Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivní kontrola

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
T72
Návštěvník
Návštěvník
Příspěvky: 78
Registrován: 02 lis 2011 18:31

Preventivní kontrola

#1 Příspěvek od T72 »

Děkuji předem.

Logfile of random's system information tool 1.10 (written by random/random)
Run by PC at 2019-07-08 22:01:31
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 51 GB (32%) free of 160 GB
Total RAM: 3326 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:02:23, on 8.7.2019
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16845)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\PC\Downloads\RSIT.exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "D:\Program Files\RivaTuner v2.23\RivaTunerWrapper.exe" /S
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.8.0_111\bin\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Google Update] C:\Users\PC\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateCore.exe
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Action! service (ACTION_SVC) - Unknown owner - C:\Program Files\Mirillis\Action!\action_svc.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HuaweiHiSuiteService.exe - Unknown owner - C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe

--
End of file - 4913 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.126 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_28_0_0_126.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1231201.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@caminova.com/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files\Caminova\Document Express DjVu Plug-in\npdjvu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.144.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.144.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2897]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=D:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2955]
"Description"=RealJukebox Netscape Plugin
"Path"=D:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1675]
"Description"=6.0.12.1675
"Path"=D:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\components\
nppl3260.xpt
nsIQTScriptablePlugin.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
NPOFFICE.DLL
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
QuickTimePlugin.class

C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\extensions\
trash

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-08-16 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-16 187968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [2018-11-19 242392]
"RivaTunerStartupDaemon"=D:\Program Files\RivaTuner v2.23\RivaTunerWrapper.exe [2009-02-15 24576]
"DivXMediaServer"=C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [2017-05-16 1047000]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.8.0_111\bin\jusched.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"Google Update"=C:\Users\PC\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateCore.exe [2019-05-20 410920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [2017-05-16 1047000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher]
C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2016-06-24 2724896]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.lhacm"=lhacm.acm
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"msacm.ac3filter"=ac3filter.acm
"VIDC.FICV"=ficvdec_x86.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"vidc.XVID"=xvidvfw.dll
"msacm.avis"=ff_acm.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.txt - open - "D:\Program Files\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 month======

2019-07-08 22:01:31 ----D---- C:\rsit
2019-07-08 22:01:31 ----D---- C:\Program Files\trend micro
2019-07-08 10:22:47 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys

======List of files/folders modified in the last 1 month======

2019-07-08 22:01:53 ----D---- C:\Windows\Prefetch
2019-07-08 22:01:31 ----D---- C:\Program Files
2019-07-08 22:01:28 ----D---- C:\Windows\temp
2019-07-08 21:58:10 ----SHD---- C:\System Volume Information
2019-07-08 21:51:39 ----D---- C:\ProgramData\NVIDIA
2019-07-08 10:22:47 ----D---- C:\Windows\system32\drivers
2019-07-08 10:22:47 ----D---- C:\Windows\inf
2019-07-07 21:44:03 ----D---- C:\Windows\system32\CatRoot2
2019-06-28 11:13:37 ----D---- C:\Users\PC\AppData\Roaming\vlc
2019-06-25 20:27:04 ----D---- C:\Windows\System32
2019-06-25 20:27:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-06-20 20:58:11 ----D---- C:\Windows\SoftwareDistribution

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-11-19 165384]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-11-19 284256]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-11-19 57904]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-11-19 72800]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-11-19 310200]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-10-29 721904]
R1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys [2002-07-17 16877]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-11-19 167480]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-11-19 188976]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-11-27 183176]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2018-11-19 40688]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2018-11-19 70640]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2019-05-25 784552]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2019-05-25 397984]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2019-01-18 135200]
R3 aswStmXP;aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [2018-11-19 146584]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-02-26 8939296]
R3 RivaTuner32;RivaTuner32; \??\D:\Program Files\RivaTuner v2.23\RivaTuner32.sys [2009-02-15 9088]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-02-14 118784]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys []
S3 ajxtjze7;ajxtjze7; C:\Windows\system32\drivers\ajxtjze7.sys []
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-11-19 42736]
S3 cpuz138;cpuz138; \??\C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x32.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-03-18 26168]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-03-18 40504]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2009-12-09 16608]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-06-27 2149912]
S3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2019-07-08 221112]
S3 MBAMWebProtection;MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [2017-11-18 65312]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 34944]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2018-11-19 324000]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HuaweiHiSuiteService.exe;HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [2017-07-26 155848]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 639776]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2016-06-24 506912]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [2018-11-19 6799632]
R3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-11-29 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S2 WsAppService;Wondershare Application Framework Service; C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe [2015-12-02 382464]
S3 ACTION_SVC;Action! service; C:\Program Files\Mirillis\Action!\action_svc.exe [2014-10-25 16064]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-08-07 4430792]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2018-06-26 174032]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2016-11-29 25808]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2016-11-29 45752]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2016-11-29 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2016-11-29 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2016-11-29 135848]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Preventivní kontrola

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

T72
Návštěvník
Návštěvník
Příspěvky: 78
Registrován: 02 lis 2011 18:31

Re: Preventivní kontrola

#3 Příspěvek od T72 »

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-09-2019
# Duration: 00:00:01
# OS: Windows Vista (TM) Home Premium
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1578 octets] - [12/03/2019 18:17:17]
AdwCleaner[C00].txt - [1650 octets] - [12/03/2019 18:23:14]
AdwCleaner[S01].txt - [1388 octets] - [05/04/2019 10:53:56]
AdwCleaner[S02].txt - [1449 octets] - [09/07/2019 21:42:26]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Preventivní kontrola

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

T72
Návštěvník
Návštěvník
Příspěvky: 78
Registrován: 02 lis 2011 18:31

Re: Preventivní kontrola

#5 Příspěvek od T72 »

