x86_mdqgnx93n4wtt .
Hrozbu prvního souboru pojmenoval Avast jako: IDP.ALEXA.51 , hrozbu druhého souboru pojmenoval jako: IDP.Generic .
V důsledku zablokování antivirem byl znemožněn chod celé Windows aplikace Arduino IDE (vývojové prostředí společnosti Arduino).
Popis problému přidávám pro úplnost situace. Chtěl bych požádat hlavně o kontrolu bezpečnosti počítače.
Předem děkuji,
BigGuava69
- Přílohy
-
- FRST_logs.rar
- Logy FRST. txt a Addition.txt zabalené do archivu RAR.
- (28.58 KiB) Staženo 79 x
Re: Podezření na virus z ovladačů
Ahoj
Stiahni TDSSKiller: http://www.bleepingcomputer.com/download/tdsskiller/
Stiahni TDSSKiller: http://www.bleepingcomputer.com/download/tdsskiller/
- Uloz na plochu a spusti ako spravca
- Potvrd licencne podmienky
- Klikni na Change parameters, oznac moznost "Loaded Modules" a potvrd restart PC kliknutim na Reboot Now
- Po restartovani PC by sa mal automaticky spustit TDSSKiller (ak sa tak nestane, spusti TDSSKiller rucne)
- Klikni znovu na Change parameters a oznac moznosti "Verify driver digital signature" a "Detect TDLFS file system" a uloz kliknutim na OK
- Klikni na "Start Scan" a pockaj na dokoncenie skenu
- V pripade nalezov ponechaj vybrane predvolene moznosti a klikni na "Continue" a v pripade vyzvy potvrd restartovanie PC
- Na disku C:\ sa vytvori textovy subor (log) s nazvom zacinajucim na "TDSSKiller" - jeho obsah vloz do dalsej odpovede (ak bude suborov viac, posli vsetky z nich)
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
- Návštěvník
- Příspěvky: 34
- Registrován: 14 bře 2014 09:41
Re: Podezření na virus z ovladačů
Ahoj
Prozatím bohužel hlásím neúspěch. TDSSKiller se nedaří řádně spustit.
Po stažení, uložení na plochu a spuštění jako správce se zobrazí okno "Chcete této aplikaci povolit, aby prováděla na vašem zařízení změny?" Po potvrzení ANO se program chvíli načítá, ale k jeho spuštění nedojde.
Stejně je tomu i při stažení přímo ze stránek kaspersky, zdroj: https://support.kaspersky.com/viruses/u ... TDSSKiller. Nepomohlo ani přejmenování na tdsskiller.com.
Mám se pokusit o spuštění v nouzovém režimu nebo jiný způsob spuštění aplikace ?
Děkuji za rady.
Prozatím bohužel hlásím neúspěch. TDSSKiller se nedaří řádně spustit.
Po stažení, uložení na plochu a spuštění jako správce se zobrazí okno "Chcete této aplikaci povolit, aby prováděla na vašem zařízení změny?" Po potvrzení ANO se program chvíli načítá, ale k jeho spuštění nedojde.
Stejně je tomu i při stažení přímo ze stránek kaspersky, zdroj: https://support.kaspersky.com/viruses/u ... TDSSKiller. Nepomohlo ani přejmenování na tdsskiller.com.
Mám se pokusit o spuštění v nouzovém režimu nebo jiný způsob spuštění aplikace ?
Děkuji za rady.
Re: Podezření na virus z ovladačů
:arrow Pouzi rkill podla navodu kolegu:
Potom vyskusaj znovu spustit TDSSKiller pricom moznost "Loaded Modules" neoznacuj (restart v takom pripade nebude potreby)Ulozte na plochu rkill.exe, ukoncete vsechny aplikace a spustte - kdyby ho havet blokovala, pouzijte alternativni odkaz
- http://download.bleepingcomputer.com/grinler/rkill.exe
- http://download.bleepingcomputer.com/grinler/rkill.com
- obsah logu vytvoreneho take na plose (rkill.txt) zaslete v pristi odpovedi
- nerestartujte ted pocitac jinak prijdete o ucinek rkillu
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
- Návštěvník
- Příspěvky: 34
- Registrován: 14 bře 2014 09:41
Re: Podezření na virus z ovladačů
Vkládám log vytvořený rkill.exe. Spuštění TDSSKiller se však stále nedaří.
Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2020 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 03/04/2020 10:32:25 PM in x64 mode.
Windows Version: Windows 10 Home
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* Windows Defender Disabled
[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001
* Reparse Point/Junctions Found (Most likely legitimate)!
* C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 => C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\INetCache\IE [Dir]
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* HOSTS file entries found:
127.0.0.1 localhost
Program finished at: 03/04/2020 10:33:31 PM
Execution time: 0 hours(s), 1 minute(s), and 6 seconds(s)
Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2020 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 03/04/2020 10:32:25 PM in x64 mode.
