Fix result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by plazmas (08-09-2018 16:22:30) Run:1
Running from C:\Users\ruzicka\Desktop
Loaded Profiles: plazmas(Available Profiles: plazmas)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\WINDOWS\SysWOW64\OPCEnum.exe
File: C:\Program Files (x86)\GEOVAP\LicenseService\LicenseService.Server.exe
File: C:\Program Files (x86)\GEOVAP\RelianceOPCServer\OpcDaWrapper.exe
File: C:\Program Files (x86)\GEOVAP\Reliance4\R_DrvSrv.exe
File: C:\Program Files (x86)\OPC Foundation\UA\v1.1\GDS\Bin\Opc.Ua.DiscoveryServer.exe
File: C:\WINDOWS\System32\Drivers\CH341S64.SYS
File: C:\WINDOWS\System32\drivers\cysmb.sys
File: C:\Windows\System32\Drivers\dpmcslv.sys
File: C:\WINDOWS\System32\drivers\VClone.sys
CMD: dir /a "D:\data\GoogleDisc\Firefox\Profiles\eo45y78o.default"
CMD: dir /a "C:\WINDOWS\system32\0PUQVPPPPPfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQUPPPPPfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQTPQWQafmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQTPPPPPfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQSPPPPPfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQsclpQafmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQRPPPPPfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQrgWsQafmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQQPPPPPfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQQorpWsfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQcsabWsfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQcsabcwfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQ_lcsQafmis"
HKU\S-1-5-21-1495226034-248098366-264426019-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1495226034-248098366-264426019-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://
www.msn.com/?ocid=iehp
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
BHO-x32: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 26073
Average :
Sum : 12236031435
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========================= File: C:\WINDOWS\SysWOW64\OPCEnum.exe ========================
C:\WINDOWS\SysWOW64\OPCEnum.exe
File not signed
MD5: EF5166711AAB71713DBE7EA15A07A4FB
Creation and modification date: 2015-06-19 09:03 - 2015-06-19 09:03
Size: 000146432
Attributes: ----A
Company Name: OPC Foundation
Internal Name: OpcEnum
Original Name: OpcEnum.exe
Product: OPC Server Enumerator 1.10
Description: OPC Server Enumerator 1.10
File Version: 1.10.106.0
Product Version: 1.10.106.0
Copyright: Copyright © 1998-2014 OPC Foundation
VirusTotal:
https://www.virustotal.com/file/d963410 ... 533689681/
====== End of File: ======
========================= File: C:\Program Files (x86)\GEOVAP\LicenseService\LicenseService.Server.exe ========================
C:\Program Files (x86)\GEOVAP\LicenseService\LicenseService.Server.exe
File not signed
MD5: 473E1D63ED99B9A2DD421732C8F04948
Creation and modification date: 2017-03-30 08:50 - 2017-03-30 08:50
Size: 000180224
Attributes: ----A
Company Name: GEOVAP, spol. s r.o.
Internal Name: LicenseService.Server.exe
Original Name: LicenseService.Server.exe
Product: Licenses.LicenseService.Server
Description: Licenses.LicenseService.Server
File Version: 2.0.19.30881
Product Version: 2.0.19.30881
Copyright: © 1997-2017 GEOVAP, spol. s r.o.
VirusTotal:
https://www.virustotal.com/file/5c1a769 ... 516711919/
====== End of File: ======
========================= File: C:\Program Files (x86)\GEOVAP\RelianceOPCServer\OpcDaWrapper.exe ========================
C:\Program Files (x86)\GEOVAP\RelianceOPCServer\OpcDaWrapper.exe
File not signed
MD5: CAB8510D98815D0E792017876781D529
Creation and modification date: 2017-03-06 14:20 - 2017-03-06 14:20
Size: 000250392
Attributes: ----A
Company Name: GEOVAP, spol. s r.o.
Internal Name: OpcDaWrapper
Original Name: OpcDaWrapper.exe
Product: Reliance OPC Data Access 3.00
Description: Reliance OPC Data Access .NET Server Wrapper
File Version: 3.00.100.0
Product Version: 3.00.2.00
Copyright: Copyright © GEOVAP, spol. s r.o. 2009
VirusTotal: 0
====== End of File: ======
========================= File: C:\Program Files (x86)\GEOVAP\Reliance4\R_DrvSrv.exe ========================
C:\Program Files (x86)\GEOVAP\Reliance4\R_DrvSrv.exe
File not signed
MD5: AF9BBBE6F9B05008109CB85441E38D65
Creation and modification date: 2017-05-11 13:42 - 2017-05-11 13:42
Size: 000883712
Attributes: ----A
Company Name: GEOVAP, spol. s r.o.
Internal Name:
Original Name:
Product: Reliance
Description: Reliance 4 Executable/Library
File Version: 4.7.3.31453
Product Version: 4.0.0.0
Copyright: © 1997-2017 GEOVAP, spol. s r.o.