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-07-2019
Ran by PC (administrator) on PC-PC (Gigabyte Technology Co., Ltd. EP43-S3L) (10-07-2019 22:42:32)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(DivX, LLC -> DivX, LLC) C:\Program Files\Common Files\DivX Shared\DivX Update\DivXUpdate.exe
(Huawei Software Technologies Co., LTD. -> ) C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Wondershare) [File not signed] C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [242392 2018-11-19] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RivaTunerStartupDaemon] => D:\Program Files\RivaTuner v2.23\RivaTunerWrapper.exe [24576 2009-02-15] () [File not signed]
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [1047000 2017-05-16] (DivX, LLC -> DivX, LLC)
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Java\jre1.8.0_111\bin\jusched.exe"
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\...\Run: [Google Update] => C:\Users\PC\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateCore.exe [410920 2019-05-20] (Google Inc -> Google LLC)
HKLM\...\Drivers32: [msacm.lhacm] => C:\Windows\system32\lhacm.acm [34064 2009-12-17] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\system32\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\system32\vct3216.acm [82944 2003-05-22] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\system32\alf2cd.acm [38912 2003-05-22] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\mcdvd_32.dll [261632 2003-05-22] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\system32\ac3filter.acm [497664 2009-08-11] () [File not signed]
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x86.dll [641024 2013-05-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [85504 2010-03-03] () [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [180224 2009-06-07] () [File not signed]
HKLM\...\Drivers32: [msacm.avis] => C:\Windows\system32\ff_acm.acm [50688 2010-03-03] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {046A6AE2-1C64-4561-9D98-B12E762EABDA} - System32\Tasks\DivXUpdate => C:\Program Files\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68568 2017-05-01] (DivX, LLC -> DivX, LLC)
Task: {0829CD53-0534-47C9-9AFD-3DE883BE933A} - System32\Tasks\SmartGameBooster SkipUAC (PC) => C:\Program Files\PCGameBoost\Smart Game Booster\SgbMain.exe
Task: {11D357C0-81D5-4132-9558-4869B087009E} - System32\Tasks\{62075FDE-F6E7-43CC-8560-DAEE75BFC683} => C:\Windows\system32\pcalua.exe -a "D:\Program Files\Codemasters\OperationFlashpoint\Res\Campaigns\Odinštaluj_AMBER.exe"
Task: {1E56D88D-BF59-4044-8755-C8DE7EC5F33E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1484727336-25265518-3277325258-1000Core => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {1F3FB82C-776F-46B1-AA2C-898047879E6F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {270F2322-A9A7-4548-824E-2AC94D116595} - System32\Tasks\avastBCLRestartS-1-5-21-1484727336-25265518-3277325258-1000 => C:\Program Files\Mozilla Firefox\firefox.exe
Task: {36B06E59-5C8E-4EC9-8716-02341BF7084E} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_27_0_0_187_pepper.exe [1319936 2017-12-02] (Adobe Systems Incorporated -> Adobe Systems Incorporated) [File not signed]
Task: {3F20B811-0C82-4BB5-BC1C-40B6D888D617} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1484727336-25265518-3277325258-1000UA => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {4FCDEFAE-1386-4A91-ABA7-730F2C3BB8B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {54AF73CD-EBA7-4CE9-8C96-D792EEBCA1E7} - System32\Tasks\{F1B89C98-40FC-47E1-92A4-0F01F7EDA2AA} => C:\Windows\system32\pcalua.exe -a "D:\Program Files\Codemasters\OperationFlashpoint\UnInstallResistance.exe" -d "D:\Program Files\Codemasters\OperationFlashpoint"
Task: {685DE5AD-A835-4126-A5E9-FA53ADD5DC3E} - System32\Tasks\{39D37DCE-0784-47DB-B103-8C81C2AC3A30} => C:\Windows\system32\pcalua.exe -a "D:\Program Files\Codemasters\OperationFlashpoint\uninstall.exe"
Task: {7622A908-B0A9-442B-9FF1-FB6AA465E283} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [179584 2010-09-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {769B6F9D-0E17-4F27-BCC4-A524DE498731} - System32\Tasks\{EDFBB81C-F8A6-4E33-A647-14217CA8F33E} => C:\Windows\system32\pcalua.exe -a "D:\Program Files\Codemasters\OperationFlashpoint\FlashpointResistance.exe" -d "D:\Program Files\Codemasters\OperationFlashpoint"
Task: {77E3607A-FBF2-4935-93E8-F7E63821A423} - System32\Tasks\Avast Emergency Update => C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe [2762968 2018-11-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {7A184586-85A8-4D07-BAA0-B86481797BAA} - System32\Tasks\AdobeAAMUpdater-1.0-PC-PC-PC => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7AC95EB9-BB3C-425A-A37F-594927169AF3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9A7E3EBE-DF34-4AE2-B4FA-D0F9EF16B4D1} - System32\Tasks\{8A7F7DC3-BD75-451E-AE54-8FA0208DAC04} => C:\Windows\system32\pcalua.exe -a "C:\Users\PC\Desktop\Torpark 2.0.0.3a\Torpark.exe" -d "C:\Users\PC\Desktop\Torpark 2.0.0.3a"
Task: {A96DC445-0312-4C5F-A1CB-1E870D5D7E81} - System32\Tasks\Opera scheduled Autoupdate 1379165523 => C:\Program Files\Opera\launcher.exe [695816 2016-08-05] (Opera Software ASA -> Opera Software)
Task: {C8D68626-3C96-42FC-B6A8-29F53CC89CBE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-11] (Piriform Ltd -> Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Microsoft Windows -> Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B19EC0B2-43B3-4952-AFBD-6CF03A6FDE28}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{C51ECA95-90CD-4287-8E92-25866C0571FB}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-08-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-16] (Oracle America, Inc. -> Oracle Corporation)
DPF: {CAFEEFAC-0018-0000-00111-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation) [File not signed]

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592 [2019-07-08]
FF Homepage: Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592 -> hxxps://www.seznam.cz/
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\sp@avast.com.xpi [2018-12-21] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/sp/update.json]
FF Extension: (TinEye Reverse Image Search) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\tineye@ideeinc.com.xpi [2018-10-06]
FF Extension: (Avast Online Security) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\wrc@avast.com.xpi [2018-11-21] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Extension: (NoSquint Plus) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\zoomlevelplus@zoomlevelplus.net.xpi [2017-11-11]
FF Extension: (No Name) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-23]
FF Extension: (Hotfix for Firefox bug 1548973 (armagaddon 2.0) mitigation) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\features\{12cf5cda-f50f-44cb-bdeb-d983964af7bc}\hotfix-bug-1548973@mozilla.org.xpi [2019-06-03] [Legacy]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-01-29] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_28_0_0_126.dll [2018-01-04] (Adobe Systems Incorporated -> ) [File not signed]
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.) [File not signed]
FF Plugin: @caminova.com/DjVuPlugin -> C:\Program Files\Caminova\Document Express DjVu Plug-in\npdjvu.dll [2013-06-03] (Caminova, Inc. -> Caminova, Inc.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2017-05-15] (DivX, LLC -> DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed]
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed]
FF Plugin: @real.com/nppl3260;version=6.0.11.2897 -> D:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2009-09-13] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2955 -> D:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2009-09-13] (RealNetworks, Inc.) [File not signed]
FF Plugin: @real.com/nprpjplug;version=6.0.12.1675 -> D:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2009-09-13] (RealNetworks, Inc.) [File not signed]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1484727336-25265518-3277325258-1000: @tools.google.com/Google Update;version=3 -> C:\Users\PC\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-20] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-1484727336-25265518-3277325258-1000: @tools.google.com/Google Update;version=9 -> C:\Users\PC\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-20] (Google Inc -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2019-07-09]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-03-15]
CHR Extension: (Allavsoft video downloader converter) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhancbnhabhandieicagelcddkdfgoif [2016-07-14]
CHR Extension: (Tampermonkey) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-03-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-11]
CHR HKLM\...\Chrome\Extension: [dhancbnhabhandieicagelcddkdfgoif] - D:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.11.7.6009\BVDChromeExt.crx [2016-06-24]
StartMenuInternet: Google Chrome.434FZJ5JWZ52LJLD7DSFOJOJHM - C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe

Opera:
=======
OPR StartupUrls: "hxxp://seznam.cz/"