Windows Version: Windows 10 Home
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* Windows Defender Disabled
[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001
* Reparse Point/Junctions Found (Most likely legitimate)!
* C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 => C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\INetCache\IE [Dir]
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* HOSTS file entries found:
127.0.0.1 localhost
Program finished at: 03/04/2020 10:33:31 PM
Execution time: 0 hours(s), 1 minute(s), and 6 seconds(s)
Re: Podezření na virus z ovladačů
Jednorazovo zaskocim za kolegu
Moze ist o falosny poplach, napriek tomu doporucujem prescanovat
s MBAM + MBAR
Moze ist o falosny poplach, napriek tomu doporucujem prescanovat
s MBAM + MBAR
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
-
- Návštěvník
- Příspěvky: 34
- Registrován: 14 bře 2014 09:41
Re: Podezření na virus z ovladačů
Vkládám logy z MBAM a MBAR. MBAM při počátečním skenu našel hrozby v prohlížeči v prohlížeči. TDSSKiller se však ani poté nedaří spustit.
Je ještě nějaký způsob, jak se pokusit o vyčištění ?
Děkuji za rady.
Je ještě nějaký způsob, jak se pokusit o vyčištění ?
Děkuji za rady.
- Přílohy
-
- MBAM_MBAR_logs.rar
- (1.44 KiB) Staženo 79 x
Re: Podezření na virus z ovladačů
Z logov, ktore si poslal by to malo byt ciste
Docasne vypni Avast a nechaj oba subory spomenute na zaciatku
otestovat na www.virustotal.com
Odomna vsetko ☺
Docasne vypni Avast a nechaj oba subory spomenute na zaciatku
otestovat na www.virustotal.com
Odomna vsetko ☺
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
-
- Návštěvník
- Příspěvky: 34
- Registrován: 14 bře 2014 09:41
Re: Podezření na virus z ovladačů
Oba soubory by podle Avast měly být ve složce Windows aplikace. K dostání se do konkrétní složky bych musel upravit oprávnění týkající se zabezpečení. Pokud je podle vás vše v pořádku, raději se do toho pouštět nebudu, abych situaci nějakým způsobem ještě nezhoršil.
Děkuji za pomoc a za rady.
S pozdravem
BigGuava69
Děkuji za pomoc a za rady.
S pozdravem
BigGuava69
Re: Podezření na virus z ovladačů
Pardon za zdrzanie. Podla mna (aj podla MBAM skenu) to tiez vyzera ciste, co sa tyka malware. Avsak ak chces, este mozeme docistit zbytocnosti - v tom pripade poprosim o obidva nove logy z FRST.
Co sa tyka TDSSKilleru, skus sa pozriet na disk C:\ a ak sa tam budu nachadzat textove subory, ktoré maju v nazve slovo "TDSSKiller", posli aj obsah takychto suborov.
Co sa tyka TDSSKilleru, skus sa pozriet na disk C:\ a ak sa tam budu nachadzat textove subory, ktoré maju v nazve slovo "TDSSKiller", posli aj obsah takychto suborov.
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
- Návštěvník
- Příspěvky: 34
- Registrován: 14 bře 2014 09:41
Re: Podezření na virus z ovladačů
Nevadí, také bych mohl odpovídat rychleji. Posílám nové logy z FRST. TDSSKiller na C:\ žádné soubory nevytvořil.
- Přílohy
-
- FRST_logs.rar
- Nové logy FRST.txt a Addition.txt zabalené do archivu RAR.
- (29 KiB) Staženo 73 x
Re: Podezření na virus z ovladačů
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-4176515005-2689889550-3386320896-1001\...\MountPoints2: {0a5eb934-202a-11ea-94c8-e4e74965d2c4} - "F:\SISetup.exe" S3 H2OFFT; \SystemRoot\System32\drivers\H2OFFT64.sys [X] CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File FirewallRules: [TCP Query User{4B3DD4C6-B55E-4C15-969B-B086203DD417}C:\program files\windowsapps\arduinollc.arduinoide_1.8.33.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe] => (Block) C:\program files\windowsapps\arduinollc.arduinoide_1.8.33.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe No File FirewallRules: [UDP Query User{B811055F-6C4C-4BB3-99E2-EBD7AF106C33}C:\program files\windowsapps\arduinollc.arduinoide_1.8.33.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe] => (Block) C:\program files\windowsapps\arduinollc.arduinoide_1.8.33.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe No File Hosts: EmptyTemp: End
- Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
- Návštěvník
- Příspěvky: 34
- Registrován: 14 bře 2014 09:41
Re: Podezření na virus z ovladačů
Posílám obsah Fixlog.txt
Fix result of Farbar Recovery Scan Tool (x64) Version: 07-03-2020
Ran by walle (07-03-2020 17:44:02) Run:1
Running from C:\Users\walle\Desktop
Loaded Profiles: walle (Available Profiles: walle)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001\...\MountPoints2: {0a5eb934-202a-11ea-94c8-e4e74965d2c4} - "F:\SISetup.exe"
S3 H2OFFT; \SystemRoot\System32\drivers\H2OFFT64.sys [X]
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
FirewallRules: [TCP Query User{4B3DD4C6-B55E-4C15-969B-B086203DD417}C:\program files\windowsapps\arduinollc.arduinoide_1.8.33.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe] => (Block) C:\program files\windowsapps\arduinollc.arduinoide_1.8.33.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe No File