VirusTotal:
https://www.virustotal.com/file/72b3917 ... 507132665/
====== End of File: ======
========================= File: C:\Program Files (x86)\OPC Foundation\UA\v1.1\GDS\Bin\Opc.Ua.DiscoveryServer.exe ========================
C:\Program Files (x86)\OPC Foundation\UA\v1.1\GDS\Bin\Opc.Ua.DiscoveryServer.exe
File not signed
MD5: 926E628D4729D2CC3E4D21AA338D5D8E
Creation and modification date: 2011-08-26 00:03 - 2011-08-26 00:03
Size: 000122880
Attributes: ----A
Company Name: OPC Foundation
Internal Name: Opc.Ua.DiscoveryServer.exe
Original Name: Opc.Ua.DiscoveryServer.exe
Product: OPC UA SDK
Description: Opc.Ua.DiscoveryServer
File Version: 1.01.331.0
Product Version: 1.01.331.0
Copyright: Copyright © 2004-2011 OPC Foundation, Inc
VirusTotal: 0
====== End of File: ======
========================= File: C:\WINDOWS\System32\Drivers\CH341S64.SYS ========================
C:\WINDOWS\System32\Drivers\CH341S64.SYS
File not signed
MD5: 3C0A1B6F538E00F318C109F4A3F29515
Creation and modification date: 2015-02-06 07:39 - 2015-02-06 07:39
Size: 000059904
Attributes: ----A
Company Name:
http://www.winchiphead.com
Internal Name: CH341SER
Original Name: CH341SER
Product: CH341SER.SYS
Description: WDM_64 for CH341 serial, by W.ch
File Version: 3.40 built by: WinDDK
Product Version: 3.40
Copyright: Copyright (C) W.ch 2001-2014
VirusTotal: 0
====== End of File: ======
========================= File: C:\WINDOWS\System32\drivers\cysmb.sys ========================
C:\WINDOWS\System32\drivers\cysmb.sys
File not signed
MD5: E12939C6D28957C960494DE2EEE30649
Creation and modification date: 2016-06-26 11:18 - 2016-06-26 11:18
Size: 000010752
Attributes: ----A
Company Name: Cypress Semiconductor, Inc.
Internal Name: CySmb.sys
Original Name: CySmb.sys
Product: Cypress Trackpad
Description: Trackpad Driver
File Version: 2.5.1.72
Product Version: 2.5.1.72
Copyright: Copyright (C) Cypress Semiconductor, Inc. (2015)
VirusTotal: 0
====== End of File: ======
========================= File: C:\Windows\System32\Drivers\dpmcslv.sys ========================
C:\Windows\System32\Drivers\dpmcslv.sys
File not signed
MD5: 0BD72E62C3974C4F5E4372DBA971901B
Creation and modification date: 2005-07-04 16:04 - 2005-07-04 16:04
Size: 000068280
Attributes: ----A
Company Name: Siemens AG
Internal Name: dpmcslv
Original Name: dpmcslv.sys
Product: SIMATIC NET
Description: PROFIBUS DP-Slave-Driver
File Version: V 6.0.3.3228
Product Version: V 5.2.0.2304
Copyright: Copyright © 2002 SIEMENS AG
VirusTotal: 0
====== End of File: ======
========================= File: C:\WINDOWS\System32\drivers\VClone.sys ========================
C:\WINDOWS\System32\drivers\VClone.sys
File not signed
MD5: F257A2737280F0076EAE3AB489C06474
Creation and modification date: 2014-05-03 18:53 - 2014-05-03 18:53
Size: 000034816
Attributes: ----A
Company Name: Elaborate Bytes AG
Internal Name: ElbyVCD
Original Name: ElbyVCD.sys
Product: Virtual CloneDrive
Description: Virtual CloneDrive storage miniport
File Version: 5.4.7.1
Product Version: 5.4.7.1
Copyright: Copyright © 2002 - 2014 Elaborate Bytes AG
VirusTotal: 0
====== End of File: ======
========= dir /a "D:\data\GoogleDisc\Firefox\Profiles\eo45y78o.default" =========
Syst‚m nem…§e nal‚zt uvedenou cestu.
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQVPPPPPfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQVPPPPPfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙143˙232 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQUPPPPPfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQUPPPPPfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙143˙232 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQTPQWQafmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQTPQWQafmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙143˙232 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQTPPPPPfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQTPPPPPfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙143˙232 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQSPPPPPfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQSPPPPPfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙143˙232 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQsclpQafmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQsclpQafmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙143˙232 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQRPPPPPfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQRPPPPPfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙143˙232 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQrgWsQafmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQrgWsQafmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙139˙136 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQQPPPPPfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQQPPPPPfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙139˙136 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQQorpWsfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQQorpWsfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙139˙136 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQcsabWsfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQcsabWsfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙139˙136 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQcsabcwfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQcsabcwfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙139˙136 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQ_lcsQafmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQ_lcsQafmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙139˙136 bytes free
========= End of CMD: =========
HKU\S-1-5-21-1495226034-248098366-264426019-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKU\S-1-5-21-1495226034-248098366-264426019-1001\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}" => removed successfully
HKLM\Software\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24525669 B
Java, Flash, Steam htmlcache => 244027168 B
Windows/system/drivers => 517714 B
Edge => 1217527 B
Chrome => 520646984 B
Firefox => 14606449 B
Opera => 30396436 B
Temp, IE cache, history, cookies, recent:
Default => 7680 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7680 B
LocalService => 0 B
NetworkService => 7680 B
NetworkService => 0 B
ruzicka => 4910795 B
ruzicka.INELSEV => 18332 B
RecycleBin => 20463551 B
EmptyTemp: => 831.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:26:19 ====