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACTION_SVC; C:\Program Files\Mirillis\Action!\action_svc.exe [16064 2014-10-25] (Mirillis -> )
R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [6799632 2018-11-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [324000 2018-11-19] (AVAST Software s.r.o. -> AVAST Software)
R2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [155848 2017-07-26] (Huawei Software Technologies Co., LTD. -> )
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4430792 2017-08-07] (Malwarebytes Corporation -> Malwarebytes)
R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [506912 2016-06-24] (Sony Corporation -> Sony Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Windows -> Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe [382464 2015-12-02] (Wondershare) [File not signed]
S3 AvastVBoxSvc; "C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ASPI32; C:\Windows\System32\Drivers\ASPI32.sys [16877 2002-07-17] (Adaptec) [File not signed]
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167480 2018-11-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188976 2018-11-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165384 2018-11-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284256 2018-11-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57904 2018-11-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [183176 2018-11-27] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42736 2018-11-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2018-11-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135200 2019-01-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr.sys [70640 2018-11-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2018-11-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784552 2019-05-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397984 2019-05-25] (AVAST Software s.r.o. -> AVAST Software)
R3 aswStmXP; C:\Windows\System32\drivers\aswStmXP.sys [146584 2018-11-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310200 2018-11-19] (AVAST Software s.r.o. -> AVAST Software)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2017-03-18] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2017-03-18] (Disc Soft Ltd -> Disc Soft Ltd)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Microsoft Windows -> Společnost Microsoft)
S3 gdrv; C:\Windows\gdrv.sys [16608 2009-12-09] (GIGABYTE UNITED INC. -> Windows (R) 2000 DDK provider)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S4 iteatapi; C:\Windows\system32\drivers\iteatapi.sys [35944 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.)
S4 iteraid; C:\Windows\system32\drivers\iteraid.sys [35944 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [221112 2019-07-08] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [65312 2017-11-18] (Malwarebytes Corporation -> Malwarebytes)
S4 Mraid35x; C:\Windows\system32\drivers\mraid35x.sys [33384 2006-11-02] (Microsoft Windows -> LSI Logic Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1082232 2013-03-03] (Microsoft Windows -> Společnost Microsoft)
S4 ntrigdigi; C:\Windows\system32\drivers\ntrigdigi.sys [20608 2006-11-02] (Microsoft Windows -> N-trig Innovative Technologies)
R3 RivaTuner32; D:\Program Files\RivaTuner v2.23\RivaTuner32.sys [9088 2009-02-15] () [File not signed]
R3 RTL8169; C:\Windows\System32\DRIVERS\Rtlh86.sys [118784 2008-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Corporation )
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [86824 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [15016 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [114728 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [106208 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) [File not signed]
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [26024 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [104744 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [109864 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2009-10-29] () [File not signed]
S4 uliahci; C:\Windows\system32\drivers\uliahci.sys [238648 2008-01-21] (Microsoft Windows -> ULi Electronics Inc.)
S4 UlSata; C:\Windows\system32\drivers\ulsata.sys [98408 2006-11-02] (Microsoft Windows -> Promise Technology, Inc.)
S4 ulsata2; C:\Windows\system32\drivers\ulsata2.sys [115816 2008-01-21] (Microsoft Windows -> Promise Technology, Inc.)
S3 cpuz138; \??\C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x32.sys [X] <==== ATTENTION
S2 VBoxAswDrv; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [X]
U3 a6h68nrk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-10 22:42 - 2019-07-10 22:43 - 000026275 _____ C:\Users\PC\Desktop\FRST.txt
2019-07-10 22:41 - 2019-07-10 22:42 - 000000000 ____D C:\FRST
2019-07-10 22:41 - 2019-07-10 22:41 - 001446912 _____ (Farbar) C:\Users\PC\Desktop\FRST.exe
2019-07-09 21:40 - 2019-07-09 21:41 - 007025360 _____ (Malwarebytes) C:\Users\PC\Desktop\adwcleaner_7.3.exe
2019-07-08 22:01 - 2019-07-08 22:02 - 000000000 ____D C:\rsit
2019-07-08 22:01 - 2019-07-08 22:02 - 000000000 ____D C:\Program Files\trend micro
2019-07-08 22:01 - 2019-07-08 22:01 - 001107968 _____ C:\Users\PC\Downloads\RSIT.exe
2019-07-08 10:22 - 2019-07-08 10:22 - 000221112 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-06-30 15:22 - 2019-06-30 15:22 - 000194558 _____ C:\Users\PC\Downloads\Vypis z uctu.pdf
2019-06-28 11:22 - 2019-06-28 11:22 - 000060787 _____ C:\Users\PC\Downloads\cernobyl-1-5.srt
2019-06-28 11:05 - 2019-06-28 11:05 - 000006364 _____ C:\Users\PC\Downloads\05 - Černobyl.srt
2019-06-25 17:42 - 2019-06-25 20:02 - 1541881072 _____ C:\Users\PC\Downloads\Černobyl S01E05 TVRip 1080i CZdab.avi
2019-06-13 17:47 - 2019-06-13 20:33 - 1832850368 _____ C:\Users\PC\Downloads\Černobyl 4.díl -CZ dab..avi
2019-06-12 11:03 - 2019-06-12 11:04 - 000022528 _____ C:\Users\PC\Downloads\zařízení byt.31.xls

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-10 21:44 - 2018-07-17 15:14 - 000000000 ____D C:\Users\PC\AppData\Local\AVAST Software
2019-07-10 21:42 - 2009-05-20 19:27 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-10 21:42 - 2006-11-02 15:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-10 21:42 - 2006-11-02 14:47 - 000003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-10 21:42 - 2006-11-02 14:47 - 000003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-09 21:53 - 2006-11-02 15:01 - 000032618 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-07-08 10:22 - 2006-11-02 13:18 - 000000000 ____D C:\Windows\inf
2019-07-08 09:40 - 2016-11-17 23:11 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Mozilla
2019-06-28 11:13 - 2013-10-30 15:44 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2019-06-25 20:27 - 2008-01-21 08:47 - 001532794 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-25 20:27 - 2008-01-21 08:46 - 000645070 _____ C:\Windows\system32\perfh005.dat
2019-06-25 20:27 - 2008-01-21 08:46 - 000137740 _____ C:\Windows\system32\perfc005.dat
2019-06-13 22:15 - 2009-06-27 20:44 - 000235008 _____ C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Files in the root of some directories ================