FirewallRules: [UDP Query User{B811055F-6C4C-4BB3-99E2-EBD7AF106C33}C:\program files\windowsapps\arduinollc.arduinoide_1.8.33.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe] => (Block) C:\program files\windowsapps\arduinollc.arduinoide_1.8.33.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe No File
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 11
Average :
Sum : 5036301
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0a5eb934-202a-11ea-94c8-e4e74965d2c4} => removed successfully
HKLM\System\CurrentControlSet\Services\H2OFFT => removed successfully
H2OFFT => service removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4B3DD4C6-B55E-4C15-969B-B086203DD417}C:\program files\windowsapps\arduinollc.arduinoide_1.8.33.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B811055F-6C4C-4BB3-99E2-EBD7AF106C33}C:\program files\windowsapps\arduinollc.arduinoide_1.8.33.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8496304 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 166615653 B
Edge => 94339 B
Chrome => 441898680 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
walle => 19769409 B
RecycleBin => 0 B
EmptyTemp: => 617.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 17:44:40 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 07-03-2020
Ran by walle (07-03-2020 17:44:02) Run:1
Running from C:\Users\walle\Desktop
Loaded Profiles: walle (Available Profiles: walle)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001\...\MountPoints2: {0a5eb934-202a-11ea-94c8-e4e74965d2c4} - "F:\SISetup.exe"
S3 H2OFFT; \SystemRoot\System32\drivers\H2OFFT64.sys [X]
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
FirewallRules: [TCP Query User{4B3DD4C6-B55E-4C15-969B-B086203DD417}C:\program files\windowsapps\arduinollc.arduinoide_1.8.33.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe] => (Block) C:\program files\windowsapps\arduinollc.arduinoide_1.8.33.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe No File
FirewallRules: [UDP Query User{B811055F-6C4C-4BB3-99E2-EBD7AF106C33}C:\program files\windowsapps\arduinollc.arduinoide_1.8.33.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe] => (Block) C:\program files\windowsapps\arduinollc.arduinoide_1.8.33.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe No File
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 11
Average :
Sum : 5036301
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0a5eb934-202a-11ea-94c8-e4e74965d2c4} => removed successfully
HKLM\System\CurrentControlSet\Services\H2OFFT => removed successfully
H2OFFT => service removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220} => removed successfully
HKU\S-1-5-21-4176515005-2689889550-3386320896-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4B3DD4C6-B55E-4C15-969B-B086203DD417}C:\program files\windowsapps\arduinollc.arduinoide_1.8.33.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B811055F-6C4C-4BB3-99E2-EBD7AF106C33}C:\program files\windowsapps\arduinollc.arduinoide_1.8.33.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8496304 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 166615653 B
Edge => 94339 B
Chrome => 441898680 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
walle => 19769409 B
RecycleBin => 0 B
EmptyTemp: => 617.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 17:44:40 ====
Re: Podezření na virus z ovladačů
Spusti kontrolu integrity systemovych suborov:
- Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
- Skopiruj a spusti prikaz:
Kód: Vybrat vše
DISM.exe /Online /Cleanup-image /Restorehealth
- Po dokonceni skopiruj a spusti druhy prikaz:
Kód: Vybrat vše
sfc /scannow
- Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:
Kód: Vybrat vše
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt
- Na ploche sa vytvoria subory sfcdetails.txt a dism.txt, tieto subory zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
- Restartuj PC a napis ako sa chova PC
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
- Návštěvník
- Příspěvky: 34
- Registrován: 14 bře 2014 09:41
Re: Podezření na virus z ovladačů
Omlouvám se za prodlevu s odpovědí a děkuji za instrukce.
Posílám logy sfcdetails.txt a dism.txt vytvořené po zadání a proběhnutí příkazů v cmd.
Po restartu PC zatím nepozoruji žádné zvláštní chování. Načítání probíhá se stejnou rychlostí, připojení k internetu je stabilní, neobjevují se žádná vyskakovací okna ... Mám se zaměřit na nějaký konkrétní proces ?
Děkuji za rady,
BigGuava69
Posílám logy sfcdetails.txt a dism.txt vytvořené po zadání a proběhnutí příkazů v cmd.
Po restartu PC zatím nepozoruji žádné zvláštní chování. Načítání probíhá se stejnou rychlostí, připojení k internetu je stabilní, neobjevují se žádná vyskakovací okna ... Mám se zaměřit na nějaký konkrétní proces ?
Děkuji za rady,
BigGuava69
- Přílohy
-
- cmd_logs.rar
- (14.49 KiB) Staženo 71 x