2011-05-23 19:10 - 2012-09-06 10:52 - 000000132 _____ () C:\Users\PC\AppData\Roaming\Adobe PNG Format CS5 Prefs
2011-04-13 13:47 - 2012-09-06 12:41 - 000114688 _____ () C:\Users\PC\AppData\Roaming\fontdb.mdb
2013-12-06 16:57 - 2016-02-04 21:35 - 000087608 _____ () C:\Users\PC\AppData\Roaming\inst.exe
2012-02-14 16:51 - 2016-02-04 21:35 - 000007887 _____ () C:\Users\PC\AppData\Roaming\pcouffin.cat
2012-02-14 16:51 - 2016-02-04 21:35 - 000001144 _____ () C:\Users\PC\AppData\Roaming\pcouffin.inf
2012-02-14 16:51 - 2016-02-04 21:35 - 000000055 _____ () C:\Users\PC\AppData\Roaming\pcouffin.log
2012-02-14 16:51 - 2016-02-04 21:35 - 000047360 _____ (VSO Software) C:\Users\PC\AppData\Roaming\pcouffin.sys
2009-05-20 18:43 - 2019-05-16 21:23 - 000007916 _____ () C:\Users\PC\AppData\Local\d3d9caps.dat
2009-06-27 20:44 - 2019-06-13 22:15 - 000235008 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-07-10 21:48
==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-07-2019
Ran by PC (10-07-2019 22:43:51)
Running from C:\Users\PC\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2009-05-20 15:42:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1484727336-25265518-3277325258-500 - Administrator - Disabled)
Guest (S-1-5-21-1484727336-25265518-3277325258-501 - Limited - Disabled)
PC (S-1-5-21-1484727336-25265518-3277325258-1000 - Administrator - Enabled) => C:\Users\PC
UpdatusUser (S-1-5-21-1484727336-25265518-3277325258-1006 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . . (HKLM\...\{C01175B6-6575-4526-A55B-2BC2F10BA083}) (Version: 2.7.2.4 - Intel) Hidden
4K Video Downloader 3.4 (HKLM\...\4K Video Downloader_is1) (Version: 3.4.0.1400 - Open Media LLC)
7-Zip 16.04 (HKLM\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - )
AC3Filter 1.63b (HKLM\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Addon-y (HKLM\...\Addon-y) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Aktualizace NVIDIA 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Allavsoft 3.11.7.6009 (HKLM\...\{6EBED4D8-13D9-4270-8D44-B57DDB7A787C}_is1) (Version: - Allavsoft Corporation)
ARMA 2 Operation Arrowhead Uninstall (HKLM\...\ARMA 2 Operation Arrowhead) (Version: - )
ArmA 2 Uninstall (HKLM\...\ArmA 2) (Version: - )
Arma Cold War Assault Uninstall (HKLM\...\Arma Cold War Assault) (Version: - )
ArmA Edit (HKLM\...\{6997644B-5E1C-453A-82E8-7DBAA4DD41F9}) (Version: 1.3.4000 - CHSoftware)
ArmA Uninstall (HKLM\...\ArmA) (Version: - )
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
BINview (HKLM\...\BINview) (Version: 1.0 - the Chain of Command)
Brain Workshop 4.8.4 (HKLM\...\Brain Workshop_is1) (Version: 4.8.4 - Paul Hoskinson & Jonathan Toomim)
calibre (HKLM\...\{5E07DBE4-E35F-4FF5-9944-0CA6D0A2704C}) (Version: 3.9.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CoreAAC Audio Decoder (remove only) (HKLM\...\CoreAAC Audio Decoder) (Version: - )
Counter-Strike 1.6 (HKLM\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
CrystalDiskInfo 7.0.5 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.0.5 - Crystal Dew World)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
DivX Setup (HKLM\...\DivX Setup) (Version: 3.0.0.224 - DivX, LLC)
Document Express DjVu Plug-in (HKLM\...\{2E8C03EC-E09F-4868-A4AC-02B9285D3E09}) (Version: 6.1.31831 - Caminova, Inc.)
Dropbox (HKU\S-1-5-21-1484727336-25265518-3277325258-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
ffdshow [rev 3299] [2010-03-03] (HKLM\...\ffdshow_is1) (Version: 1.0.0.3299 - )
Fraps (remove only) (HKLM\...\Fraps) (Version: - )
GIMP 2.6.11 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-1484727336-25265518-3277325258-1000\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Haali Media Splitter (HKLM\...\HaaliMkx) (Version: - )
HiSuite (HKLM\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HP Deskjet 3540 series Nápověda (HKLM\...\{13EFEB9B-FB50-40C6-9F18-C3F38AAE81D1}) (Version: 30.0.0 - Hewlett Packard)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
ImageMagick 6.9.3-0 Q16 (32-bit) (2016-01-02) (HKLM\...\ImageMagick 6.9.3 Q16 (32-bit)_is1) (Version: 6.9.3 - ImageMagick Studio LLC)
InfraRecorder (HKLM\...\InfraRecorder) (Version: - Christian Kindahl)
Intel® Driver Update Utility (HKLM\...\{954190cd-c66c-4650-bd15-f3dd85f2ae15}) (Version: 2.7.2.4 - Intel)
Java 8 Update 111 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 131 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 144 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
K-Lite Codec Pack 6.9.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 6.9.0 - )
KProbe 2.5.2 (HKLM\...\KProbe) (Version: - )
Malwarebytes verze 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
MergeModule_x86 (HKLM\...\{DD7721BB-CF1C-4DC9-AD87-8D5FB75413B7}) (Version: 9.3.00 - Sony Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.6 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM\...\{90170405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 52.9.0 ESR (x86 cs) (HKLM\...\Mozilla Firefox 52.9.0 ESR (x86 cs)) (Version: 52.9.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.9.0.6746 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM\...\{45B3A3BD-F90D-48FE-A147-D74878A51029}) (Version: 7.03.0920 - Nero AG)
NETCommOCX (HKLM\...\NETCommOCX) (Version: - )
Network Stumbler 0.4.0 (remove only) (HKLM\...\Network Stumbler) (Version: - )
NVIDIA Ovladač 3D Vision 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation)
Obaly (HKLM\...\Obaly) (Version: - )
OpenAL (HKLM\...\OpenAL) (Version: - )
OpenOffice.org 3.0 (HKLM\...\{BE8BE32F-F595-4693-9F82-1E0A5A047BB6}) (Version: 3.0.9358 - OpenOffice.org)
Opera Stable 36.0.2130.80 (HKLM\...\Opera 36.0.2130.80) (Version: 36.0.2130.80 - Opera Software)
Operation Flashpoint uninstall (HKLM\...\Operation Flashpoint) (Version: - )
Ovládací panel NVIDIA 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 311.06 - NVIDIA Corporation) Hidden
PDF Settings CS5 (HKLM\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PlayMemories Home (HKLM\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 5.2.01.06240 - Sony Corporation)
PMB_ModeEditor (HKLM\...\{D5318740-B088-4B1A-B6A8-1F90A172CCD1}) (Version: 9.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (HKLM\...\{E7FDF11C-12BB-4D6F-9B6D-F8E488C776DC}) (Version: 10.2.01 - Sony Corporation) Hidden
PSPad editor (HKLM\...\PSPad editor_is1) (Version: - Jan Fiala)
Qualcomm USB Drivers For Windows (HKLM\...\{D9FB7F91-9687-4B09-894D-072903CADEA4}) (Version: 1.00.25 - QUALCOMM Incorporated)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Real Alternative 1.7.5 (HKLM\...\RealAlt_is1) (Version: 1.7.5 - )
RealPlayer (HKLM\...\RealPlayer 6.0) (Version: - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5653 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
RivaTuner v2.23 (HKLM\...\RivaTuner) (Version: v2.23 - Alexey Nicolaychuk)
ScanSoft OmniPage SE 4 (HKLM\...\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}) (Version: 15.2.0020 - Nuance Communications, Inc.)
Segoe UI (HKLM\...\{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}) (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skype™ 7.36 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.150 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM\...\{E5F05232-96B6-4552-A480-785A60A94B21}) (Version: 5.0.6.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TmNationsForever Update 2010-03-15 (HKLM\...\TmNationsForever_is1) (Version: - Nadeo)
TopStyle Lite (Version 3) (HKLM\...\TopStyle Lite (Version 3.0)) (Version: - )
TopStyle Lite (Version 3) (HKLM\...\TSLite3_is1) (Version: - )
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.50a - Ghisler Software GmbH)
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VSO ConvertXToDVD (HKLM\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.33 - VSO-Software SARL)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Updates Downloader (HKLM\...\Windows Updates Downloader) (Version: 2.50 Build 1002 - Supremus Corporation)
WinRAR 5.70 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
winSPMBT (HKU\S-1-5-21-1484727336-25265518-3277325258-1000\...\winSPMBT) (Version: - )
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
YTD (pepak) (HKLM\...\YTD_Pepak) (Version: - )
Základní software zařízení HP Deskjet 3540 series (HKLM\...\{F7CDA8AA-403B-4520-84C4-224C7438D66C}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{16d51579-a30b-4c8b-a276-0ff4dc41e755}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateOnDemand.exe (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov) [File not signed]
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateOnDemand.exe (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1} -> [] => 0
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}\InprocServer32 -> C:\Program Files\Alwil Software\Avast5\ashShell.dll (AVAST Software s.r.o. -> AVAST Software)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{47E792CF-0BBE-4F7A-859C-194B0768650A}\InprocServer32 -> D:\Program Files\K-Lite Codec Pack\Filters\FLVSplitter.ax (MPC-HC Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{4955DD33-B159-11D0-8FCF-00AA006BCC59}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\PC\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.34.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{79EAC9E2-BAF9-11CE-8C82-00AA004BA90B}\InprocServer32 -> C:\Windows\system32\urlmon.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> C:\Windows\system32\urlmon.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.34.11\psuser.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.33.23\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\Windows\system32\actxprxy.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{cc5bbec3-db4a-4bed-828d-08d78ee3e1ed}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{D1FE6762-FC48-11D0-883A-3C8B00C10000}\InprocServer32 -> C:\Windows\system32\Dxtrans.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{D3D9D58B-45B5-48AB-B199-B8C40560AEC7}\InprocServer32 -> D:\Program Files\K-Lite Codec Pack\Filters\MP4Splitter.ax (MPC-HC Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{DF2FCE13-25EC-45BB-9D4C-CECD47C2430C}\InprocServer32 -> C:\Windows\system32\urlmon.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateOnDemand.exe (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.34.11\psuser.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.33.17\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\InprocServer32 -> C:\Windows\system32\ieframe.dll (Microsoft Windows -> Microsoft Corporation)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2018-11-19] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2018-11-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files\Common Files\DivX Shared\DivXShellExtension.dll [2017-05-01] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files\Common Files\DivX Shared\DivXShellExtension.dll [2017-05-01] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [PSPad] -> {8903F6C9-25E3-40AC-A98F-E6D35CD0469C} => D:\Program Files\PSPad editor\PSPadShell.dll [2008-03-30] () [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2018-11-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2018-11-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1484727336-25265518-3277325258-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1484727336-25265518-3277325258-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1484727336-25265518-3277325258-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

Shortcut: C:\Users\PC\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
Shortcut: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XAMPP for Windows\XAMPP Setup.lnk -> D:\XAMPP\xampp\xampp_setup.bat (No File)
Shortcut: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XAMPP for Windows\XAMPP Shell.lnk -> D:\XAMPP\xampp\xampp_shell.bat ()
Shortcut: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XAMPP for Windows\XAMPP Uninstall.lnk -> D:\XAMPP\xampp\uninstall_xampp.bat ()
Shortcut: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Webové servery ve službě MSN\target.lnk -> hxxp://www.msnusers.co

==================== Loaded Modules (Whitelisted) ==============

2017-01-02 14:27 - 2017-01-02 14:27 - 048936448 _____ () [File not signed] C:\Program Files\Alwil Software\Avast5\libcef.dll
2017-04-16 20:23 - 2017-04-16 20:23 - 000010752 _____ () [File not signed] C:\Program Files\Common Files\DivX Shared\Qt5.6\libEGL.dll
2017-04-16 20:23 - 2017-04-16 20:23 - 001293824 _____ () [File not signed] C:\Program Files\Common Files\DivX Shared\Qt5.6\libGLESv2.dll
2010-11-29 15:39 - 2008-03-30 16:22 - 000070144 _____ () [File not signed] D:\Program Files\PSPad editor\PSPadShell.dll
2019-07-10 21:45 - 2019-07-10 21:45 - 000336352 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19071008\arPot.dll
2019-07-10 21:45 - 2019-07-10 21:45 - 000388464 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19071008\aswArray.dll
2019-07-10 21:45 - 2019-07-10 21:45 - 000539336 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19071008\aswCleanerDLL.dll
2019-07-10 21:45 - 2019-07-10 21:45 - 000507264 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19071008\aswCmnBS.dll
2019-07-10 21:45 - 2019-07-10 21:45 - 000428720 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19071008\aswCmnIS.dll
2019-07-10 21:45 - 2019-07-10 21:45 - 000156560 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19071008\aswCmnOS.dll
2019-07-10 21:45 - 2019-07-10 21:45 - 001601736 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19071008\aswEngin.dll
2019-07-10 21:45 - 2019-07-10 21:45 - 000617296 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19071008\aswFiDb.dll
2019-07-10 21:45 - 2019-07-10 21:45 - 000423600 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19071008\aswRep.dll
2019-07-10 21:45 - 2019-07-10 21:45 - 004676416 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19071008\bcuengine.dll
2019-07-10 21:45 - 2019-07-10 21:45 - 002058264 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19071008\swhealthex2.dll
2019-07-10 21:45 - 2019-07-10 21:45 - 000065144 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19071008\uiExt.dll
2018-10-19 21:34 - 2018-10-19 21:34 - 002387776 _____ (AVAST Software s.r.o. -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Alwil Software\Avast5\libcrypto-1_1.dll
2018-10-19 21:34 - 2018-10-19 21:34 - 000512832 _____ (AVAST Software s.r.o. -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Alwil Software\Avast5\libssl-1_1.dll
2009-11-10 21:22 - 2008-02-05 21:00 - 000216064 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMLM8R.DLL
2016-10-04 21:12 - 2016-10-04 21:12 - 000049664 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2003-03-18 20:12 - 2003-03-18 20:12 - 001047552 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
2003-03-19 06:14 - 2003-03-19 06:14 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll
2003-02-21 14:42 - 2003-02-21 14:42 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll
2015-12-21 14:44 - 2015-02-27 11:35 - 000489984 _____ (Newtonsoft) [File not signed] C:\Program Files\Wondershare\WAF\2.1.5.0\Newtonsoft.Json.dll
2017-04-16 20:40 - 2017-04-16 20:40 - 000024576 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Common Files\DivX Shared\Qt5.6\plugins\imageformats\qgif.dll
2017-04-16 20:40 - 2017-04-16 20:40 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Common Files\DivX Shared\Qt5.6\plugins\imageformats\qico.dll
2017-04-16 20:40 - 2017-04-16 20:40 - 000243200 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Common Files\DivX Shared\Qt5.6\plugins\imageformats\qjpeg.dll
2017-04-16 20:41 - 2017-04-16 20:41 - 000313856 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Common Files\DivX Shared\Qt5.6\plugins\imageformats\qtiff.dll
2017-04-16 20:40 - 2017-04-16 20:40 - 000986624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Common Files\DivX Shared\Qt5.6\plugins\platforms\qwindows.dll
2017-04-16 20:17 - 2017-04-16 20:17 - 004209152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Common Files\DivX Shared\Qt5.6\Qt5Core.dll
2017-04-16 20:27 - 2017-04-16 20:27 - 003670528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Common Files\DivX Shared\Qt5.6\Qt5Gui.dll
2017-04-16 21:17 - 2017-04-16 21:17 - 000577536 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Common Files\DivX Shared\Qt5.6\Qt5Multimedia.dll
2017-04-16 21:19 - 2017-04-16 21:19 - 000082944 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Common Files\DivX Shared\Qt5.6\Qt5MultimediaWidgets.dll
2017-04-16 20:19 - 2017-04-16 20:19 - 001874432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Common Files\DivX Shared\Qt5.6\Qt5Network.dll
2017-04-16 20:37 - 2017-04-16 20:37 - 000262656 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Common Files\DivX Shared\Qt5.6\Qt5OpenGL.dll
2017-04-16 20:37 - 2017-04-16 20:37 - 000268288 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Common Files\DivX Shared\Qt5.6\Qt5PrintSupport.dll
2017-04-16 20:52 - 2017-04-16 20:52 - 002497024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Common Files\DivX Shared\Qt5.6\Qt5Qml.dll
2017-04-16 21:01 - 2017-04-16 21:01 - 002570752 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Common Files\DivX Shared\Qt5.6\Qt5Quick.dll
2017-04-16 20:20 - 2017-04-16 20:20 - 000154624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Common Files\DivX Shared\Qt5.6\Qt5Sql.dll
2017-04-16 21:15 - 2017-04-16 21:15 - 000083456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Common Files\DivX Shared\Qt5.6\Qt5WebChannel.dll
2017-04-17 00:04 - 2017-04-17 00:04 - 017364992 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Common Files\DivX Shared\Qt5.6\Qt5WebKit.dll
2017-04-17 00:06 - 2017-04-17 00:06 - 000198144 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Common Files\DivX Shared\Qt5.6\Qt5WebKitWidgets.dll
2017-04-16 20:35 - 2017-04-16 20:35 - 004481024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Common Files\DivX Shared\Qt5.6\Qt5Widgets.dll
2015-12-21 14:44 - 2015-12-02 10:52 - 000072704 _____ (Wondershare) [File not signed] C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppCollect.dll
2015-12-21 14:44 - 2015-12-02 10:52 - 000315904 _____ (Wondershare) [File not signed] C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppCommon.dll
2015-12-21 14:44 - 2015-12-02 10:52 - 000382464 _____ (Wondershare) [File not signed] C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF [1042]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2019-07-10 21:43 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;D:\Program Files\ImageMagick-6.9.3-Q16;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files\Caminova\Document Express DjVu Plug-in\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\QuickTime\QTSystem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\Windows Live\Shared;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Skype\Phone\;C:\Program Files\Calibre2\
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{E17FB9AF-EB67-49B6-9B17-7B73AAFFE139}D:\xampp\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{17BC7D07-563F-4633-8012-13C199FD24DF}D:\xampp\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{FAFB15F0-61AE-4CF7-872B-4DA80DC10098}D:\xampp\xampp\mysql\bin\mysqld.exe] => (Allow) D:\xampp\xampp\mysql\bin\mysqld.exe () [File not signed]
FirewallRules: [UDP Query User{C94E4086-A74F-41E8-8F6D-8243F8F2748F}D:\xampp\xampp\mysql\bin\mysqld.exe] => (Allow) D:\xampp\xampp\mysql\bin\mysqld.exe () [File not signed]
FirewallRules: [TCP Query User{A4A9C9A0-E985-41D2-9CAE-BE41A9AD0C7E}D:\totalcmd\totalcmd.exe] => (Allow) D:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{FC570EE8-8B7A-47B1-A775-745F62E6160D}D:\totalcmd\totalcmd.exe] => (Allow) D:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{7D03793F-72F7-467B-9BC8-72AFB7500505}D:\bohemia interactive\arma2.exe] => (Allow) D:\bohemia interactive\arma2.exe (Bohemia Interactive a.s. -> Bohemia Interactive) [File not signed]
FirewallRules: [UDP Query User{886E4967-2D58-4634-88B3-CEBA8462557C}D:\bohemia interactive\arma2.exe] => (Allow) D:\bohemia interactive\arma2.exe (Bohemia Interactive a.s. -> Bohemia Interactive) [File not signed]
FirewallRules: [TCP Query User{0F529481-D922-4810-85F1-2A3159A8EB72}C:\program files\skype\phone\skype.exe] => (Block) C:\program files\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.) [File not signed]
FirewallRules: [UDP Query User{92B3155C-522C-4EBF-A15E-BDF6029A6BB9}C:\program files\skype\phone\skype.exe] => (Block) C:\program files\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.) [File not signed]
FirewallRules: [TCP Query User{14CB1993-D959-4081-94CF-06D1935FE88D}D:\xampp\xampp\filezillaftp\filezilla server.exe] => (Block) D:\xampp\xampp\filezillaftp\filezilla server.exe (FileZilla Project) [File not signed]
FirewallRules: [UDP Query User{F1C26B0C-ECD4-44FC-AD34-B70940A7704B}D:\xampp\xampp\filezillaftp\filezilla server.exe] => (Block) D:\xampp\xampp\filezillaftp\filezilla server.exe (FileZilla Project) [File not signed]
FirewallRules: [{BA87F8EC-D2D0-4BB9-9163-04A3918A4353}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) [File not signed]
FirewallRules: [TCP Query User{62221B08-B99B-48AE-850A-5DB9A52738D7}D:\program files\real\realplayer\realplay.exe] => (Block) D:\program files\real\realplayer\realplay.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [UDP Query User{9B66585A-FCE0-49BC-8504-977A0CC9E232}D:\program files\real\realplayer\realplay.exe] => (Block) D:\program files\real\realplayer\realplay.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{21A7FBB6-3472-4208-8676-6ACF69EA8264}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7D105A5D-62FE-41FD-ACAF-D01E7E33042A}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{9DBC5699-EFD0-48D7-9203-870CF5B1113C}D:\program files\tmnationsforever\tmforever.exe] => (Allow) D:\program files\tmnationsforever\tmforever.exe () [File not signed]
FirewallRules: [UDP Query User{83FC7FE4-E59E-43B0-B8DB-BC602BFA55B3}D:\program files\tmnationsforever\tmforever.exe] => (Allow) D:\program files\tmnationsforever\tmforever.exe () [File not signed]
FirewallRules: [{46BBA9BD-2FB1-4A08-8AEE-40C5BF079998}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{949A077A-E895-4842-BF5D-BB7A66ED7C24}] => (Allow) LPort=2869
FirewallRules: [{A3CDEE69-F1BE-44D8-9D2D-6CA293C5CEF4}] => (Allow) LPort=1900
FirewallRules: [{939C6C33-5565-4352-AC77-16438A25F39D}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D3DF2035-151D-436A-9447-62546E002223}] => (Allow) C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox -> Dropbox, Inc.)
FirewallRules: [{41CF11D5-8742-4C90-BE20-AF1A6EA26F6F}] => (Allow) C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox -> Dropbox, Inc.)
FirewallRules: [TCP Query User{E6EC16E3-C124-478B-8EA0-8330AD27233E}D:\users\pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) D:\users\pc\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{97DF6132-F492-4FC1-8628-6B300072C762}D:\users\pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) D:\users\pc\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{83A78EE8-7F76-4AF2-921A-B5DB4CC367C6}C:\users\pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pc\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{66E6454E-CE17-463D-9FF5-D3D86245C63E}C:\users\pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pc\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{474FBF13-6135-4123-A819-98CEAEB616AF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A65D4646-86F4-4ACC-8618-C7EF340A917F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{93C34727-135E-469A-9825-05923AD48B3E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{7D0E173B-9F7E-45B4-83E7-D45576DEB39C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6F87F793-EEC3-4728-8386-98185A0E936E}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{378D0D27-0513-4924-8C64-A8C4B1245912}] => (Allow) LPort=5357
FirewallRules: [{09FD880E-3B7E-4173-ACB2-D936CBCAB1AB}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{87943284-8B5A-48D5-97EF-0A1502DE594A}] => (Allow) C:\Windows\System32\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{906360CD-39B1-46AA-B84D-314DD05A9CF7}] => (Allow) C:\Windows\System32\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{BB887E72-E460-4771-A05F-FC90CB6FE692}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{99B430B3-0B22-4642-9CAD-877E4AE93C6B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3ACF8D87-62E1-4EF1-8331-EC8C9FD44AC2}] => (Allow) D:\Program Files\EA GAMES\Battlefield 2 Demo\BF2.exe No File
FirewallRules: [{2FBE9944-D4D6-45BC-812C-608DB64412F6}] => (Allow) D:\Program Files\EA GAMES\Battlefield 2 Demo\BF2.exe No File
FirewallRules: [TCP Query User{0AA671B6-CA8B-4740-8BAC-585FB01567C9}D:\bohemia interactive\arma2server.exe] => (Block) D:\bohemia interactive\arma2server.exe (Bohemia Interactive a.s. -> Bohemia Interactive) [File not signed]
FirewallRules: [UDP Query User{2666A5C4-1C7D-4BFB-A5B5-5571CBE84823}D:\bohemia interactive\arma2server.exe] => (Block) D:\bohemia interactive\arma2server.exe (Bohemia Interactive a.s. -> Bohemia Interactive) [File not signed]
FirewallRules: [{ED388C26-2BD8-4B16-817B-8431F9D10F00}] => (Allow) D:\Program Files\Bohemia Interactive\Arma Cold War Assault\ColdWarAssault.exe (Bohemia Interactive a.s. -> ) [File not signed]
FirewallRules: [{16651456-26E6-4B71-B405-B2472B21FD99}] => (Allow) D:\Program Files\Bohemia Interactive\Arma Cold War Assault\ColdWarAssault.exe (Bohemia Interactive a.s. -> ) [File not signed]
FirewallRules: [{7891FB91-B6C6-4DED-9B27-36E23C881702}] => (Allow) D:\Program Files\Bohemia Interactive\Arma Cold War Assault\ColdWarAssault_Server.exe () [File not signed]
FirewallRules: [{B073C922-2B77-4900-8125-7C507E4169F6}] => (Allow) D:\Program Files\Bohemia Interactive\Arma Cold War Assault\ColdWarAssault_Server.exe () [File not signed]
FirewallRules: [{178EE005-D2A0-489A-9ED0-A92521F42C20}] => (Allow) C:\Users\PC\AppData\Local\temp\7zS3BD1\HPDiagnosticCoreUI.exe No File
FirewallRules: [{7BB17FC8-45BA-4A10-AD4D-BC5FDD7384CD}] => (Allow) C:\Users\PC\AppData\Local\temp\7zS3BD1\HPDiagnosticCoreUI.exe No File
FirewallRules: [{80CC9BDB-DC99-44B1-98E6-F27233A34D9E}] => (Allow) C:\Users\PC\AppData\Local\temp\7zS3DAE\HPDiagnosticCoreUI.exe No File
FirewallRules: [{9408AA15-5F02-40A5-BBA4-E16A745F68B1}] => (Allow) C:\Users\PC\AppData\Local\temp\7zS3DAE\HPDiagnosticCoreUI.exe No File
FirewallRules: [TCP Query User{D8EB0E8D-B32F-4180-9406-CFB8A199FA77}D:\program files\bohemia interactive\arma cold war assault\coldwarassault.exe] => (Allow) D:\program files\bohemia interactive\arma cold war assault\coldwarassault.exe (Bohemia Interactive a.s. -> ) [File not signed]
FirewallRules: [UDP Query User{8326C5D8-CA23-404F-A456-AB838256E783}D:\program files\bohemia interactive\arma cold war assault\coldwarassault.exe] => (Allow) D:\program files\bohemia interactive\arma cold war assault\coldwarassault.exe (Bohemia Interactive a.s. -> ) [File not signed]
FirewallRules: [TCP Query User{D4CC99CA-555D-48A4-AEAC-B44EB58DC553}D:\bohemia interactive\arma2.exe] => (Allow) D:\bohemia interactive\arma2.exe (Bohemia Interactive a.s. -> Bohemia Interactive) [File not signed]
FirewallRules: [UDP Query User{2F8ED82A-7853-428F-B5AE-AD1B12D76F2E}D:\bohemia interactive\arma2.exe] => (Allow) D:\bohemia interactive\arma2.exe (Bohemia Interactive a.s. -> Bohemia Interactive) [File not signed]
FirewallRules: [{74965551-4C11-49CA-8E9A-8EEE87A3845A}] => (Allow) C:\Users\PC\AppData\Local\temp\7zS259F\HPDiagnosticCoreUI.exe No File
FirewallRules: [{60471B26-7D84-4854-8E55-8BF408842EEA}] => (Allow) C:\Users\PC\AppData\Local\temp\7zS259F\HPDiagnosticCoreUI.exe No File
FirewallRules: [{7DDFBEC5-51BF-4FDA-BA04-0DD9A1702544}] => (Allow) C:\Users\PC\AppData\Local\temp\7zS3E13\HPDiagnosticCoreUI.exe No File
FirewallRules: [{472E7302-96F3-40F6-AF32-AD3A42814ABF}] => (Allow) C:\Users\PC\AppData\Local\temp\7zS3E13\HPDiagnosticCoreUI.exe No File
FirewallRules: [{E0793C8D-71F9-47BF-857E-5474B0314A1C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{787571E1-4176-4810-9FEC-E1C46B029249}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{251BB831-2690-4C28-93D6-C2524DDE947D}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{4853345F-71A8-410D-ADC3-21CA7099B559}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{1A8ABFBC-51E4-4A2F-93BF-2844DE9B62A2}C:\users\pc\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\pc\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{DC309332-3349-4B11-8B72-5E27FF324DDF}C:\users\pc\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\pc\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{CE2802F0-2ACB-4307-99C6-D03BA877046C}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe (DivX, LLC -> DivX, LLC)
FirewallRules: [UDP Query User{F73CEFFD-4384-4161-BCCF-0177361CB15B}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe (DivX, LLC -> DivX, LLC)

==================== Restore Points =========================

23-06-2019 19:48:59 Naplánovaný kontrolní bod
09-07-2019 21:22:19 Naplánovaný kontrolní bod
10-07-2019 22:31:16 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name: AW2UU4ZC IDE Controller
Description: AW2UU4ZC IDE Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard mass storage controllers)
Service: a6h68nrk
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/10/2019 09:43:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/09/2019 09:45:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/09/2019 09:35:24 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\PC\APPDATA\ROAMING\OPERA SOFTWARE\OPERA STABLE\PEPPER DATA\SHOCKWAVE FLASH\WRITABLEROOT\#SHAREDOBJECTS\Y7GAFQ24\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS> v mapě algoritmu hash nebyla aktualizována.

Kontext: aplikace , katalog SystemIndex

Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)

Error: (07/09/2019 07:28:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/09/2019 09:31:46 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\PC\APPDATA\ROAMING\OPERA SOFTWARE\OPERA STABLE\PEPPER DATA\SHOCKWAVE FLASH\WRITABLEROOT\#SHAREDOBJECTS\72BEXJL9\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS> v mapě algoritmu hash nebyla aktualizována.

Kontext: aplikace , katalog SystemIndex

Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)

Error: (07/09/2019 09:31:39 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\PC\APPDATA\ROAMING\OPERA SOFTWARE\OPERA STABLE\PEPPER DATA\SHOCKWAVE FLASH\WRITABLEROOT\#SHAREDOBJECTS\DXAKAUH3\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS> v mapě algoritmu hash nebyla aktualizována.

Kontext: aplikace , katalog SystemIndex

Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)

Error: (07/09/2019 09:14:34 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\PEPPER DATA\SHOCKWAVE FLASH\WRITABLEROOT\#SHAREDOBJECTS\YT3H98BE\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS> v mapě algoritmu hash nebyla aktualizována.

Kontext: aplikace , katalog SystemIndex

Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)

Error: (07/09/2019 08:56:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (07/10/2019 10:42:37 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Zapůjčení adresy IP 192.168.1.102 pro síťovou kartu s adresou 001FD099EE00 byla serverem DHCP 192.168.1.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error: (07/10/2019 09:46:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (07/10/2019 09:46:08 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
Přihlašovací chyba: Platnost hesla pro tuto registraci vypršela.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (07/10/2019 09:43:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba VBoxAsw Support Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.

Error: (07/09/2019 09:47:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (07/09/2019 09:47:11 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
Přihlašovací chyba: Platnost hesla pro tuto registraci vypršela.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (07/09/2019 09:45:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba VBoxAsw Support Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.

Error: (07/09/2019 09:43:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Licencování softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.


CodeIntegrity:
===================================

Date: 2019-07-10 22:43:25.538
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-07-10 22:43:25.070
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-07-10 22:43:24.602
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-07-10 22:43:24.134
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-07-08 22:02:22.285
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-07-08 22:02:21.802
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-07-08 22:02:21.349
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-07-08 22:02:20.850
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F7 08/15/2008
Motherboard: Gigabyte Technology Co., Ltd. EP43-S3L
Processor: Intel(R) Core(TM)2 Quad CPU Q9400 @ 2.66GHz
Percentage of memory in use: 69%
Total physical RAM: 3325.58 MB
Available physical RAM: 1022.91 MB
Total Virtual: 6876.13 MB
Available Virtual: 4994.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:156.25 GB) (Free:46.91 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:439.92 GB) (Free:388.39 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: 505FDA6B)
Partition 1: (Active) - (Size=156.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=439.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Preventivní kontrola

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    File: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C01175B6-6575-4526-A55B-2BC2F10BA083}
    Folder: C:\Program Files\PCGameBoost
    
    Task: {0829CD53-0534-47C9-9AFD-3DE883BE933A} - System32\Tasks\SmartGameBooster SkipUAC (PC) => C:\Program Files\PCGameBoost\Smart Game Booster\SgbMain.exe
    Task: {9A7E3EBE-DF34-4AE2-B4FA-D0F9EF16B4D1} - System32\Tasks\{8A7F7DC3-BD75-451E-AE54-8FA0208DAC04} => C:\Windows\system32\pcalua.exe -a "C:\Users\PC\Desktop\Torpark 2.0.0.3a\Torpark.exe" -d "C:\Users\PC\Desktop\Torpark 2.0.0.3a"
    HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
    S3 AvastVBoxSvc; "C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe" [X]
    S3 cpuz138; \??\C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x32.sys [X] <==== ATTENTION
    S2 VBoxAswDrv; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [X]
    U3 a6h68nrk; no ImagePath
    2019-07-08 22:01 - 2019-07-08 22:02 - 000000000 ____D C:\rsit
    2019-07-08 22:01 - 2019-07-08 22:02 - 000000000 ____D C:\Program Files\trend micro
    2019-07-08 22:01 - 2019-07-08 22:01 - 001107968 _____ C:\Users\PC\Downloads\RSIT.exe
    CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{16d51579-a30b-4c8b-a276-0ff4dc41e755}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{4955DD33-B159-11D0-8FCF-00AA006BCC59}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\PC\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateOnDemand.exe" => No File
    CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.34.7\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.33.23\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{cc5bbec3-db4a-4bed-828d-08d78ee3e1ed}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.33.17\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> no filepath
    AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF [1042]
    C:\Program Files\PCGameBoost
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

T72
Návštěvník
Návštěvník
Příspěvky: 78
Registrován: 02 lis 2011 18:31

Re: Preventivní kontrola

#7 Příspěvek od T72 »

Fix result of Farbar Recovery Scan Tool (x86) Version: 10-07-2019
Ran by PC (11-07-2019 21:48:27) Run:1
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & UpdatusUser)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C01175B6-6575-4526-A55B-2BC2F10BA083}
Folder: C:\Program Files\PCGameBoost

Task: {0829CD53-0534-47C9-9AFD-3DE883BE933A} - System32\Tasks\SmartGameBooster SkipUAC (PC) => C:\Program Files\PCGameBoost\Smart Game Booster\SgbMain.exe
Task: {9A7E3EBE-DF34-4AE2-B4FA-D0F9EF16B4D1} - System32\Tasks\{8A7F7DC3-BD75-451E-AE54-8FA0208DAC04} => C:\Windows\system32\pcalua.exe -a "C:\Users\PC\Desktop\Torpark 2.0.0.3a\Torpark.exe" -d "C:\Users\PC\Desktop\Torpark 2.0.0.3a"
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
S3 AvastVBoxSvc; "C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe" [X]
S3 cpuz138; \??\C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x32.sys [X] <==== ATTENTION
S2 VBoxAswDrv; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [X]
U3 a6h68nrk; no ImagePath
2019-07-08 22:01 - 2019-07-08 22:02 - 000000000 ____D C:\rsit
2019-07-08 22:01 - 2019-07-08 22:02 - 000000000 ____D C:\Program Files\trend micro
2019-07-08 22:01 - 2019-07-08 22:01 - 001107968 _____ C:\Users\PC\Downloads\RSIT.exe
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{16d51579-a30b-4c8b-a276-0ff4dc41e755}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{4955DD33-B159-11D0-8FCF-00AA006BCC59}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\PC\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.34.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.33.23\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{cc5bbec3-db4a-4bed-828d-08d78ee3e1ed}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.33.17\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> no filepath
AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF [1042]
C:\Program Files\PCGameBoost

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 108
Average :
Sum : 65878933
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========


========================= File: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ========================

C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
File not signed
MD5: D02FBEEB3562C0594CB538384597BD45
Creation and modification date: 2015-10-06 15:56 - 2019-04-23 09:39
Size: 001244733
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/63818b0 ... 562171136/

====== End of File: ======

================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C01175B6-6575-4526-A55B-2BC2F10BA083}]
"AuthorizedCDFPrefix"=""
"Comments"=""
"Contact"=""
"DisplayVersion"="2.7.2.4"
"HelpLink"="http://www.intel.com"
"HelpTelephone"=""
"InstallDate"="20170417"
"InstallLocation"=""
"InstallSource"="C:\ProgramData\Package Cache\{C01175B6-6575-4526-A55B-2BC2F10BA083}v2.7.2.4\"
"ModifyPath"="MsiExec.exe /X{C01175B6-6575-4526-A55B-2BC2F10BA083}"
"NoModify"="1"
"NoRepair"="1"
"Publisher"="Intel"
"Readme"=""
"Size"=""
"EstimatedSize"="5721"
"SystemComponent"="1"
"UninstallString"="MsiExec.exe /X{C01175B6-6575-4526-A55B-2BC2F10BA083}"
"URLInfoAbout"="http://www.intel.com"
"URLUpdateInfo"=""
"VersionMajor"="2"
"VersionMinor"="7"
"WindowsInstaller"="1"
"Version"="34013186"
"Language"="1033"
"DisplayName"=". . ."

=== End of ExportKey ===

========================= Folder: C:\Program Files\PCGameBoost ========================

not found.

====== End of Folder: ======

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0829CD53-0534-47C9-9AFD-3DE883BE933A}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0829CD53-0534-47C9-9AFD-3DE883BE933A}" => removed successfully.
C:\Windows\System32\Tasks\SmartGameBooster SkipUAC (PC) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartGameBooster SkipUAC (PC)" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A7E3EBE-DF34-4AE2-B4FA-D0F9EF16B4D1}" => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A7E3EBE-DF34-4AE2-B4FA-D0F9EF16B4D1} => removed successfully.
C:\Windows\System32\Tasks\{8A7F7DC3-BD75-451E-AE54-8FA0208DAC04} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8A7F7DC3-BD75-451E-AE54-8FA0208DAC04} => removed successfully.
"HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully.
HKLM\System\CurrentControlSet\Services\AvastVBoxSvc => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\cpuz138 => removed successfully.
cpuz138 => service removed successfully.
HKLM\System\CurrentControlSet\Services\VBoxAswDrv => could not remove, key could be protected
a6h68nrk => service not found.
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\PC\Downloads\RSIT.exe => moved successfully
HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228} => removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{16d51579-a30b-4c8b-a276-0ff4dc41e755} => removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{4955DD33-B159-11D0-8FCF-00AA006BCC59} => removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A} => removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119} => removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8} => removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923} => removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD} => removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8} => removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8} => removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{cc5bbec3-db4a-4bed-828d-08d78ee3e1ed} => removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F} => removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4} => removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837} => removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58} => removed successfully.
HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58} => removed successfully.
C:\ProgramData\TEMP => ":05EE1EEF" ADS removed successfully.
"C:\Program Files\PCGameBoost" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7020110 B
Java, Flash, Steam htmlcache => 1080 B
Windows/system/drivers => 1478119 B
Edge => 0 B
Chrome => 2797834 B
Firefox => 11771602 B
Opera => 25437336 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 692 B
LocalService => 0 B
NetworkService => 0 B
PC => 562412 B
apache2triad => 0 B
apache2triad.PC-PC => 0 B
apache2triad.PC-PC.000 => 0 B
apache2triad.PC-PC.001 => 0 B
UpdatusUser => 0 B

RecycleBin => 0 B
EmptyTemp: => 54.8 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 11-07-2019 21:50:35)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\AvastVBoxSvc => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\VBoxAswDrv => could not remove, key could be protected

==== End of Fixlog 21:50:35 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Preventivní kontrola

#8 Příspěvek od Conder »

:arrow: Ako to vyzera s PC? Su nejake problemy?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

T72
Návštěvník
Návštěvník
Příspěvky: 78
Registrován: 02 lis 2011 18:31

Re: Preventivní kontrola

#9 Příspěvek od T72 »

Vše funguje jak má, děkuji za pomoc.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Preventivní kontrola

#10 Příspěvek od Conder »

:arrow: Logy vyzeraju OK. Tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět