Additional scan result of Farbar Recovery Scan Tool (x64) Version: 4.02.2019
Ran by m (06-02-2019 14:39:24)
Running from C:\Users\m\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-11-03 21:10:04)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-437069544-115546471-2938306295-500 - Administrator - Disabled)
Guest (S-1-5-21-437069544-115546471-2938306295-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-437069544-115546471-2938306295-1003 - Limited - Enabled)
m (S-1-5-21-437069544-115546471-2938306295-1000 - Administrator - Enabled) => C:\Users\m
UpdatusUser (S-1-5-21-437069544-115546471-2938306295-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 17.00 beta (x64) (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov)
Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{CB320215-F4BD-40FD-A209-62B131DA1B82}) (Version: 99.9 - Eyeo GmbH)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Arta Software version 1.8.5 (HKLM-x32\...\ArtaSoftware_is1) (Version: - ARTALABS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 71.0.1037.98 - Autoři prohlížeče Avast Secure Browser)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Bandizip (HKLM\...\Bandizip) (Version: 6.10 - Bandisoft.com)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.7.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG5500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series) (Version: 1.02 - Canon Inc.)
Canon MG5500 series On-screen Manual (HKLM-x32\...\Canon MG5500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - )
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.4.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5666 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DVB Dream version 1.5e (HKLM-x32\...\DVB Dream_is1) (Version: - )
DVD43 v4.6.0 (HKLM-x32\...\DVD43_is1) (Version: - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ETDWare PS/2-X64 10.6.9.9_WHQL (HKLM\...\Elantech) (Version: 10.6.9.9 - ELAN Microelectronic Corp.)
Firefox Preloader (HKLM-x32\...\Firefox Preloader_is1) (Version: 1.0.366.0 - 6XGate Incorporated)
FormatFactory 3.7.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.7.0.0 - Format Factory)
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: - FreeDownloadManager.ORG)
Free MP3 Recorder 1.0 (HKLM-x32\...\{AE84E7FF-4DEC-48EC-BBA9-9A808E48DF8E}_is1) (Version: 1.0 - WordAddin Studio)
Freemore MP3 Cutter 3.8.1 (HKLM-x32\...\Freemore MP3 Cutter_is1) (Version: - FreeMoreSoft, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HOLMImpulse (HKLM\...\{97D1B7D2-4428-4B1A-B676-1C4AC877EC5B}) (Version: 01.04.0200 - HOLM Acoustics)
CHIRP (HKLM-x32\...\CHIRP) (Version: - )
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
ICQ (verze 10.0.12114) (HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\icq.desktop) (Version: 10.0.12114 - ICQ)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2669 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
IPCameraSearchTool version 1.0.0.2 (HKLM-x32\...\{4EABBC6B-B00B-41E1-AA7E-88925CDA6BDE}_is1) (Version: 1.0.0.2 - NEO)
iTunes (HKLM\...\{8C125166-94A1-4721-84CC-C9739E6EA8A7}) (Version: 12.9.3.3 - Apple Inc.)
iTV - televizní program 1.7.756 (HKLM-x32\...\iTV - televizní program_is1) (Version: - Milan Vyšata)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
JPEG Resampler Vs 5.99.99 (HKLM-x32\...\JPEG Resampler_is1) (Version: - David Macek)
KiCad 4.0.5 (HKLM-x32\...\KiCad) (Version: 4.0.5 - KiCad)
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.132 - PandoraTV)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.13 - Acer Inc.)
Lexicon Alpha Driver (HKLM\...\{AAFA253A-08A9-46A8-AB30-B4C26E578424}) (Version: 2.6 - Lexicon) Hidden
Lexicon Alpha Driver (HKLM-x32\...\Lexicon Alpha Driver) (Version: - Lexicon)
Lexicon Pantheon VST Plug-in (remove only) (HKLM-x32\...\LexiconStudio) (Version: - )
Mediatek RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.38.101 - MediatekWiFi)
MediaTek SP Driver version 5.15.24.04 (HKLM\...\MediaTek SP Driver_is1) (Version: 5.15.24.04 - MediaTek.Inc.)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2010 pro podnikatele (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 65.0 (x64 cs) (HKLM\...\Mozilla Firefox 65.0 (x64 cs)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0 - Mozilla)
MP3 Speed Changer 3.01 (HKLM-x32\...\MP3SpeedChanger_is1) (Version: - Crazy Boomerang Software)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multi-channel USB Audio v3.20.0 (HKLM-x32\...\Software_Soundcraft_SoundcraftUSBAudio_Setup) (Version: 3.20.0 - Soundcraft)
Nero InCD (HKLM\...\{59482AA7-3E30-4B5E-A52F-4101DACC2707}) (Version: 6.6.5100 - Nero AG)
Nokia Care Suite 5.0 (HKLM-x32\...\{A0841FEE-879B-4825-86AE-90B8A44021F8}) (Version: 2012.40.5.8 - Nokia)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
NVIDIA Ovladače grafiky 311.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.30 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1930.243 - Trusteer)
Opera Stable 38.0.2220.31 (HKLM-x32\...\Opera 38.0.2220.31) (Version: 38.0.2220.31 - Opera Software)
Opera Stable 57.0.3098.116 (HKLM-x32\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software)
Ovládací panel NVIDIA 311.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 311.30 - NVIDIA Corporation) Hidden
P2P BLOW PC (HKLM-x32\...\{40EF2025-5FDE-4033-AE73-942CBBC2BAFE}) (Version: 3.0.2.6 - hi)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PicosmosTools 1.3.0.0 (HKLM-x32\...\PicosmosTools) (Version: 1.3.0.0 - Free Time)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.9.0 - Prolific Technology INC)
PL-2303 Vista Driver Installer (HKLM-x32\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.2.0.0 - Prolific)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1930.243 - Trusteer) Hidden
REAPER (x64) (HKLM\...\REAPER) (Version: - )
Registrace uživatele zařízení Canon MG5500 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG5500 series) (Version: - Canon Inc.)
Room EQ Wizard 5.16 (HKLM-x32\...\4549-9647-2313-4375) (Version: 5.16 - John Mulcahy)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.45.00(23.5.2014) - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.01.00:36 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
SFM 4 B2 Mouse Driver (HKLM-x32\...\{865865F2-6748-4710-99DC-5248204D8FD4}_is1) (Version: 1.0 - )
Skype verze 8.38 (HKLM-x32\...\Skype_is1) (Version: 8.38 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
Software Informer 1.4.1273.0 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
SpeakerManagement V1.3 (HKLM-x32\...\SpeakerManagement V1.3) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.0.13880 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
UC232A_Win 7_64bit (HKLM-x32\...\{437BDACD-9584-4A01-A814-27EA01B452A6}) (Version: 1.0.082 - Aten International Co., Ltd.)
UV_5R_VIP (HKLM-x32\...\ST6UNST #2) (Version: - )
VDownloader 4.1.1539 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
VirtualDJ LE (N4) (HKLM-x32\...\{70D728E5-253A-4296-8D1E-F37DADA6F3F5}) (Version: 7.0.5 - Atomix Productions)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VUPlayer (HKLM-x32\...\VUPlayer) (Version: - )
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 8.40 - NCH Software)
web control version 3.0.4.0 (HKLM-x32\...\{3D8D219C-0362-457F-B847-2FC07C2BE520}_is1) (Version: 3.0.4.0 - )
WhatsApp (HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\WhatsApp) (Version: 0.2.5371 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (01/27/2014 2.10.00) (HKLM\...\A360E2EA788FFC586113AFE1F2AABF01EBE7A248) (Version: 01/27/2014 2.10.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (01/27/2014 2.10.00) (HKLM\...\42F5D8399C4B7EB9005D88E9045ABB1A715CD59A) (Version: 01/27/2014 2.10.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Wings 3D 2.1.5 (HKLM-x32\...\Wings 3D 2.1.5) (Version: - )
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinZip 21.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410F}) (Version: 21.5.12480 - WinZip Computing, S.L. )
wOBD (HKLM-x32\...\ST6UNST #1) (Version: - )
Yamaha USB-MIDI Driver (HKLM\...\{2D488455-3E89-49EF-BA6E-92C2503DC89D}) (Version: 3.1.4.1 - Yamaha Corporation) Hidden
Yamaha USB-MIDI Driver (HKLM-x32\...\InstallShield_{2D488455-3E89-49EF-BA6E-92C2503DC89D}) (Version: 3.1.4.1 - Yamaha Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-437069544-115546471-2938306295-1000_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl64.dll (Bandisoft -> Bandisoft.com)
CustomCLSID: HKU\S-1-5-21-437069544-115546471-2938306295-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers1: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers1: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => -> No File
ContextMenuHandlers1-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers1-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1-x32: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-19] (Corel Corporation -> WinZip Computing, S.L.)
ContextMenuHandlers2: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers2: [InCDShellExt] -> {09bffb91-ecda-4149-bcfd-d87a345c219e} => C:\Program Files\Nero\Tools\InCD\InCDshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers2-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers4: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers4-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers4-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-19] (Corel Corporation -> WinZip Computing, S.L.)
ContextMenuHandlers5: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-02-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers6-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6-x32: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6-x32: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-19] (Corel Corporation -> WinZip Computing, S.L.)
ContextMenuHandlers1_S-1-5-21-437069544-115546471-2938306295-1000: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers2_S-1-5-21-437069544-115546471-2938306295-1000: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers4_S-1-5-21-437069544-115546471-2938306295-1000: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers5_S-1-5-21-437069544-115546471-2938306295-1000: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0C51C327-9E18-481E-8194-45FC00B1F650} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {0C996BD2-9C49-4A0F-B792-4E50A1F8D30A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {11ADFA52-B4FB-4F70-A387-BAC8CD635106} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {15819AD5-E153-4F8D-AB3F-D043A95E8890} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
Task: {543F12F2-DCA1-49D8-89A3-D49494B804DF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {564A30B6-AB9B-47AE-8A60-9C553EB8A1F5} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {5A1F9590-A9BF-4081-8A48-91C09BC9AE91} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd -> Piriform Ltd)
Task: {5BC44BC8-277D-4534-A828-EC6BA64EE5B8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {92C2D418-D10A-4430-B362-208E4FEC92E2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A8C24962-0FF0-45FD-8362-252A11C00111} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {AF3B488E-FDBD-4777-88DD-4CD66D915A08} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2015-03-30] (Informer Technologies, Inc.)
Task: {B00FE2D2-28D4-4E0C-B79F-386DE6BC8099} - System32\Tasks\Opera scheduled Autoupdate 1415390993 => c:\program files (x86)\opera\launcher.exe [2019-01-09] (Opera Software AS -> Opera Software)
Task: {B4A9E5E5-C44F-4152-BD47-DE26A615A8AD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {B832EFFE-E7E7-434B-A0D3-6345A9D1EC98} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C057EADB-886A-4CF5-978A-CC5D496CED3D} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {CC4A4CC9-B09D-4644-9389-E6F4DC92729E} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2017-04-19] (WinZip)
Task: {E36B06F1-CC42-4603-99EB-2613FA943AF9} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2019-01-15] (Apple Inc. -> Apple Inc.)
Task: {F1752DA7-A09C-40AC-AE21-55E19174BA32} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com
Shortcut: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com
ShortcutWithArgument: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\m\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
==================== Loaded Modules (Whitelisted) ==============
2014-11-04 21:23 - 2013-02-20 20:24 - 000087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2019-01-17 09:23 - 2019-01-17 09:23 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-02-06 08:53 - 2019-02-06 08:53 - 006953616 _____ () C:\Program Files\AVAST Software\Avast\defs\19020506\algo64.dll
2019-01-17 09:23 - 2019-01-17 09:23 - 000550792 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2019-01-17 09:24 - 2019-01-17 09:24 - 001175944 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2019-01-17 09:23 - 2019-01-17 09:23 - 001967496 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2015-11-25 13:20 - 2011-04-11 06:26 - 000034304 _____ () C:\Windows\System32\spd__l.dll
2019-01-15 01:27 - 2019-01-15 01:27 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-01-05 00:14 - 2018-01-05 00:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-04-11 03:17 - 2017-04-11 03:17 - 000192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2015-01-04 19:54 - 2013-05-14 10:50 - 000140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2012-02-28 09:07 - 2012-02-28 09:07 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2019-01-17 09:24 - 2019-01-17 09:24 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 002160128 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avformat-57.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 012621312 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avcodec-57.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 000139264 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swresample-2.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 000484352 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avutil-55.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 002111488 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avfilter-6.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 000663040 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swscale-4.dll
2017-01-31 22:23 - 2016-10-13 18:03 - 000071168 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\postproc-54.dll
2017-01-31 22:23 - 2016-10-13 16:36 - 065771520 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libcef.dll
2017-01-31 22:23 - 2016-10-13 16:36 - 002129920 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libglesv2.dll
2017-01-31 22:23 - 2016-10-13 16:36 - 000087040 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libegl.dll
2014-10-23 20:19 - 2018-09-10 15:12 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2019-01-09 10:28 - 2018-05-14 17:58 - 000614400 _____ () C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe
2015-06-02 14:51 - 2015-06-02 14:51 - 000545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2016-10-31 21:23 - 2014-05-13 12:04 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-10-31 21:23 - 2014-05-13 12:04 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-10-31 21:23 - 2014-05-13 12:04 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-10-31 21:23 - 2012-08-23 10:38 - 000574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-10-31 21:23 - 2012-04-03 17:06 - 000565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2019-01-15 01:28 - 2019-01-15 01:28 - 001042744 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2018-01-05 00:14 - 2018-01-05 00:14 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-17 17:36 - 2014-08-06 03:37 - 001203856 _____ () C:\Program Files (x86)\MediatekWiFi\Common\RaWLAPI.dll
2019-01-15 01:28 - 2019-01-15 01:28 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2019-01-09 10:28 - 2018-06-15 09:11 - 000057344 _____ () C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\lan.dll
2019-01-09 10:28 - 2018-05-05 17:26 - 000040960 _____ () C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\KBHook.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\samsungsetup.com -> hxxp://www.samsungsetup.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2019-02-06 10:52 - 000000053 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\VDownloader
HKU\S-1-5-21-437069544-115546471-2938306295-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\m\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 178.17.0.11 - 178.17.0.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Firefox Preloader.lnk => C:\Windows\pss\Firefox Preloader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Soundcraft USB Audio Control Panel Autostart.lnk => C:\Windows\pss\Soundcraft USB Audio Control Panel Autostart.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Soundcraft USB Control Panel.lnk => C:\Windows\pss\Soundcraft USB Control Panel.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^m^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk => C:\Windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk.Startup
MSCONFIG\startupreg: AvgUi => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
MSCONFIG\startupreg: BlazeServoTool => "C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe"
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MSCONFIG\startupreg: icq.desktop => "C:\Users\m\AppData\Roaming\ICQ\bin\icq.exe" /startup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1445AB92-FC2D-4D9A-B4B8-4B0F690A836F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B7735037-14F6-4CC4-BC1A-40E93C847C17}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D3518227-15BA-4E13-AA38-31BD481FFF72}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{47FFF7A7-F96B-4E49-9BBB-CF96369C5DB0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{E88AE31C-5FE0-4E92-BCD8-6299B913EA52}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{206325AE-8C1E-48E2-B6EF-F3A4C13FC7B0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D0AA8663-AA6E-4E92-A593-F80760D7033A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{957F6428-E58A-472D-BF64-7ABFB3117530}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FAF6C809-9CDA-4CDC-AC27-00958FB26445}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2969165D-0CEA-483E-B95B-36F3EE83DCD7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{F925D4D7-4FB9-470F-B561-30D4C27084EE}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe (chen jun hao -> Picosmos)
FirewallRules: [UDP Query User{DF37F468-0F30-4483-AD8A-EBF3298C0E1B}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe (chen jun hao -> Picosmos)
FirewallRules: [TCP Query User{DC6D1239-988B-48B1-A6D8-5E4451BB67DE}C:\program files (x86)\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\formatfactory\formatfactory.exe (chen jun hao -> Free Time)
FirewallRules: [UDP Query User{8784F955-8CF5-4600-8911-E98C31689AF3}C:\program files (x86)\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\formatfactory\formatfactory.exe (chen jun hao -> Free Time)
FirewallRules: [{2C28C83C-CE44-42B9-BE86-FCE7BFD36AF3}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{5842C6AB-DC34-4CD7-9DB2-5F1C39E8207C}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{F1152C46-4681-49D8-940D-FD558204923A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{7B2AD1CA-231F-4BFC-BF47-DDBF5A0B07C0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{3BB0E174-CE0C-4934-B89C-826298115763}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{CA1623C8-6835-4127-A9ED-71F213912254}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{E2C9C1C5-005D-4D45-B1AC-1874205DCC6B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{255820FD-7323-4746-994D-ADE21D827566}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{4F8AF6C3-30FE-4B47-8668-ECCB7164BA6A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe (CryptCATAdminCalcHashFromFileHandle failed to return cbHash, #2 -> Samsung Electronics Co., Ltd.)
FirewallRules: [{C1AE4854-1F07-4FB5-B5B1-612F4495D0D5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe (CryptCATAdminCalcHashFromFileHandle failed to return cbHash, #2 -> Samsung Electronics Co., Ltd.)
FirewallRules: [{89885AB9-CF7F-430E-82C6-52B0592A8550}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{F0ABDE51-B6D7-41D8-B120-7CB58E2EF63D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{766E061C-A817-44D3-9B35-723D42ACB92A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe (Samsung Electronics CO., LTD. -> ScanProcess)
FirewallRules: [{5C34C3B6-A77A-4229-8331-332D9A491609}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe (Samsung Electronics CO., LTD. -> ScanProcess)
FirewallRules: [{69569208-7DBF-453C-9995-454C45468075}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe (Samsung Electronics CO., LTD. -> Scan2PCNotify)
FirewallRules: [{23879F8F-C9F2-4EC0-AE7C-1616030A7DE2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe (Samsung Electronics CO., LTD. -> Scan2PCNotify)
FirewallRules: [{DE3E7CFE-E1BF-4A95-B2EB-DF8142344201}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{FE1A7505-155B-450F-8EA0-E96C14AAA5A2}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{5D9B9FA3-7AD0-4229-8BE6-48C8E5CB7BF6}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe ()
FirewallRules: [UDP Query User{1ED373B2-C8AF-40B9-B6E4-31FC4A6CDF43}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe ()
FirewallRules: [TCP Query User{4CB14BCD-F281-40DB-8244-27252D716E16}C:\program files (x86)\ipcamerasearchtool\searchtool.exe] => (Allow) C:\program files (x86)\ipcamerasearchtool\searchtool.exe ()
FirewallRules: [UDP Query User{BFEB0B56-1E32-4ABA-AFD9-C4F9DE4DAAC5}C:\program files (x86)\ipcamerasearchtool\searchtool.exe] => (Allow) C:\program files (x86)\ipcamerasearchtool\searchtool.exe ()
FirewallRules: [{9763EE5A-4224-4C22-8580-019A896BD084}] => (Block) C:\program files (x86)\ipcamerasearchtool\searchtool.exe ()
FirewallRules: [{482391F7-5765-4453-A227-E962EAA3775E}] => (Block) C:\program files (x86)\ipcamerasearchtool\searchtool.exe ()
FirewallRules: [{E9CB7E75-A617-4692-A21A-EEB3D262C24E}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (Softdeluxe Ltd. -> FreeDownloadManager.org)
FirewallRules: [{979B30FB-1233-4A70-B73E-4D06E4267750}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (Softdeluxe Ltd. -> FreeDownloadManager.org)
FirewallRules: [{FF7F1723-77C8-4EAD-8F57-D5AC57A5B862}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe (Ralink)
FirewallRules: [{C90EE39F-A3A7-45A2-8BCB-AE5DDCE6EC43}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe (Ralink)
FirewallRules: [{DB8965D5-20DE-4C07-8B5E-CBDAAC621692}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe (MEDIATEK INC. -> Mediatek Inc.)
FirewallRules: [TCP Query User{C462EB39-23FE-453F-93E4-EE1F68AFF93B}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{9C96CCC4-DA6F-4B64-A52E-C237FF178C63}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [TCP Query User{8758BCD8-75E3-4363-A89A-497F572C0A70}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{B1C0C7DC-5BB5-4966-9116-01E16198D1A0}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [{5C51827B-E6BE-46A9-9178-81B3F4C585CD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B0DBC307-3A18-4667-930E-962FE47E6B43}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{CFD45019-6B43-416F-A72B-53BD0257AE48}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C3F7E535-E896-4554-AD9A-32B4D49D5BAC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{CA08D84A-C7AE-4A3D-85A6-6E9A2555341D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F738F4B4-DD69-4F32-9FE6-83A00DC14AF5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F2FDE267-D526-4B44-AAFD-9C4BC8DE7BD4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{365C2984-9886-4DCE-84E8-DD0C25052502}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [UDP Query User{4B0C1C79-A5E7-4C91-83DA-F90EF6B5DFF6}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F037DB64-4874-4CD8-BCD9-DE01D6532CF8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{AF1C28C7-07F0-4635-A10A-F591363C6605}] => (Allow) c:\program files (x86)\opera\57.0.3098.106\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{C732C861-AA83-4321-87F3-376FBE461D61}] => (Allow) c:\program files (x86)\opera\57.0.3098.116\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{AB646575-766D-43DB-8D9F-6E84602A80F3}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{67B189C0-45C8-46F8-8C08-E17BA5471F2F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{A6746D53-8E30-4A4B-9708-94961D52283F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{B7F5A355-6827-4160-8C60-FAC4C100C774}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1E09FC95-4BBB-40CD-8CD0-DF2640BBB68E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{821B8B2D-DF90-49BB-BA29-F741FE5CA62A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
26-12-2018 10:22:03 Naplánovaný kontrolní bod
04-01-2019 20:55:27 Naplánovaný kontrolní bod
11-01-2019 09:16:28 Installed Rapport
21-01-2019 09:34:10 Naplánovaný kontrolní bod
28-01-2019 10:59:27 Naplánovaný kontrolní bod
05-02-2019 09:24:41 Naplánovaný kontrolní bod
06-02-2019 13:30:12 Restore Point Created by FRST
06-02-2019 14:07:05 Restore Point Created by FRST
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/06/2019 02:18:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/06/2019 02:07:04 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {2cc58155-6a4a-4827-87ca-1a7f6e2d07e8}
Error: (02/06/2019 02:03:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/06/2019 01:59:54 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2019 01:37:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/06/2019 01:30:11 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {f1c74c4f-d971-4ef5-ac0c-bfec1e9fdae7}
Error: (02/06/2019 12:59:54 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2019 11:59:54 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
System errors:
=============
Error: (02/06/2019 02:20:21 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 70. Stav interní chyby: 105
Error: (02/06/2019 02:19:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/06/2019 02:11:43 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: Nelze spustit server DCOM: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}. Došlo k chybě:
%%5 = Přístup byl odepřen.
při provádění příkazu:
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (02/06/2019 02:07:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba InCD Helper byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/06/2019 02:07:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (02/06/2019 02:07:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (02/06/2019 02:07:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (02/06/2019 02:07:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Update Service Daemon byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
===================================
Date: 2015-11-27 02:55:34.420
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\ProgramData\eWMiniProe\WMiniPro.exe;folder:C:\Users\m\AppData\Roaming\istartsurf\;process:pid:1036,ProcessStart:130930626677479684;service:WdsManPro
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:
Date: 2015-11-25 16:19:33.708
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\ProgramData\eWMiniProe\WMiniPro.exe;folder:C:\Users\m\AppData\Roaming\istartsurf\;process:pid:1800,ProcessStart:130929380506725339;service:WdsManPro
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:
Date: 2015-11-24 09:34:35.982
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\ProgramData\eWMiniProe\WMiniPro.exe;process:pid:1988,ProcessStart:130918761752753436
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe
Date: 2015-08-21 08:10:44.237
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files (x86)\MiuiTab\BrowerWatchCH.dll;file:C:\Program Files (x86)\MiuiTab\BrowerWatchFF.dll;file:C:\Program Files (x86)\MiuiTab\BrowserAction.dll;file:C:\Program Files (x86)\MiuiTab\conf;file:C:\Program Files (x86)\MiuiTab\defsearchp@gmail.com!1.0.0.1039.xpi;file:C:\Program Files (x86)\MiuiTab\ffsearch_toolbar!1.0.0.1031.xpi;file:C:\Program Files (x86)\MiuiTab\IeWatchDog.dll;file:C:\Program Files (x86)\MiuiTab\install.data;file:C:\Program Files (x86)\MiuiTab\msvcp110.dll;file:C:\Program Files (x86)\MiuiTab\msvcr110.dll;file:C:\Program Files (x86)\MiuiTab\searchProvider.xml;file:C:\Program Files (x86)\MiuiTab\skin\about.png;file:C:\Program Files (x86)\MiuiTab\skin\about_bk.png;file:C:\Program Files (x86)\MiuiTab\skin\btn.png;file:C:\Program Files (x86)\MiuiTab\skin\btn_apply.png;file:C:\Program Files (x86)\MiuiTab\skin\close.png;file:C:\Program Files (x86)\MiuiTab\skin\conf.xml;file:C:\Program Files (x86)\MiuiTab\skin\conf_back.png;file:C:\Program Files (x86)\MiuiTab\skin\input_bk.png;file:C:\
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe
Date: 2015-08-21 08:04:21.468
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\ProgramData\nWinManPron\ProtectWindowsManager.exe;process:pid:1436,ProcessStart:130845279859304763
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe
Date: 2015-04-22 12:57:49.182
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
CodeIntegrity:
===================================
Date: 2016-12-27 18:27:08.665
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-27 18:27:08.579
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-27 18:26:22.818
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-24 10:45:08.586
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
Date: 2015-10-24 10:45:08.506
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
Date: 2015-10-24 10:45:08.426
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
Date: 2015-10-21 20:32:02.312
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
Date: 2015-10-21 20:32:02.247
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 71%
Total physical RAM: 8010.36 MB
Available physical RAM: 2310.64 MB
Total Virtual: 16018.88 MB
Available Virtual: 9895.29 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:261.4 GB) NTFS
\\?\Volume{de627543-639c-11e4-b131-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F63ECFB0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu záseky systému, kolečko nejde vypnout
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout
Vy tu stale davate jeden a ten isty log a neberiete vzretel moje postupy.
► Vyšla moja nová kniha BOTNETY! 
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout
vždy nechám scanovat nově a kopíruji výsledek
Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 4.02.2019
Ran by m (administrator) on M-PC (06-02-2019 14:58:33)
Running from C:\Users\m\Desktop
Loaded Profiles: m & UpdatusUser (Available Profiles: m & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Nero AG) C:\Program Files (x86)\Nero\Tools\InCD\InCDSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe
(Nero AG) C:\Program Files (x86)\Nero\Tools\InCD\NBHRegInCDSrv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(FreeDownloadManager.org) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
() C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Farbar) C:\Users\m\Desktop\FRST64(2).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [1878016 2017-04-19] (WinZip)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1106512 2012-03-02] (Dritek System Inc. -> Dritek System Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [dvd43] => C:\Program Files (x86)\dvd43\dvd43_tray.exe [827904 2009-10-23] ()
HKLM-x32\...\Run: [SFM 4 B2 Mouse Driver] => C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe [614400 2018-05-14] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10431176 2017-01-20] (Softdeluxe Ltd. -> FreeDownloadManager.org)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\MountPoints2: {5903b727-1677-11e5-9201-68942328a459} - F:\laucher.exe
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\MountPoints2: {ea5a313e-4ed1-11e7-a479-68942328a45a} - F:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-18] (Google Inc -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\Installer\chrmstp.exe [2019-01-16] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-02-20] (NVIDIA CORPORATION -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-02-20] (NVIDIA CORPORATION -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mediatek Wireless Utility.lnk [2017-05-17]
ShortcutTarget: Mediatek Wireless Utility.lnk -> C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe (Mediatek Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SPDriverInstall.lnk [2016-09-17]
ShortcutTarget: SPDriverInstall.lnk -> C:\Program Files\MediaTek\SP Driver\SPDriverInstall (No File)
Startup: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2017-07-25]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction ? <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Tcpip\Parameters: [DhcpNameServer] 178.17.0.11 178.17.0.12
Tcpip\..\Interfaces\{464C6660-F1BE-4595-B543-DE14D7A085CE}: [DhcpNameServer] 109.205.75.22
Tcpip\..\Interfaces\{6F01AEF7-0D77-47A4-B029-C65780083693}: [DhcpNameServer] 178.17.0.11 178.17.0.12
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.1.117,1]
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930854286339096&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-437069544-115546471-2938306295-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-437069544-115546471-2938306295-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 0AD95A27AF13D04D9447BD9B2E2B0761 URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 28F55112567F11A7DBADE182EB0E2AFF URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 6561DF71FFA8F9C488FEF0C602C8F88A URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 8B2130DBC0AEAA85CBFB5E9FEC1C1479 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (Canon Inc. -> CANON INC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12] (Eyeo GmbH -> Adblock Plus)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (Canon Inc. -> CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Eyeo GmbH -> Adblock Plus)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (Canon Inc. -> CANON INC.)
DPF: HKLM-x32 {F680B28A-3AEE-4C88-93ED-45AE9215C128} hxxps://adisepo.mfcr.cz/adistc/adis/idpr_pub/xspa/bin/cryptsignx.cab
FireFox:
========
FF ProfilePath: C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204 [2019-02-06]
FF Homepage: Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204 -> hxxp://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204 -> hxxps://www.amazon.com/gp/bit/amazonserp/ref=bi ... 4_CZ_ff_nt_
FF Extension: (IBM Security Rapport) - C:\Users\m\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2019-02-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\m\AppData\Local\Google\Chrome\User Data\Default [2019-02-06]
CHR Extension: (Prezentace) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-23]
CHR Extension: (Dokumenty) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-23]
CHR Extension: (Disk Google) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-08]
CHR Extension: (IBM Security Rapport) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2018-09-30]
CHR Extension: (Seznam doplněk - Email) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-12-21]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-12-21]
CHR Extension: (YouTube) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-08]
CHR Extension: (Vyhledávání Google) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-08]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-01]
CHR Extension: (Avast Online Security) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-12-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-23]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-10-01]
CHR Extension: (Gmail) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-08]
CHR Extension: (Chrome Media Router) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-01]
CHR HKU\S-1-5-21-437069544-115546471-2938306295-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR StartupUrls: "hxxp://www.seznam.cz/?clid=6826"
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-23] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-23] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\elevation_service.exe [390552 2019-01-09] (AVAST Software s.r.o. -> AVAST Software)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-04-11] (Huawei Software Technologies Co., LTD. -> )
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] (Canon Inc. -> )
R2 InCDSrv; C:\Program Files (x86)\Nero\Tools\InCD\InCDSrv.exe [1420592 2009-10-16] (Nero AG -> Nero AG)
R2 MediatekRegistryWriter; C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe [401040 2014-07-31] (MEDIATEK INC. -> Mediatek Inc.)
R2 MediatekRegistryWriter64; C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe [454288 2014-07-31] (MEDIATEK INC. -> Mediatek Inc.)
R2 NeroRegInCDSrv; C:\Program Files (x86)\Nero\Tools\InCD\NBHRegInCDSrv.exe [53560 2009-10-16] (Nero AG -> Nero AG)
S3 RaMediaServer; C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5264888 2018-12-26] (IBM -> IBM Corp.)
S3 Samsung UPD Service2; C:\Windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics CO., LTD. -> Samsung Electronics)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11786992 2018-11-14] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [491088 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 adpahci; C:\Windows\system32\drivers\adpahci.sys [339536 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 adpu320; C:\Windows\system32\drivers\adpu320.sys [182864 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [507392 2015-06-27] (Microsoft Windows Hardware Compatibility Publisher -> ITETech )
S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-14] (Microsoft Windows -> Acer Laboratories Inc.)
S3 arc; C:\Windows\system32\drivers\arc.sys [87632 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 arcsas; C:\Windows\system32\drivers\arcsas.sys [97856 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [223056 2019-01-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166792 2019-01-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [3538432 2012-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 b06bdrv; C:\Windows\system32\drivers\bxvbda.sys [468480 2009-06-10] (Microsoft Windows -> Broadcom Corporation)
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Microsoft Windows -> Broadcom Corporation)
S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-10] (Microsoft Windows -> Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-10] (Microsoft Windows -> Brother Industries, Ltd.)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Microsoft Windows -> Brother Industries Ltd.)
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-14] (Microsoft Windows -> CMD Technology, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-07] (Disc Soft Ltd -> Disc Soft Ltd)
S3 elxstor; C:\Windows\system32\drivers\elxstor.sys [530496 2009-07-14] (Microsoft Windows -> Emulex)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Microsoft Windows -> Hauppauge Computer Works, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-11] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [14741632 2012-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 InCDFs; C:\Windows\System32\DRIVERS\InCDFs.sys [168984 2009-10-16] (Nero AG -> Nero AG)
R3 InCDPass; C:\Windows\System32\DRIVERS\InCDPass.sys [60952 2009-10-16] (Nero AG -> Nero AG)
R1 InCDRec; C:\Windows\System32\DRIVERS\InCDRec.sys [22040 2009-10-16] (Nero AG -> Nero AG)
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [331264 2011-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2016-01-05] (Microsoft Windows Hardware Compatibility Publisher -> ITE )
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2212496 2014-07-04] (MEDIATEK INC. -> MediaTek Inc.)
S3 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [51264 2009-07-14] (Microsoft Windows -> IBM Corporation)
S3 nmwcd; C:\Windows\System32\drivers\ccdcmbx64.sys [19968 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbox64.sys [27136 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfdx64.sys [26112 2012-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 ql2300; C:\Windows\system32\drivers\ql2300.sys [1524816 2009-07-14] (Microsoft Windows -> QLogic Corporation)
S3 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [128592 2009-07-14] (Microsoft Windows -> QLogic Corporation)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [501256 2018-12-26] (IBM -> IBM Corp.)
R1 RapportCerberus_1930247; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1930247.sys [1657968 2019-01-11] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [725192 2018-12-26] (IBM -> IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [461768 2018-12-26] (IBM -> IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [604752 2018-09-06] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [758168 2018-12-26] (IBM -> IBM Corp.)
S4 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Microsoft Windows -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [167936 2013-10-22] (Microsoft Windows Hardware Compatibility Publisher -> ATEN)
S3 SoundcraftUSBAudio; C:\Windows\System32\DRIVERS\SoundcraftUSBAudio_x64.sys [269312 2015-09-03] (Harman Music Group Inc. -> )
S3 SoundcraftUSBAudioks; C:\Windows\System32\DRIVERS\SoundcraftUSBAudioks_x64.sys [50688 2015-09-03] (Harman Music Group Inc. -> )
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys [9216 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltjx64.sys [9216 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 YMIDUSBW; C:\Windows\System32\drivers\ymidusbx64.sys [43744 2015-07-28] (Yamaha Corporation -> Yamaha Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-06 14:58 - 2019-02-06 14:58 - 000033197 _____ C:\Users\m\Desktop\FRST.txt
2019-02-06 14:25 - 2019-02-06 14:39 - 000066115 _____ C:\Users\m\Desktop\Addition.txt
2019-02-06 13:16 - 2019-02-06 13:17 - 000000413 _____ C:\Users\m\Downloads\Search.txt
2019-02-06 13:15 - 2019-02-06 13:15 - 002433024 _____ (Farbar) C:\Users\m\Desktop\FRST64(2).exe
2019-02-06 11:35 - 2019-02-06 11:35 - 002433024 _____ (Farbar) C:\Users\m\Downloads\FRST64.exe
2019-02-06 11:09 - 2019-02-06 11:09 - 007316688 _____ (Malwarebytes) C:\Users\m\Downloads\adwcleaner_7.2.7.0.exe
2019-02-06 10:52 - 2019-02-06 10:52 - 001222144 _____ C:\Users\m\Downloads\RSITx64(1).exe
2019-02-06 10:30 - 2019-02-06 10:31 - 000491363 _____ C:\Users\m\Downloads\fwpoptvka.zip
2019-02-06 10:16 - 2019-02-06 10:16 - 000322056 _____ (Mozilla) C:\Users\m\Downloads\Firefox Installer.exe
2019-02-06 10:14 - 2019-02-06 10:15 - 000712678 _____ C:\Users\m\Desktop\Záložky 2019.html
2019-02-05 18:04 - 2019-02-05 18:04 - 008595456 _____ C:\Users\m\Downloads\PI TRUSS AND STAGE(CRYSTAL WANG)(1).xls
2019-02-05 18:02 - 2019-02-05 18:02 - 000252681 _____ C:\Users\m\Downloads\prilohy_54516.zip
2019-02-05 17:54 - 2019-02-05 17:54 - 001080486 _____ C:\Users\m\Downloads\Spigot truss and stage (CRYSTAL).pdf
2019-02-05 12:38 - 2019-02-05 12:39 - 000000000 ____D C:\Users\m\Desktop\chris rea
2019-02-05 12:33 - 2019-02-05 12:34 - 164698825 _____ C:\Users\m\Downloads\Chris Rea_mp3.rar
2019-02-04 18:39 - 2019-02-04 18:53 - 616799430 _____ C:\Users\m\Downloads\Amatérské rádio PE 2018.rar
2019-02-04 18:39 - 2019-02-04 18:50 - 421465641 _____ C:\Users\m\Downloads\Amatérské rádio 2017.rar
2019-02-02 17:06 - 2019-02-02 17:43 - 2070805738 _____ C:\Users\m\Desktop\Bohemian Rhapsody CZ TITULKY 2018 NOVINKA Queen Freddie Mercury Rami Malek Lucy Boynton Rapsody Rapsodi české titulky RODINNÝ RODINNÁ DRAMA DRÁMA HUDEBNÍ HUDOBNÝ ŽIVOTOPISNÍ ŽIVOTOPISNÝ.avi
2019-02-02 15:15 - 2019-02-02 15:28 - 992362682 _____ C:\Users\m\Desktop\Po cem muzi touzi 2018 CZ.avi
2019-01-31 17:40 - 2019-01-31 17:40 - 001221276 _____ C:\Users\m\Downloads\Odprodej_nepotřebného_majetku-KRPZ-100730-28_ČJ-2018-1500AO-služební_dopravní_prostředky.pdf
2019-01-30 09:33 - 2019-01-30 09:33 - 000544605 _____ C:\Users\m\Desktop\Kovohutě.pdf
2019-01-30 09:21 - 2019-01-30 09:21 - 000418903 _____ C:\Users\m\Downloads\Kh, Přijatá objednávka - Kupní smlouva CZ.pdf
2019-01-29 11:04 - 2019-01-29 11:04 - 003868748 _____ C:\Users\m\Downloads\SiCompact_v3_3_Build6(2).zip
2019-01-29 10:27 - 2019-01-29 10:33 - 176181196 _____ C:\Users\m\Downloads\uiupdate-k-3.0.7865-ui24v2.zip
2019-01-29 08:49 - 2019-01-29 08:50 - 000111881 _____ C:\Users\m\Downloads\priloha_643661555_0_Inventura OSVČ.pdf
2019-01-29 08:49 - 2019-01-29 08:49 - 000163315 _____ C:\Users\m\Downloads\zprava_643661555_prijata.zfo
2019-01-28 09:33 - 2019-01-28 09:33 - 000001111 _____ C:\Users\m\Desktop\Hrdina silnicní 2018.xml
2019-01-28 09:08 - 2019-01-28 09:08 - 000001707 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-01-28 09:08 - 2019-01-28 09:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-01-28 09:08 - 2019-01-28 09:08 - 000000000 ____D C:\Program Files\iPod
2019-01-28 09:07 - 2019-01-28 09:08 - 000000000 ____D C:\Program Files\iTunes
2019-01-28 08:59 - 2019-01-28 08:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2019-01-25 09:01 - 2019-01-25 09:01 - 000000523 _____ C:\Users\m\Desktop\kara.JPEG.lnk
2019-01-25 09:00 - 2019-01-25 09:02 - 000093301 _____ C:\Users\m\Desktop\kara.JPEG
2019-01-24 15:36 - 2019-01-24 15:36 - 000620343 _____ C:\Users\m\Desktop\FAM TRIP KOLUMBIE 2016.pdf
2019-01-24 15:20 - 2019-01-24 15:20 - 000282385 _____ C:\Users\m\Desktop\faktura zes.pdf
2019-01-24 15:19 - 2019-01-24 15:18 - 000245152 _____ C:\Users\m\Desktop\faktura Litvínov.pdf
2019-01-24 15:17 - 2019-01-24 15:17 - 000432444 _____ C:\Users\m\Desktop\faktura Neubert.pdf
2019-01-24 15:16 - 2019-01-24 15:15 - 000437734 _____ C:\Users\m\Desktop\faktura Roudnice.pdf
2019-01-24 09:29 - 2019-01-24 09:29 - 000006209 _____ C:\Users\m\Desktop\J. Hrdina KH 4.Q 18.xml
2019-01-21 23:40 - 2019-01-22 09:21 - 000642705 _____ C:\Users\m\Downloads\Součet Fidlovačka Listopad + Prosinec 2.pages
2019-01-21 10:55 - 2019-01-21 10:55 - 000223056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-21 10:34 - 2019-01-21 10:38 - 269393736 _____ (Apple Inc.) C:\Users\m\Downloads\iTunes64Setup(3).exe
2019-01-21 08:29 - 2019-01-21 08:29 - 000203448 _____ C:\Users\m\Downloads\new power supply .pdf
2019-01-21 08:24 - 2019-01-21 08:24 - 000314319 _____ C:\Users\m\Downloads\Thomann_Retoure_2044149.pdf
2019-01-21 08:18 - 2019-01-21 08:18 - 000171345 _____ C:\Users\m\Downloads\D 4CH POWER SUPPLY .pdf
2019-01-18 09:56 - 2019-01-18 09:56 - 000138952 _____ C:\Users\m\Downloads\Pay confirmation (2).pdf
2019-01-18 09:55 - 2019-01-18 09:55 - 000138952 _____ C:\Users\m\Desktop\Pay confirmation (2).pdf
2019-01-18 09:53 - 2019-01-18 09:53 - 000197630 _____ C:\Users\m\Downloads\Jaromir-Hrdina-A-Z-servis117-HQLITE.pdf
2019-01-18 09:52 - 2019-01-18 09:52 - 000138952 _____ C:\Users\m\Downloads\DokladProvedeni_566591.pdf
2019-01-18 08:48 - 2019-01-18 08:48 - 000010279 _____ C:\Users\m\Downloads\原始-小杨-捷克-恒生-201890118-Proforma invoice sent to Mirek(Jaromir Hrdina) from Czech.pdf
2019-01-18 08:19 - 2019-01-18 08:19 - 000000000 ____D C:\Users\m\AppData\LocalLow\Oracle
2019-01-17 14:22 - 2019-01-17 14:22 - 000213666 _____ C:\Users\m\Downloads\551184364.pdf
2019-01-17 14:21 - 2019-01-17 14:21 - 000068100 _____ C:\Users\m\Downloads\2018-12-01-3613766754-5_62871_10_00_100000-fs(1).pdf
2019-01-17 14:14 - 2019-01-17 14:14 - 000051662 _____ C:\Users\m\Downloads\2018_12_27_39541033.pdf
2019-01-17 13:49 - 2019-01-17 13:49 - 003998157 _____ C:\Users\m\Downloads\prilohy_171933.zip
2019-01-17 13:44 - 2019-01-17 13:44 - 000592128 _____ C:\Users\m\Downloads\Potvrzení pro daňový odpočet(1).pdf
2019-01-17 11:16 - 2019-01-17 11:16 - 000278016 _____ C:\Users\m\Desktop\PI-hrdinaj 0726-czech republiky-HQLITE.xls
2019-01-17 09:25 - 2019-01-17 09:23 - 000361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-17 09:25 - 2019-01-17 09:23 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-17 09:25 - 2019-01-17 09:23 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-17 09:25 - 2019-01-17 09:23 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-17 09:25 - 2019-01-17 09:23 - 000037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-01-16 10:59 - 2019-01-16 10:59 - 000168609 _____ C:\Users\m\Downloads\28923484.pdf
2019-01-16 10:59 - 2019-01-16 10:59 - 000168609 _____ C:\Users\m\Downloads\28913398.pdf
2019-01-16 10:59 - 2019-01-16 10:59 - 000168608 _____ C:\Users\m\Downloads\25924057.pdf
2019-01-15 11:59 - 2019-01-18 08:53 - 004194054 _____ C:\Users\m\Downloads\Hqlite-quote1901-6.8.pdf
2019-01-14 09:20 - 2019-01-14 09:20 - 000066312 _____ C:\Users\m\Downloads\77748121_1_1132_20190111.pdf
2019-01-14 09:16 - 2019-01-14 09:15 - 001307015 _____ C:\Users\m\Desktop\Faktura Strakonice2.pdf
2019-01-13 22:14 - 2019-01-13 22:13 - 001322130 _____ C:\Users\m\Desktop\faktury Strakonice.pdf
2019-01-12 16:37 - 2019-01-12 16:37 - 008595456 _____ C:\Users\m\Downloads\PI TRUSS AND STAGE(CRYSTAL WANG).xls
2019-01-10 11:10 - 2019-01-10 11:10 - 000046195 _____ C:\Users\m\Downloads\Zálohová faktura 14180003(1).pdf
2019-01-10 10:57 - 2019-01-10 10:58 - 000095916 _____ C:\Users\m\Downloads\3801021872.pdf
2019-01-10 10:53 - 2019-01-10 10:53 - 000253855 _____ C:\Users\m\Downloads\PI 19-01107S.pdf
2019-01-10 10:47 - 2019-01-10 10:47 - 000118136 _____ C:\Users\m\Downloads\Tipa - faktura II. - 128 aktualni(1).pdf
2019-01-10 10:41 - 2019-01-10 10:41 - 000206182 _____ C:\Users\m\Downloads\Faktura vydaná_FV18113908.pdf
2019-01-10 09:52 - 2019-01-10 09:52 - 000087920 _____ C:\Users\m\Downloads\Daňový doklad o přijetí platby 15180002(2).pdf
2019-01-10 09:24 - 2019-01-10 09:24 - 000085045 _____ C:\Users\m\Downloads\77748121_20181228_20190109.pdf
2019-01-10 05:00 - 2019-01-10 05:00 - 000000000 ___HD C:\$AV_ASW
2019-01-09 10:28 - 2019-01-09 10:28 - 000001820 _____ C:\Users\Public\Desktop\SFM 4 B2 Mouse Driver.lnk
2019-01-09 10:28 - 2019-01-09 10:28 - 000000000 ____D C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse
2019-01-09 10:28 - 2019-01-09 10:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFM 4 B2 Mouse
2019-01-09 09:50 - 2019-01-09 09:50 - 000015700 _____ C:\Users\m\Downloads\Subject(2).PDF
2019-01-09 09:49 - 2019-01-09 09:49 - 000015700 _____ C:\Users\m\Downloads\Subject(1).PDF
2019-01-09 09:47 - 2019-01-09 09:47 - 000115589 _____ C:\Users\m\Downloads\CLRI409260430128_5011305896954518927.pdf
2019-01-09 08:50 - 2019-01-09 08:50 - 000368128 _____ C:\Users\m\Downloads\faktura Weinas 12-2018(1).xls
2019-01-09 08:48 - 2019-01-09 08:49 - 000076753 _____ C:\Users\m\Downloads\CLRI784334076702_021545309061610(1).pdf
2019-01-08 23:43 - 2019-01-08 23:43 - 000027136 _____ C:\Users\m\Downloads\梅捷克 Jaromir (LHM20180912)(3).xls
2019-01-08 23:31 - 2019-01-08 23:31 - 000027136 _____ C:\Users\m\Downloads\faktura gisen 12.18.xls
2019-01-08 22:42 - 2019-01-08 22:42 - 000027136 _____ C:\Users\m\Downloads\梅捷克 Jaromir (LHM20180912)(2).xls
2019-01-08 22:37 - 2019-01-08 22:37 - 000078741 _____ C:\Users\m\Downloads\544(1).tiff
2019-01-08 21:43 - 2019-01-08 21:43 - 000075003 _____ C:\Users\m\Downloads\77748121_20181210_20190107.pdf
2019-01-08 21:10 - 2019-01-08 21:10 - 000646960 _____ C:\Users\m\Downloads\prilohy_166409.zip
2019-01-08 20:38 - 2019-01-08 20:38 - 000138251 _____ C:\Users\m\Downloads\DokladProvedeni_535832.pdf
2019-01-08 17:09 - 2019-01-08 17:09 - 000056265 _____ C:\Users\m\Downloads\055b0e6d-3e1a-4ee7-b041-d6260b570480.pdf
2019-01-08 09:13 - 2019-01-08 09:14 - 000015660 _____ C:\Users\m\Downloads\Subject.PDF
2019-01-07 11:39 - 2019-01-07 11:39 - 000075676 _____ C:\Users\m\Downloads\CLRI724965744740_021531841283040.pdf
2019-01-07 11:38 - 2019-01-07 11:38 - 000100491 _____ C:\Users\m\Downloads\JSD.pdf
2019-01-07 11:37 - 2019-01-07 11:37 - 000076753 _____ C:\Users\m\Downloads\CLRI784334076702_021545309061610.pdf
2019-01-07 11:36 - 2019-01-07 11:36 - 000033578 _____ C:\Users\m\Downloads\Vyuctovani_50214520_1812.pdf
2019-01-07 11:34 - 2019-01-07 11:34 - 000033553 _____ C:\Users\m\Downloads\Vyuctovani_50214520_1811.pdf
2019-01-07 11:33 - 2019-01-07 11:33 - 000033565 _____ C:\Users\m\Downloads\Vyuctovani_50214520_1810(1).pdf
2019-01-07 10:40 - 2019-01-07 10:40 - 000068754 _____ C:\Users\m\Downloads\2019-01-01-3613766754-5_62871_10_00_100000-fs.pdf
2019-01-07 10:40 - 2019-01-07 10:40 - 000062674 _____ C:\Users\m\Downloads\2019-01-01-3620769603-5_62871_10_00_100001-fs.pdf
2019-01-07 10:39 - 2019-01-07 10:39 - 000068100 _____ C:\Users\m\Downloads\2018-12-01-3613766754-5_62871_10_00_100000-fs.pdf
2019-01-07 10:38 - 2019-01-07 10:39 - 000062868 _____ C:\Users\m\Downloads\2018-12-01-3620769603-5_62871_10_00_100001-fs.pdf
2019-01-07 10:37 - 2019-01-07 10:37 - 000069389 _____ C:\Users\m\Downloads\2018-11-01-3613766754-5_62871_10_00_100000-fs.pdf
2019-01-07 10:37 - 2019-01-07 10:37 - 000062553 _____ C:\Users\m\Downloads\2018-11-01-3620769603-5_62871_10_00_100001-fs.pdf
2019-01-07 10:35 - 2019-01-07 10:35 - 000037224 _____ C:\Users\m\Downloads\Vyúčtování_2018_10-1363326304.pdf
2019-01-07 10:34 - 2019-01-07 10:35 - 000039879 _____ C:\Users\m\Downloads\Vyúčtování_2018_10-1363326301.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-06 14:57 - 2015-09-14 12:41 - 000000000 ____D C:\FRST
2019-02-06 14:24 - 2011-04-12 09:34 - 000668792 _____ C:\Windows\system32\perfh005.dat
2019-02-06 14:24 - 2011-04-12 09:34 - 000141420 _____ C:\Windows\system32\perfc005.dat
2019-02-06 14:24 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-06 14:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-02-06 14:23 - 2014-11-07 21:09 - 000000000 ____D C:\Program Files (x86)\Opera
2019-02-06 14:23 - 2009-07-14 05:45 - 000022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-06 14:23 - 2009-07-14 05:45 - 000022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-06 14:21 - 2017-01-31 22:23 - 000000000 ____D C:\Users\m\AppData\Local\Free Download Manager
2019-02-06 14:21 - 2016-12-02 17:52 - 000000000 ____D C:\Users\m\AppData\LocalLow\Mozilla
2019-02-06 14:20 - 2017-11-12 18:47 - 000000000 ___RD C:\Users\m\iCloudDrive
2019-02-06 14:18 - 2018-11-25 20:06 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-02-06 14:17 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-06 14:13 - 2016-10-28 09:53 - 000000000 ____D C:\Users\m\AppData\LocalLow\Temp
2019-02-06 12:54 - 2015-03-26 09:00 - 000000000 ____D C:\Users\m\Documents\bordel plocha
2019-02-06 11:38 - 2016-10-02 08:57 - 000056908 _____ C:\Users\m\Downloads\FRST.txt
2019-02-06 11:38 - 2015-09-14 12:42 - 000068343 _____ C:\Users\m\Downloads\Addition.txt
2019-02-06 11:29 - 2015-12-15 18:37 - 000000000 ____D C:\Program Files\trend micro
2019-02-06 11:17 - 2017-05-06 09:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-02-06 11:17 - 2014-11-07 20:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-06 11:12 - 2015-12-15 20:40 - 000000000 ____D C:\AdwCleaner
2019-02-06 11:12 - 2014-11-13 18:57 - 000000000 ____D C:\Users\m\AppData\Roaming\IObit
2019-02-06 11:12 - 2014-11-13 18:57 - 000000000 ____D C:\Users\m\AppData\LocalLow\IObit
2019-02-06 11:12 - 2014-11-13 18:57 - 000000000 ____D C:\ProgramData\IObit
2019-02-06 10:21 - 2014-11-07 20:43 - 000000000 ____D C:\ProgramData\Mozilla
2019-02-06 10:20 - 2015-05-13 19:01 - 000000000 ____D C:\Users\m\AppData\Local\CrashDumps
2019-02-06 10:19 - 2014-11-07 20:43 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-02-06 10:19 - 2014-11-07 20:43 - 000001147 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-02-06 10:03 - 2017-05-15 19:53 - 006980216 _____ (ESET spol. s r.o.) C:\Users\m\Downloads\esetonlinescanner_csy.exe
2019-02-05 17:57 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2019-02-05 13:46 - 2014-11-07 21:06 - 000000000 ____D C:\Program Files\CCleaner
2019-02-05 08:31 - 2017-03-03 08:11 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-02-04 18:44 - 2017-08-30 12:45 - 000000000 ____D C:\Windows\AutoKMS
2019-02-04 18:43 - 2016-07-07 18:52 - 000151552 _____ C:\Windows\KMSEmulator.exe
2019-02-04 12:44 - 2018-03-17 10:47 - 000004512 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-02-04 12:44 - 2018-03-07 10:17 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-02-04 12:44 - 2017-11-12 18:46 - 000003404 _____ C:\Windows\System32\Tasks\Apple Diagnostics
2019-02-04 12:44 - 2017-05-15 13:58 - 000003380 _____ C:\Windows\System32\Tasks\WinZip Update Notifier
2019-02-04 12:44 - 2015-12-15 11:34 - 000004500 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-02-04 12:44 - 2015-12-15 11:33 - 000003838 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1415390993
2019-02-04 12:44 - 2015-12-03 18:40 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-02-04 12:44 - 2015-06-24 10:31 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-02-04 12:44 - 2015-05-28 12:27 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-02-04 12:44 - 2015-05-10 22:25 - 000003282 _____ C:\Windows\System32\Tasks\SoftwareInformerService
2019-02-04 12:44 - 2014-11-07 21:06 - 000002764 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-02-04 12:44 - 2014-11-05 07:39 - 000003520 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2019-02-04 10:33 - 2018-08-31 08:28 - 000001306 _____ C:\Users\Public\Desktop\Skype.lnk
2019-02-04 10:33 - 2018-08-31 08:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-01-30 09:33 - 2016-02-09 18:55 - 000000000 ____D C:\Users\m\scany
2019-01-29 21:14 - 2014-11-04 21:23 - 000000000 ____D C:\Users\UpdatusUser
2019-01-21 11:03 - 2017-11-12 18:47 - 000000000 ____D C:\Users\m\AppData\Local\C55D15D0-4E46-4797-82FF-7B3F63036861.aplzod
2019-01-21 11:02 - 2014-11-11 11:45 - 000000000 ____D C:\Users\m\AppData\Local\Apple Computer
2019-01-21 10:55 - 2016-10-02 18:09 - 000166792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-17 09:24 - 2017-11-21 08:38 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-17 09:24 - 2017-10-17 11:13 - 000239808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-17 09:23 - 2018-10-23 08:08 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-17 09:23 - 2016-10-02 18:09 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-01-16 15:06 - 2018-04-23 20:56 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-01-15 09:37 - 2018-04-23 20:54 - 000000000 ____D C:\Users\m\AppData\Local\AVAST Software
2019-01-13 20:00 - 2015-01-04 19:47 - 000000000 ____D C:\ProgramData\CanonIJPLM
2019-01-11 09:19 - 2017-10-04 15:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2019-01-10 05:00 - 2018-12-23 19:37 - 000000000 ____D C:\Program Files (x86)\iTV
2019-01-09 12:30 - 2014-11-07 20:49 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-01-09 12:30 - 2014-11-07 20:49 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-09 12:30 - 2014-11-07 20:49 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-01-09 12:30 - 2014-11-07 20:49 - 000000000 ____D C:\Windows\system32\Macromed
2019-01-08 23:36 - 2018-12-29 09:26 - 000016075 _____ C:\Users\m\Downloads\20181229 -Proforma invoice sent to Mirek from Czech.pdf
2019-01-08 23:29 - 2018-12-05 13:31 - 000027136 _____ C:\Users\m\Downloads\PROFORMA INVOICE to Mirek CZ-M-12052018.xls
2019-01-08 21:20 - 2018-07-02 13:15 - 000001312 _____ C:\Users\m\Desktop\Gisen 07.2018.xls.lnk
==================== Files in the root of some directories =======
2015-10-21 19:28 - 2015-08-27 15:48 - 000444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2015-11-25 16:08 - 2019-02-06 13:02 - 000262123 _____ () C:\Users\m\AppData\Roaming\Error.log
2016-02-07 19:34 - 2016-02-07 19:34 - 000000017 _____ () C:\Users\m\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2019-02-03 17:28
==================== End of FRST.txt ============================
Ran by m (administrator) on M-PC (06-02-2019 14:58:33)
Running from C:\Users\m\Desktop
Loaded Profiles: m & UpdatusUser (Available Profiles: m & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Nero AG) C:\Program Files (x86)\Nero\Tools\InCD\InCDSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe
(Nero AG) C:\Program Files (x86)\Nero\Tools\InCD\NBHRegInCDSrv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(FreeDownloadManager.org) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
() C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Farbar) C:\Users\m\Desktop\FRST64(2).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [1878016 2017-04-19] (WinZip)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1106512 2012-03-02] (Dritek System Inc. -> Dritek System Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [dvd43] => C:\Program Files (x86)\dvd43\dvd43_tray.exe [827904 2009-10-23] ()
HKLM-x32\...\Run: [SFM 4 B2 Mouse Driver] => C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe [614400 2018-05-14] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10431176 2017-01-20] (Softdeluxe Ltd. -> FreeDownloadManager.org)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\MountPoints2: {5903b727-1677-11e5-9201-68942328a459} - F:\laucher.exe
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\MountPoints2: {ea5a313e-4ed1-11e7-a479-68942328a45a} - F:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-18] (Google Inc -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\Installer\chrmstp.exe [2019-01-16] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-02-20] (NVIDIA CORPORATION -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-02-20] (NVIDIA CORPORATION -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mediatek Wireless Utility.lnk [2017-05-17]
ShortcutTarget: Mediatek Wireless Utility.lnk -> C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe (Mediatek Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SPDriverInstall.lnk [2016-09-17]
ShortcutTarget: SPDriverInstall.lnk -> C:\Program Files\MediaTek\SP Driver\SPDriverInstall (No File)
Startup: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2017-07-25]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction ? <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Tcpip\Parameters: [DhcpNameServer] 178.17.0.11 178.17.0.12
Tcpip\..\Interfaces\{464C6660-F1BE-4595-B543-DE14D7A085CE}: [DhcpNameServer] 109.205.75.22
Tcpip\..\Interfaces\{6F01AEF7-0D77-47A4-B029-C65780083693}: [DhcpNameServer] 178.17.0.11 178.17.0.12
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.1.117,1]
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930854286339096&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-437069544-115546471-2938306295-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-437069544-115546471-2938306295-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 0AD95A27AF13D04D9447BD9B2E2B0761 URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 28F55112567F11A7DBADE182EB0E2AFF URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 6561DF71FFA8F9C488FEF0C602C8F88A URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 8B2130DBC0AEAA85CBFB5E9FEC1C1479 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (Canon Inc. -> CANON INC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12] (Eyeo GmbH -> Adblock Plus)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (Canon Inc. -> CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Eyeo GmbH -> Adblock Plus)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (Canon Inc. -> CANON INC.)
DPF: HKLM-x32 {F680B28A-3AEE-4C88-93ED-45AE9215C128} hxxps://adisepo.mfcr.cz/adistc/adis/idpr_pub/xspa/bin/cryptsignx.cab
FireFox:
========
FF ProfilePath: C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204 [2019-02-06]
FF Homepage: Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204 -> hxxp://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204 -> hxxps://www.amazon.com/gp/bit/amazonserp/ref=bi ... 4_CZ_ff_nt_
FF Extension: (IBM Security Rapport) - C:\Users\m\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2019-02-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\m\AppData\Local\Google\Chrome\User Data\Default [2019-02-06]
CHR Extension: (Prezentace) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-23]
CHR Extension: (Dokumenty) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-23]
CHR Extension: (Disk Google) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-08]
CHR Extension: (IBM Security Rapport) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2018-09-30]
CHR Extension: (Seznam doplněk - Email) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-12-21]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-12-21]
CHR Extension: (YouTube) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-08]
CHR Extension: (Vyhledávání Google) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-08]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-01]
CHR Extension: (Avast Online Security) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-12-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-23]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-10-01]
CHR Extension: (Gmail) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-08]
CHR Extension: (Chrome Media Router) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-01]
CHR HKU\S-1-5-21-437069544-115546471-2938306295-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR StartupUrls: "hxxp://www.seznam.cz/?clid=6826"
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-23] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-23] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\elevation_service.exe [390552 2019-01-09] (AVAST Software s.r.o. -> AVAST Software)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-04-11] (Huawei Software Technologies Co., LTD. -> )
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] (Canon Inc. -> )
R2 InCDSrv; C:\Program Files (x86)\Nero\Tools\InCD\InCDSrv.exe [1420592 2009-10-16] (Nero AG -> Nero AG)
R2 MediatekRegistryWriter; C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe [401040 2014-07-31] (MEDIATEK INC. -> Mediatek Inc.)
R2 MediatekRegistryWriter64; C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe [454288 2014-07-31] (MEDIATEK INC. -> Mediatek Inc.)
R2 NeroRegInCDSrv; C:\Program Files (x86)\Nero\Tools\InCD\NBHRegInCDSrv.exe [53560 2009-10-16] (Nero AG -> Nero AG)
S3 RaMediaServer; C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5264888 2018-12-26] (IBM -> IBM Corp.)
S3 Samsung UPD Service2; C:\Windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics CO., LTD. -> Samsung Electronics)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11786992 2018-11-14] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [491088 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 adpahci; C:\Windows\system32\drivers\adpahci.sys [339536 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 adpu320; C:\Windows\system32\drivers\adpu320.sys [182864 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [507392 2015-06-27] (Microsoft Windows Hardware Compatibility Publisher -> ITETech )
S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-14] (Microsoft Windows -> Acer Laboratories Inc.)
S3 arc; C:\Windows\system32\drivers\arc.sys [87632 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 arcsas; C:\Windows\system32\drivers\arcsas.sys [97856 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [223056 2019-01-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166792 2019-01-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [3538432 2012-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 b06bdrv; C:\Windows\system32\drivers\bxvbda.sys [468480 2009-06-10] (Microsoft Windows -> Broadcom Corporation)
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Microsoft Windows -> Broadcom Corporation)
S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-10] (Microsoft Windows -> Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-10] (Microsoft Windows -> Brother Industries, Ltd.)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Microsoft Windows -> Brother Industries Ltd.)
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-14] (Microsoft Windows -> CMD Technology, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-07] (Disc Soft Ltd -> Disc Soft Ltd)
S3 elxstor; C:\Windows\system32\drivers\elxstor.sys [530496 2009-07-14] (Microsoft Windows -> Emulex)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Microsoft Windows -> Hauppauge Computer Works, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-11] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [14741632 2012-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 InCDFs; C:\Windows\System32\DRIVERS\InCDFs.sys [168984 2009-10-16] (Nero AG -> Nero AG)
R3 InCDPass; C:\Windows\System32\DRIVERS\InCDPass.sys [60952 2009-10-16] (Nero AG -> Nero AG)
R1 InCDRec; C:\Windows\System32\DRIVERS\InCDRec.sys [22040 2009-10-16] (Nero AG -> Nero AG)
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [331264 2011-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2016-01-05] (Microsoft Windows Hardware Compatibility Publisher -> ITE )
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2212496 2014-07-04] (MEDIATEK INC. -> MediaTek Inc.)
S3 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [51264 2009-07-14] (Microsoft Windows -> IBM Corporation)
S3 nmwcd; C:\Windows\System32\drivers\ccdcmbx64.sys [19968 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbox64.sys [27136 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfdx64.sys [26112 2012-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 ql2300; C:\Windows\system32\drivers\ql2300.sys [1524816 2009-07-14] (Microsoft Windows -> QLogic Corporation)
S3 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [128592 2009-07-14] (Microsoft Windows -> QLogic Corporation)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [501256 2018-12-26] (IBM -> IBM Corp.)
R1 RapportCerberus_1930247; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1930247.sys [1657968 2019-01-11] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [725192 2018-12-26] (IBM -> IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [461768 2018-12-26] (IBM -> IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [604752 2018-09-06] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [758168 2018-12-26] (IBM -> IBM Corp.)
S4 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Microsoft Windows -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [167936 2013-10-22] (Microsoft Windows Hardware Compatibility Publisher -> ATEN)
S3 SoundcraftUSBAudio; C:\Windows\System32\DRIVERS\SoundcraftUSBAudio_x64.sys [269312 2015-09-03] (Harman Music Group Inc. -> )
S3 SoundcraftUSBAudioks; C:\Windows\System32\DRIVERS\SoundcraftUSBAudioks_x64.sys [50688 2015-09-03] (Harman Music Group Inc. -> )
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys [9216 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltjx64.sys [9216 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 YMIDUSBW; C:\Windows\System32\drivers\ymidusbx64.sys [43744 2015-07-28] (Yamaha Corporation -> Yamaha Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-06 14:58 - 2019-02-06 14:58 - 000033197 _____ C:\Users\m\Desktop\FRST.txt
2019-02-06 14:25 - 2019-02-06 14:39 - 000066115 _____ C:\Users\m\Desktop\Addition.txt
2019-02-06 13:16 - 2019-02-06 13:17 - 000000413 _____ C:\Users\m\Downloads\Search.txt
2019-02-06 13:15 - 2019-02-06 13:15 - 002433024 _____ (Farbar) C:\Users\m\Desktop\FRST64(2).exe
2019-02-06 11:35 - 2019-02-06 11:35 - 002433024 _____ (Farbar) C:\Users\m\Downloads\FRST64.exe
2019-02-06 11:09 - 2019-02-06 11:09 - 007316688 _____ (Malwarebytes) C:\Users\m\Downloads\adwcleaner_7.2.7.0.exe
2019-02-06 10:52 - 2019-02-06 10:52 - 001222144 _____ C:\Users\m\Downloads\RSITx64(1).exe
2019-02-06 10:30 - 2019-02-06 10:31 - 000491363 _____ C:\Users\m\Downloads\fwpoptvka.zip
2019-02-06 10:16 - 2019-02-06 10:16 - 000322056 _____ (Mozilla) C:\Users\m\Downloads\Firefox Installer.exe
2019-02-06 10:14 - 2019-02-06 10:15 - 000712678 _____ C:\Users\m\Desktop\Záložky 2019.html
2019-02-05 18:04 - 2019-02-05 18:04 - 008595456 _____ C:\Users\m\Downloads\PI TRUSS AND STAGE(CRYSTAL WANG)(1).xls
2019-02-05 18:02 - 2019-02-05 18:02 - 000252681 _____ C:\Users\m\Downloads\prilohy_54516.zip
2019-02-05 17:54 - 2019-02-05 17:54 - 001080486 _____ C:\Users\m\Downloads\Spigot truss and stage (CRYSTAL).pdf
2019-02-05 12:38 - 2019-02-05 12:39 - 000000000 ____D C:\Users\m\Desktop\chris rea
2019-02-05 12:33 - 2019-02-05 12:34 - 164698825 _____ C:\Users\m\Downloads\Chris Rea_mp3.rar
2019-02-04 18:39 - 2019-02-04 18:53 - 616799430 _____ C:\Users\m\Downloads\Amatérské rádio PE 2018.rar
2019-02-04 18:39 - 2019-02-04 18:50 - 421465641 _____ C:\Users\m\Downloads\Amatérské rádio 2017.rar
2019-02-02 17:06 - 2019-02-02 17:43 - 2070805738 _____ C:\Users\m\Desktop\Bohemian Rhapsody CZ TITULKY 2018 NOVINKA Queen Freddie Mercury Rami Malek Lucy Boynton Rapsody Rapsodi české titulky RODINNÝ RODINNÁ DRAMA DRÁMA HUDEBNÍ HUDOBNÝ ŽIVOTOPISNÍ ŽIVOTOPISNÝ.avi
2019-02-02 15:15 - 2019-02-02 15:28 - 992362682 _____ C:\Users\m\Desktop\Po cem muzi touzi 2018 CZ.avi
2019-01-31 17:40 - 2019-01-31 17:40 - 001221276 _____ C:\Users\m\Downloads\Odprodej_nepotřebného_majetku-KRPZ-100730-28_ČJ-2018-1500AO-služební_dopravní_prostředky.pdf
2019-01-30 09:33 - 2019-01-30 09:33 - 000544605 _____ C:\Users\m\Desktop\Kovohutě.pdf
2019-01-30 09:21 - 2019-01-30 09:21 - 000418903 _____ C:\Users\m\Downloads\Kh, Přijatá objednávka - Kupní smlouva CZ.pdf
2019-01-29 11:04 - 2019-01-29 11:04 - 003868748 _____ C:\Users\m\Downloads\SiCompact_v3_3_Build6(2).zip
2019-01-29 10:27 - 2019-01-29 10:33 - 176181196 _____ C:\Users\m\Downloads\uiupdate-k-3.0.7865-ui24v2.zip
2019-01-29 08:49 - 2019-01-29 08:50 - 000111881 _____ C:\Users\m\Downloads\priloha_643661555_0_Inventura OSVČ.pdf
2019-01-29 08:49 - 2019-01-29 08:49 - 000163315 _____ C:\Users\m\Downloads\zprava_643661555_prijata.zfo
2019-01-28 09:33 - 2019-01-28 09:33 - 000001111 _____ C:\Users\m\Desktop\Hrdina silnicní 2018.xml
2019-01-28 09:08 - 2019-01-28 09:08 - 000001707 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-01-28 09:08 - 2019-01-28 09:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-01-28 09:08 - 2019-01-28 09:08 - 000000000 ____D C:\Program Files\iPod
2019-01-28 09:07 - 2019-01-28 09:08 - 000000000 ____D C:\Program Files\iTunes
2019-01-28 08:59 - 2019-01-28 08:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2019-01-25 09:01 - 2019-01-25 09:01 - 000000523 _____ C:\Users\m\Desktop\kara.JPEG.lnk
2019-01-25 09:00 - 2019-01-25 09:02 - 000093301 _____ C:\Users\m\Desktop\kara.JPEG
2019-01-24 15:36 - 2019-01-24 15:36 - 000620343 _____ C:\Users\m\Desktop\FAM TRIP KOLUMBIE 2016.pdf
2019-01-24 15:20 - 2019-01-24 15:20 - 000282385 _____ C:\Users\m\Desktop\faktura zes.pdf
2019-01-24 15:19 - 2019-01-24 15:18 - 000245152 _____ C:\Users\m\Desktop\faktura Litvínov.pdf
2019-01-24 15:17 - 2019-01-24 15:17 - 000432444 _____ C:\Users\m\Desktop\faktura Neubert.pdf
2019-01-24 15:16 - 2019-01-24 15:15 - 000437734 _____ C:\Users\m\Desktop\faktura Roudnice.pdf
2019-01-24 09:29 - 2019-01-24 09:29 - 000006209 _____ C:\Users\m\Desktop\J. Hrdina KH 4.Q 18.xml
2019-01-21 23:40 - 2019-01-22 09:21 - 000642705 _____ C:\Users\m\Downloads\Součet Fidlovačka Listopad + Prosinec 2.pages
2019-01-21 10:55 - 2019-01-21 10:55 - 000223056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-21 10:34 - 2019-01-21 10:38 - 269393736 _____ (Apple Inc.) C:\Users\m\Downloads\iTunes64Setup(3).exe
2019-01-21 08:29 - 2019-01-21 08:29 - 000203448 _____ C:\Users\m\Downloads\new power supply .pdf
2019-01-21 08:24 - 2019-01-21 08:24 - 000314319 _____ C:\Users\m\Downloads\Thomann_Retoure_2044149.pdf
2019-01-21 08:18 - 2019-01-21 08:18 - 000171345 _____ C:\Users\m\Downloads\D 4CH POWER SUPPLY .pdf
2019-01-18 09:56 - 2019-01-18 09:56 - 000138952 _____ C:\Users\m\Downloads\Pay confirmation (2).pdf
2019-01-18 09:55 - 2019-01-18 09:55 - 000138952 _____ C:\Users\m\Desktop\Pay confirmation (2).pdf
2019-01-18 09:53 - 2019-01-18 09:53 - 000197630 _____ C:\Users\m\Downloads\Jaromir-Hrdina-A-Z-servis117-HQLITE.pdf
2019-01-18 09:52 - 2019-01-18 09:52 - 000138952 _____ C:\Users\m\Downloads\DokladProvedeni_566591.pdf
2019-01-18 08:48 - 2019-01-18 08:48 - 000010279 _____ C:\Users\m\Downloads\原始-小杨-捷克-恒生-201890118-Proforma invoice sent to Mirek(Jaromir Hrdina) from Czech.pdf
2019-01-18 08:19 - 2019-01-18 08:19 - 000000000 ____D C:\Users\m\AppData\LocalLow\Oracle
2019-01-17 14:22 - 2019-01-17 14:22 - 000213666 _____ C:\Users\m\Downloads\551184364.pdf
2019-01-17 14:21 - 2019-01-17 14:21 - 000068100 _____ C:\Users\m\Downloads\2018-12-01-3613766754-5_62871_10_00_100000-fs(1).pdf
2019-01-17 14:14 - 2019-01-17 14:14 - 000051662 _____ C:\Users\m\Downloads\2018_12_27_39541033.pdf
2019-01-17 13:49 - 2019-01-17 13:49 - 003998157 _____ C:\Users\m\Downloads\prilohy_171933.zip
2019-01-17 13:44 - 2019-01-17 13:44 - 000592128 _____ C:\Users\m\Downloads\Potvrzení pro daňový odpočet(1).pdf
2019-01-17 11:16 - 2019-01-17 11:16 - 000278016 _____ C:\Users\m\Desktop\PI-hrdinaj 0726-czech republiky-HQLITE.xls
2019-01-17 09:25 - 2019-01-17 09:23 - 000361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-17 09:25 - 2019-01-17 09:23 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-17 09:25 - 2019-01-17 09:23 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-17 09:25 - 2019-01-17 09:23 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-17 09:25 - 2019-01-17 09:23 - 000037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-01-16 10:59 - 2019-01-16 10:59 - 000168609 _____ C:\Users\m\Downloads\28923484.pdf
2019-01-16 10:59 - 2019-01-16 10:59 - 000168609 _____ C:\Users\m\Downloads\28913398.pdf
2019-01-16 10:59 - 2019-01-16 10:59 - 000168608 _____ C:\Users\m\Downloads\25924057.pdf
2019-01-15 11:59 - 2019-01-18 08:53 - 004194054 _____ C:\Users\m\Downloads\Hqlite-quote1901-6.8.pdf
2019-01-14 09:20 - 2019-01-14 09:20 - 000066312 _____ C:\Users\m\Downloads\77748121_1_1132_20190111.pdf
2019-01-14 09:16 - 2019-01-14 09:15 - 001307015 _____ C:\Users\m\Desktop\Faktura Strakonice2.pdf
2019-01-13 22:14 - 2019-01-13 22:13 - 001322130 _____ C:\Users\m\Desktop\faktury Strakonice.pdf
2019-01-12 16:37 - 2019-01-12 16:37 - 008595456 _____ C:\Users\m\Downloads\PI TRUSS AND STAGE(CRYSTAL WANG).xls
2019-01-10 11:10 - 2019-01-10 11:10 - 000046195 _____ C:\Users\m\Downloads\Zálohová faktura 14180003(1).pdf
2019-01-10 10:57 - 2019-01-10 10:58 - 000095916 _____ C:\Users\m\Downloads\3801021872.pdf
2019-01-10 10:53 - 2019-01-10 10:53 - 000253855 _____ C:\Users\m\Downloads\PI 19-01107S.pdf
2019-01-10 10:47 - 2019-01-10 10:47 - 000118136 _____ C:\Users\m\Downloads\Tipa - faktura II. - 128 aktualni(1).pdf
2019-01-10 10:41 - 2019-01-10 10:41 - 000206182 _____ C:\Users\m\Downloads\Faktura vydaná_FV18113908.pdf
2019-01-10 09:52 - 2019-01-10 09:52 - 000087920 _____ C:\Users\m\Downloads\Daňový doklad o přijetí platby 15180002(2).pdf
2019-01-10 09:24 - 2019-01-10 09:24 - 000085045 _____ C:\Users\m\Downloads\77748121_20181228_20190109.pdf
2019-01-10 05:00 - 2019-01-10 05:00 - 000000000 ___HD C:\$AV_ASW
2019-01-09 10:28 - 2019-01-09 10:28 - 000001820 _____ C:\Users\Public\Desktop\SFM 4 B2 Mouse Driver.lnk
2019-01-09 10:28 - 2019-01-09 10:28 - 000000000 ____D C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse
2019-01-09 10:28 - 2019-01-09 10:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFM 4 B2 Mouse
2019-01-09 09:50 - 2019-01-09 09:50 - 000015700 _____ C:\Users\m\Downloads\Subject(2).PDF
2019-01-09 09:49 - 2019-01-09 09:49 - 000015700 _____ C:\Users\m\Downloads\Subject(1).PDF
2019-01-09 09:47 - 2019-01-09 09:47 - 000115589 _____ C:\Users\m\Downloads\CLRI409260430128_5011305896954518927.pdf
2019-01-09 08:50 - 2019-01-09 08:50 - 000368128 _____ C:\Users\m\Downloads\faktura Weinas 12-2018(1).xls
2019-01-09 08:48 - 2019-01-09 08:49 - 000076753 _____ C:\Users\m\Downloads\CLRI784334076702_021545309061610(1).pdf
2019-01-08 23:43 - 2019-01-08 23:43 - 000027136 _____ C:\Users\m\Downloads\梅捷克 Jaromir (LHM20180912)(3).xls
2019-01-08 23:31 - 2019-01-08 23:31 - 000027136 _____ C:\Users\m\Downloads\faktura gisen 12.18.xls
2019-01-08 22:42 - 2019-01-08 22:42 - 000027136 _____ C:\Users\m\Downloads\梅捷克 Jaromir (LHM20180912)(2).xls
2019-01-08 22:37 - 2019-01-08 22:37 - 000078741 _____ C:\Users\m\Downloads\544(1).tiff
2019-01-08 21:43 - 2019-01-08 21:43 - 000075003 _____ C:\Users\m\Downloads\77748121_20181210_20190107.pdf
2019-01-08 21:10 - 2019-01-08 21:10 - 000646960 _____ C:\Users\m\Downloads\prilohy_166409.zip
2019-01-08 20:38 - 2019-01-08 20:38 - 000138251 _____ C:\Users\m\Downloads\DokladProvedeni_535832.pdf
2019-01-08 17:09 - 2019-01-08 17:09 - 000056265 _____ C:\Users\m\Downloads\055b0e6d-3e1a-4ee7-b041-d6260b570480.pdf
2019-01-08 09:13 - 2019-01-08 09:14 - 000015660 _____ C:\Users\m\Downloads\Subject.PDF
2019-01-07 11:39 - 2019-01-07 11:39 - 000075676 _____ C:\Users\m\Downloads\CLRI724965744740_021531841283040.pdf
2019-01-07 11:38 - 2019-01-07 11:38 - 000100491 _____ C:\Users\m\Downloads\JSD.pdf
2019-01-07 11:37 - 2019-01-07 11:37 - 000076753 _____ C:\Users\m\Downloads\CLRI784334076702_021545309061610.pdf
2019-01-07 11:36 - 2019-01-07 11:36 - 000033578 _____ C:\Users\m\Downloads\Vyuctovani_50214520_1812.pdf
2019-01-07 11:34 - 2019-01-07 11:34 - 000033553 _____ C:\Users\m\Downloads\Vyuctovani_50214520_1811.pdf
2019-01-07 11:33 - 2019-01-07 11:33 - 000033565 _____ C:\Users\m\Downloads\Vyuctovani_50214520_1810(1).pdf
2019-01-07 10:40 - 2019-01-07 10:40 - 000068754 _____ C:\Users\m\Downloads\2019-01-01-3613766754-5_62871_10_00_100000-fs.pdf
2019-01-07 10:40 - 2019-01-07 10:40 - 000062674 _____ C:\Users\m\Downloads\2019-01-01-3620769603-5_62871_10_00_100001-fs.pdf
2019-01-07 10:39 - 2019-01-07 10:39 - 000068100 _____ C:\Users\m\Downloads\2018-12-01-3613766754-5_62871_10_00_100000-fs.pdf
2019-01-07 10:38 - 2019-01-07 10:39 - 000062868 _____ C:\Users\m\Downloads\2018-12-01-3620769603-5_62871_10_00_100001-fs.pdf
2019-01-07 10:37 - 2019-01-07 10:37 - 000069389 _____ C:\Users\m\Downloads\2018-11-01-3613766754-5_62871_10_00_100000-fs.pdf
2019-01-07 10:37 - 2019-01-07 10:37 - 000062553 _____ C:\Users\m\Downloads\2018-11-01-3620769603-5_62871_10_00_100001-fs.pdf
2019-01-07 10:35 - 2019-01-07 10:35 - 000037224 _____ C:\Users\m\Downloads\Vyúčtování_2018_10-1363326304.pdf
2019-01-07 10:34 - 2019-01-07 10:35 - 000039879 _____ C:\Users\m\Downloads\Vyúčtování_2018_10-1363326301.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-06 14:57 - 2015-09-14 12:41 - 000000000 ____D C:\FRST
2019-02-06 14:24 - 2011-04-12 09:34 - 000668792 _____ C:\Windows\system32\perfh005.dat
2019-02-06 14:24 - 2011-04-12 09:34 - 000141420 _____ C:\Windows\system32\perfc005.dat
2019-02-06 14:24 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-06 14:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-02-06 14:23 - 2014-11-07 21:09 - 000000000 ____D C:\Program Files (x86)\Opera
2019-02-06 14:23 - 2009-07-14 05:45 - 000022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-06 14:23 - 2009-07-14 05:45 - 000022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-06 14:21 - 2017-01-31 22:23 - 000000000 ____D C:\Users\m\AppData\Local\Free Download Manager
2019-02-06 14:21 - 2016-12-02 17:52 - 000000000 ____D C:\Users\m\AppData\LocalLow\Mozilla
2019-02-06 14:20 - 2017-11-12 18:47 - 000000000 ___RD C:\Users\m\iCloudDrive
2019-02-06 14:18 - 2018-11-25 20:06 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-02-06 14:17 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-06 14:13 - 2016-10-28 09:53 - 000000000 ____D C:\Users\m\AppData\LocalLow\Temp
2019-02-06 12:54 - 2015-03-26 09:00 - 000000000 ____D C:\Users\m\Documents\bordel plocha
2019-02-06 11:38 - 2016-10-02 08:57 - 000056908 _____ C:\Users\m\Downloads\FRST.txt
2019-02-06 11:38 - 2015-09-14 12:42 - 000068343 _____ C:\Users\m\Downloads\Addition.txt
2019-02-06 11:29 - 2015-12-15 18:37 - 000000000 ____D C:\Program Files\trend micro
2019-02-06 11:17 - 2017-05-06 09:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-02-06 11:17 - 2014-11-07 20:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-06 11:12 - 2015-12-15 20:40 - 000000000 ____D C:\AdwCleaner
2019-02-06 11:12 - 2014-11-13 18:57 - 000000000 ____D C:\Users\m\AppData\Roaming\IObit
2019-02-06 11:12 - 2014-11-13 18:57 - 000000000 ____D C:\Users\m\AppData\LocalLow\IObit
2019-02-06 11:12 - 2014-11-13 18:57 - 000000000 ____D C:\ProgramData\IObit
2019-02-06 10:21 - 2014-11-07 20:43 - 000000000 ____D C:\ProgramData\Mozilla
2019-02-06 10:20 - 2015-05-13 19:01 - 000000000 ____D C:\Users\m\AppData\Local\CrashDumps
2019-02-06 10:19 - 2014-11-07 20:43 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-02-06 10:19 - 2014-11-07 20:43 - 000001147 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-02-06 10:03 - 2017-05-15 19:53 - 006980216 _____ (ESET spol. s r.o.) C:\Users\m\Downloads\esetonlinescanner_csy.exe
2019-02-05 17:57 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2019-02-05 13:46 - 2014-11-07 21:06 - 000000000 ____D C:\Program Files\CCleaner
2019-02-05 08:31 - 2017-03-03 08:11 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-02-04 18:44 - 2017-08-30 12:45 - 000000000 ____D C:\Windows\AutoKMS
2019-02-04 18:43 - 2016-07-07 18:52 - 000151552 _____ C:\Windows\KMSEmulator.exe
2019-02-04 12:44 - 2018-03-17 10:47 - 000004512 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-02-04 12:44 - 2018-03-07 10:17 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-02-04 12:44 - 2017-11-12 18:46 - 000003404 _____ C:\Windows\System32\Tasks\Apple Diagnostics
2019-02-04 12:44 - 2017-05-15 13:58 - 000003380 _____ C:\Windows\System32\Tasks\WinZip Update Notifier
2019-02-04 12:44 - 2015-12-15 11:34 - 000004500 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-02-04 12:44 - 2015-12-15 11:33 - 000003838 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1415390993
2019-02-04 12:44 - 2015-12-03 18:40 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-02-04 12:44 - 2015-06-24 10:31 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-02-04 12:44 - 2015-05-28 12:27 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-02-04 12:44 - 2015-05-10 22:25 - 000003282 _____ C:\Windows\System32\Tasks\SoftwareInformerService
2019-02-04 12:44 - 2014-11-07 21:06 - 000002764 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-02-04 12:44 - 2014-11-05 07:39 - 000003520 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2019-02-04 10:33 - 2018-08-31 08:28 - 000001306 _____ C:\Users\Public\Desktop\Skype.lnk
2019-02-04 10:33 - 2018-08-31 08:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-01-30 09:33 - 2016-02-09 18:55 - 000000000 ____D C:\Users\m\scany
2019-01-29 21:14 - 2014-11-04 21:23 - 000000000 ____D C:\Users\UpdatusUser
2019-01-21 11:03 - 2017-11-12 18:47 - 000000000 ____D C:\Users\m\AppData\Local\C55D15D0-4E46-4797-82FF-7B3F63036861.aplzod
2019-01-21 11:02 - 2014-11-11 11:45 - 000000000 ____D C:\Users\m\AppData\Local\Apple Computer
2019-01-21 10:55 - 2016-10-02 18:09 - 000166792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-17 09:24 - 2017-11-21 08:38 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-17 09:24 - 2017-10-17 11:13 - 000239808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-17 09:23 - 2018-10-23 08:08 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-17 09:23 - 2016-10-02 18:09 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-01-16 15:06 - 2018-04-23 20:56 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-01-15 09:37 - 2018-04-23 20:54 - 000000000 ____D C:\Users\m\AppData\Local\AVAST Software
2019-01-13 20:00 - 2015-01-04 19:47 - 000000000 ____D C:\ProgramData\CanonIJPLM
2019-01-11 09:19 - 2017-10-04 15:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2019-01-10 05:00 - 2018-12-23 19:37 - 000000000 ____D C:\Program Files (x86)\iTV
2019-01-09 12:30 - 2014-11-07 20:49 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-01-09 12:30 - 2014-11-07 20:49 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-09 12:30 - 2014-11-07 20:49 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-01-09 12:30 - 2014-11-07 20:49 - 000000000 ____D C:\Windows\system32\Macromed
2019-01-08 23:36 - 2018-12-29 09:26 - 000016075 _____ C:\Users\m\Downloads\20181229 -Proforma invoice sent to Mirek from Czech.pdf
2019-01-08 23:29 - 2018-12-05 13:31 - 000027136 _____ C:\Users\m\Downloads\PROFORMA INVOICE to Mirek CZ-M-12052018.xls
2019-01-08 21:20 - 2018-07-02 13:15 - 000001312 _____ C:\Users\m\Desktop\Gisen 07.2018.xls.lnk
==================== Files in the root of some directories =======
2015-10-21 19:28 - 2015-08-27 15:48 - 000444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2015-11-25 16:08 - 2019-02-06 13:02 - 000262123 _____ () C:\Users\m\AppData\Roaming\Error.log
2016-02-07 19:34 - 2016-02-07 19:34 - 000000017 _____ () C:\Users\m\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2019-02-03 17:28
==================== End of FRST.txt ============================
Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout
Chodte do nudzoveho rezimu.
Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Do poznamkoveho bloku skopirujte obsah dole:
Kód: Vybrat vše
CloseProcesses:
C:\windows\kmsemulator.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\MountPoints2: {5903b727-1677-11e5-9201-68942328a459} - F:\laucher.exe
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\MountPoints2: {ea5a313e-4ed1-11e7-a479-68942328a45a} - F:\HiSuiteDownLoader.exe
ShortcutTarget: SPDriverInstall.lnk -> C:\Program Files\MediaTek\SP Driver\SPDriverInstall (No File)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction ? <==== ATTENTION
FirewallRules: [TCP Query User{5D9B9FA3-7AD0-4229-8BE6-48C8E5CB7BF6}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe ()
FirewallRules: [UDP Query User{1ED373B2-C8AF-40B9-B6E4-31FC4A6CDF43}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe ()
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout
Basic Properties
MD5
1e687394129b3c579ddfb64c270c5a83
SHA-1
7ccb6ab124b71a6601c24c1f94a92760917beca2
Authentihash
7cab52769db42c46dcda9033ff61d5b37110b74ffdf8b9af110b785d4ae6b902
Imphash
eca39b746a653804c49484d6f6a9521d
File Type
Win32 EXE
Magic
PE32+ executable for MS Windows (native) Mono/.Net assembly
SSDeep
3072:BkGDNPAB8lXKIRNxGydEdqyheDgnUBK9wAYyp5SZDwN5qCJZr:GGdrIIRNxdi9
TRiD
OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
File Size
164 KB
MD5
1e687394129b3c579ddfb64c270c5a83
SHA-1
7ccb6ab124b71a6601c24c1f94a92760917beca2
Authentihash
7cab52769db42c46dcda9033ff61d5b37110b74ffdf8b9af110b785d4ae6b902
Imphash
eca39b746a653804c49484d6f6a9521d
File Type
Win32 EXE
Magic
PE32+ executable for MS Windows (native) Mono/.Net assembly
SSDeep
3072:BkGDNPAB8lXKIRNxGydEdqyheDgnUBK9wAYyp5SZDwN5qCJZr:GGdrIIRNxdi9
TRiD
OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
File Size
164 KB
Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 4.02.2019
Ran by m (06-02-2019 15:41:13)
Running from C:\Users\m\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-11-03 21:10:04)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-437069544-115546471-2938306295-500 - Administrator - Disabled)
Guest (S-1-5-21-437069544-115546471-2938306295-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-437069544-115546471-2938306295-1003 - Limited - Enabled)
m (S-1-5-21-437069544-115546471-2938306295-1000 - Administrator - Enabled) => C:\Users\m
UpdatusUser (S-1-5-21-437069544-115546471-2938306295-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 17.00 beta (x64) (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov)
Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{CB320215-F4BD-40FD-A209-62B131DA1B82}) (Version: 99.9 - Eyeo GmbH)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Arta Software version 1.8.5 (HKLM-x32\...\ArtaSoftware_is1) (Version: - ARTALABS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 71.0.1037.98 - Autoři prohlížeče Avast Secure Browser)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Bandizip (HKLM\...\Bandizip) (Version: 6.10 - Bandisoft.com)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.7.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG5500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series) (Version: 1.02 - Canon Inc.)
Canon MG5500 series On-screen Manual (HKLM-x32\...\Canon MG5500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - )
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.4.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5666 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DVB Dream version 1.5e (HKLM-x32\...\DVB Dream_is1) (Version: - )
DVD43 v4.6.0 (HKLM-x32\...\DVD43_is1) (Version: - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ETDWare PS/2-X64 10.6.9.9_WHQL (HKLM\...\Elantech) (Version: 10.6.9.9 - ELAN Microelectronic Corp.)
Firefox Preloader (HKLM-x32\...\Firefox Preloader_is1) (Version: 1.0.366.0 - 6XGate Incorporated)
FormatFactory 3.7.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.7.0.0 - Format Factory)
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: - FreeDownloadManager.ORG)
Free MP3 Recorder 1.0 (HKLM-x32\...\{AE84E7FF-4DEC-48EC-BBA9-9A808E48DF8E}_is1) (Version: 1.0 - WordAddin Studio)
Freemore MP3 Cutter 3.8.1 (HKLM-x32\...\Freemore MP3 Cutter_is1) (Version: - FreeMoreSoft, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HOLMImpulse (HKLM\...\{97D1B7D2-4428-4B1A-B676-1C4AC877EC5B}) (Version: 01.04.0200 - HOLM Acoustics)
CHIRP (HKLM-x32\...\CHIRP) (Version: - )
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
ICQ (verze 10.0.12114) (HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\icq.desktop) (Version: 10.0.12114 - ICQ)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2669 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
IPCameraSearchTool version 1.0.0.2 (HKLM-x32\...\{4EABBC6B-B00B-41E1-AA7E-88925CDA6BDE}_is1) (Version: 1.0.0.2 - NEO)
iTunes (HKLM\...\{8C125166-94A1-4721-84CC-C9739E6EA8A7}) (Version: 12.9.3.3 - Apple Inc.)
iTV - televizní program 1.7.756 (HKLM-x32\...\iTV - televizní program_is1) (Version: - Milan Vyšata)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
JPEG Resampler Vs 5.99.99 (HKLM-x32\...\JPEG Resampler_is1) (Version: - David Macek)
KiCad 4.0.5 (HKLM-x32\...\KiCad) (Version: 4.0.5 - KiCad)
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.132 - PandoraTV)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.13 - Acer Inc.)
Lexicon Alpha Driver (HKLM\...\{AAFA253A-08A9-46A8-AB30-B4C26E578424}) (Version: 2.6 - Lexicon) Hidden
Lexicon Alpha Driver (HKLM-x32\...\Lexicon Alpha Driver) (Version: - Lexicon)
Lexicon Pantheon VST Plug-in (remove only) (HKLM-x32\...\LexiconStudio) (Version: - )
Mediatek RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.38.101 - MediatekWiFi)
MediaTek SP Driver version 5.15.24.04 (HKLM\...\MediaTek SP Driver_is1) (Version: 5.15.24.04 - MediaTek.Inc.)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2010 pro podnikatele (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 65.0 (x64 cs) (HKLM\...\Mozilla Firefox 65.0 (x64 cs)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0 - Mozilla)
MP3 Speed Changer 3.01 (HKLM-x32\...\MP3SpeedChanger_is1) (Version: - Crazy Boomerang Software)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multi-channel USB Audio v3.20.0 (HKLM-x32\...\Software_Soundcraft_SoundcraftUSBAudio_Setup) (Version: 3.20.0 - Soundcraft)
Nero InCD (HKLM\...\{59482AA7-3E30-4B5E-A52F-4101DACC2707}) (Version: 6.6.5100 - Nero AG)
Nokia Care Suite 5.0 (HKLM-x32\...\{A0841FEE-879B-4825-86AE-90B8A44021F8}) (Version: 2012.40.5.8 - Nokia)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
NVIDIA Ovladače grafiky 311.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.30 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1930.243 - Trusteer)
Opera Stable 38.0.2220.31 (HKLM-x32\...\Opera 38.0.2220.31) (Version: 38.0.2220.31 - Opera Software)
Opera Stable 57.0.3098.116 (HKLM-x32\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software)
Ovládací panel NVIDIA 311.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 311.30 - NVIDIA Corporation) Hidden
P2P BLOW PC (HKLM-x32\...\{40EF2025-5FDE-4033-AE73-942CBBC2BAFE}) (Version: 3.0.2.6 - hi)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.9.0 - Prolific Technology INC)
PL-2303 Vista Driver Installer (HKLM-x32\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.2.0.0 - Prolific)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1930.243 - Trusteer) Hidden
REAPER (x64) (HKLM\...\REAPER) (Version: - )
Registrace uživatele zařízení Canon MG5500 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG5500 series) (Version: - Canon Inc.)
Room EQ Wizard 5.16 (HKLM-x32\...\4549-9647-2313-4375) (Version: 5.16 - John Mulcahy)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.45.00(23.5.2014) - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.01.00:36 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
SFM 4 B2 Mouse Driver (HKLM-x32\...\{865865F2-6748-4710-99DC-5248204D8FD4}_is1) (Version: 1.0 - )
Skype verze 8.38 (HKLM-x32\...\Skype_is1) (Version: 8.38 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
Software Informer 1.4.1273.0 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
SpeakerManagement V1.3 (HKLM-x32\...\SpeakerManagement V1.3) (Version: - )
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.0.13880 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
UC232A_Win 7_64bit (HKLM-x32\...\{437BDACD-9584-4A01-A814-27EA01B452A6}) (Version: 1.0.082 - Aten International Co., Ltd.)
UV_5R_VIP (HKLM-x32\...\ST6UNST #2) (Version: - )
VDownloader 4.1.1539 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
VirtualDJ LE (N4) (HKLM-x32\...\{70D728E5-253A-4296-8D1E-F37DADA6F3F5}) (Version: 7.0.5 - Atomix Productions)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VUPlayer (HKLM-x32\...\VUPlayer) (Version: - )
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 8.40 - NCH Software)
web control version 3.0.4.0 (HKLM-x32\...\{3D8D219C-0362-457F-B847-2FC07C2BE520}_is1) (Version: 3.0.4.0 - )
WhatsApp (HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\WhatsApp) (Version: 0.2.5371 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (01/27/2014 2.10.00) (HKLM\...\A360E2EA788FFC586113AFE1F2AABF01EBE7A248) (Version: 01/27/2014 2.10.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (01/27/2014 2.10.00) (HKLM\...\42F5D8399C4B7EB9005D88E9045ABB1A715CD59A) (Version: 01/27/2014 2.10.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Wings 3D 2.1.5 (HKLM-x32\...\Wings 3D 2.1.5) (Version: - )
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinZip 21.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410F}) (Version: 21.5.12480 - WinZip Computing, S.L. )
wOBD (HKLM-x32\...\ST6UNST #1) (Version: - )
Yamaha USB-MIDI Driver (HKLM\...\{2D488455-3E89-49EF-BA6E-92C2503DC89D}) (Version: 3.1.4.1 - Yamaha Corporation) Hidden
Yamaha USB-MIDI Driver (HKLM-x32\...\InstallShield_{2D488455-3E89-49EF-BA6E-92C2503DC89D}) (Version: 3.1.4.1 - Yamaha Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-437069544-115546471-2938306295-1000_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl64.dll (Bandisoft -> Bandisoft.com)
CustomCLSID: HKU\S-1-5-21-437069544-115546471-2938306295-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers1: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers1: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => -> No File
ContextMenuHandlers1-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers1-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-19] (Corel Corporation -> WinZip Computing, S.L.)
ContextMenuHandlers2: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers2: [InCDShellExt] -> {09bffb91-ecda-4149-bcfd-d87a345c219e} => C:\Program Files\Nero\Tools\InCD\InCDshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers2-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers4: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers4-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers4-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-19] (Corel Corporation -> WinZip Computing, S.L.)
ContextMenuHandlers5: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-02-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers6-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-19] (Corel Corporation -> WinZip Computing, S.L.)
ContextMenuHandlers1_S-1-5-21-437069544-115546471-2938306295-1000: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers2_S-1-5-21-437069544-115546471-2938306295-1000: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers4_S-1-5-21-437069544-115546471-2938306295-1000: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers5_S-1-5-21-437069544-115546471-2938306295-1000: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0C51C327-9E18-481E-8194-45FC00B1F650} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {0C996BD2-9C49-4A0F-B792-4E50A1F8D30A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {11ADFA52-B4FB-4F70-A387-BAC8CD635106} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {15819AD5-E153-4F8D-AB3F-D043A95E8890} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
Task: {564A30B6-AB9B-47AE-8A60-9C553EB8A1F5} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {5A1F9590-A9BF-4081-8A48-91C09BC9AE91} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd -> Piriform Ltd)
Task: {5BC44BC8-277D-4534-A828-EC6BA64EE5B8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {92C2D418-D10A-4430-B362-208E4FEC92E2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A8C24962-0FF0-45FD-8362-252A11C00111} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {AF3B488E-FDBD-4777-88DD-4CD66D915A08} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2015-03-30] (Informer Technologies, Inc.)
Task: {B00FE2D2-28D4-4E0C-B79F-386DE6BC8099} - System32\Tasks\Opera scheduled Autoupdate 1415390993 => c:\program files (x86)\opera\launcher.exe [2019-01-09] (Opera Software AS -> Opera Software)
Task: {B4A9E5E5-C44F-4152-BD47-DE26A615A8AD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {B832EFFE-E7E7-434B-A0D3-6345A9D1EC98} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C057EADB-886A-4CF5-978A-CC5D496CED3D} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {CC4A4CC9-B09D-4644-9389-E6F4DC92729E} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2017-04-19] (WinZip)
Task: {E36B06F1-CC42-4603-99EB-2613FA943AF9} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2019-01-15] (Apple Inc. -> Apple Inc.)
Task: {F1752DA7-A09C-40AC-AE21-55E19174BA32} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com
Shortcut: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com
ShortcutWithArgument: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\m\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
==================== Loaded Modules (Whitelisted) ==============
2014-11-04 21:23 - 2013-02-20 20:24 - 000087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2019-01-17 09:23 - 2019-01-17 09:23 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-02-06 08:53 - 2019-02-06 08:53 - 006953616 _____ () C:\Program Files\AVAST Software\Avast\defs\19020506\algo64.dll
2019-01-17 09:23 - 2019-01-17 09:23 - 000550792 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2019-01-17 09:24 - 2019-01-17 09:24 - 001175944 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2019-01-17 09:23 - 2019-01-17 09:23 - 001967496 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2015-11-25 13:20 - 2011-04-11 06:26 - 000034304 _____ () C:\Windows\System32\spd__l.dll
2012-02-28 09:07 - 2012-02-28 09:07 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2019-01-17 09:24 - 2019-01-17 09:24 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-15 01:27 - 2019-01-15 01:27 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-01-05 00:14 - 2018-01-05 00:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-04-11 03:17 - 2017-04-11 03:17 - 000192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2015-01-04 19:54 - 2013-05-14 10:50 - 000140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2019-01-09 10:28 - 2018-05-14 17:58 - 000614400 _____ () C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe
2014-10-23 20:19 - 2018-09-10 15:12 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2019-01-15 01:28 - 2019-01-15 01:28 - 001042744 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2018-01-05 00:14 - 2018-01-05 00:14 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2019-01-15 01:28 - 2019-01-15 01:28 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2017-05-17 17:36 - 2014-08-06 03:37 - 001203856 _____ () C:\Program Files (x86)\MediatekWiFi\Common\RaWLAPI.dll
2019-01-09 10:28 - 2018-06-15 09:11 - 000057344 _____ () C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\lan.dll
2019-01-09 10:28 - 2018-05-05 17:26 - 000040960 _____ () C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\KBHook.dll
2015-06-02 14:51 - 2015-06-02 14:51 - 000545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\samsungsetup.com -> hxxp://www.samsungsetup.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2019-02-06 10:52 - 000000053 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\VDownloader
HKU\S-1-5-21-437069544-115546471-2938306295-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\m\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 178.17.0.11 - 178.17.0.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Firefox Preloader.lnk => C:\Windows\pss\Firefox Preloader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Soundcraft USB Audio Control Panel Autostart.lnk => C:\Windows\pss\Soundcraft USB Audio Control Panel Autostart.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Soundcraft USB Control Panel.lnk => C:\Windows\pss\Soundcraft USB Control Panel.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^m^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk => C:\Windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk.Startup
MSCONFIG\startupreg: AvgUi => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
MSCONFIG\startupreg: BlazeServoTool => "C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe"
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MSCONFIG\startupreg: icq.desktop => "C:\Users\m\AppData\Roaming\ICQ\bin\icq.exe" /startup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1445AB92-FC2D-4D9A-B4B8-4B0F690A836F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B7735037-14F6-4CC4-BC1A-40E93C847C17}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D3518227-15BA-4E13-AA38-31BD481FFF72}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{47FFF7A7-F96B-4E49-9BBB-CF96369C5DB0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{E88AE31C-5FE0-4E92-BCD8-6299B913EA52}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{206325AE-8C1E-48E2-B6EF-F3A4C13FC7B0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D0AA8663-AA6E-4E92-A593-F80760D7033A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{957F6428-E58A-472D-BF64-7ABFB3117530}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FAF6C809-9CDA-4CDC-AC27-00958FB26445}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2969165D-0CEA-483E-B95B-36F3EE83DCD7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{F925D4D7-4FB9-470F-B561-30D4C27084EE}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe (chen jun hao -> Picosmos)
FirewallRules: [UDP Query User{DF37F468-0F30-4483-AD8A-EBF3298C0E1B}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe (chen jun hao -> Picosmos)
FirewallRules: [TCP Query User{DC6D1239-988B-48B1-A6D8-5E4451BB67DE}C:\program files (x86)\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\formatfactory\formatfactory.exe (chen jun hao -> Free Time)
FirewallRules: [UDP Query User{8784F955-8CF5-4600-8911-E98C31689AF3}C:\program files (x86)\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\formatfactory\formatfactory.exe (chen jun hao -> Free Time)
FirewallRules: [{2C28C83C-CE44-42B9-BE86-FCE7BFD36AF3}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{5842C6AB-DC34-4CD7-9DB2-5F1C39E8207C}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{F1152C46-4681-49D8-940D-FD558204923A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{7B2AD1CA-231F-4BFC-BF47-DDBF5A0B07C0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{3BB0E174-CE0C-4934-B89C-826298115763}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{CA1623C8-6835-4127-A9ED-71F213912254}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{E2C9C1C5-005D-4D45-B1AC-1874205DCC6B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{255820FD-7323-4746-994D-ADE21D827566}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{4F8AF6C3-30FE-4B47-8668-ECCB7164BA6A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe (CryptCATAdminCalcHashFromFileHandle failed to return cbHash, #2 -> Samsung Electronics Co., Ltd.)
FirewallRules: [{C1AE4854-1F07-4FB5-B5B1-612F4495D0D5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe (CryptCATAdminCalcHashFromFileHandle failed to return cbHash, #2 -> Samsung Electronics Co., Ltd.)
FirewallRules: [{89885AB9-CF7F-430E-82C6-52B0592A8550}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{F0ABDE51-B6D7-41D8-B120-7CB58E2EF63D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{766E061C-A817-44D3-9B35-723D42ACB92A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe (Samsung Electronics CO., LTD. -> ScanProcess)
FirewallRules: [{5C34C3B6-A77A-4229-8331-332D9A491609}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe (Samsung Electronics CO., LTD. -> ScanProcess)
FirewallRules: [{69569208-7DBF-453C-9995-454C45468075}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe (Samsung Electronics CO., LTD. -> Scan2PCNotify)
FirewallRules: [{23879F8F-C9F2-4EC0-AE7C-1616030A7DE2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe (Samsung Electronics CO., LTD. -> Scan2PCNotify)
FirewallRules: [{DE3E7CFE-E1BF-4A95-B2EB-DF8142344201}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{FE1A7505-155B-450F-8EA0-E96C14AAA5A2}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{5D9B9FA3-7AD0-4229-8BE6-48C8E5CB7BF6}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe ()
FirewallRules: [UDP Query User{1ED373B2-C8AF-40B9-B6E4-31FC4A6CDF43}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe ()
FirewallRules: [TCP Query User{4CB14BCD-F281-40DB-8244-27252D716E16}C:\program files (x86)\ipcamerasearchtool\searchtool.exe] => (Allow) C:\program files (x86)\ipcamerasearchtool\searchtool.exe ()
FirewallRules: [UDP Query User{BFEB0B56-1E32-4ABA-AFD9-C4F9DE4DAAC5}C:\program files (x86)\ipcamerasearchtool\searchtool.exe] => (Allow) C:\program files (x86)\ipcamerasearchtool\searchtool.exe ()
FirewallRules: [{9763EE5A-4224-4C22-8580-019A896BD084}] => (Block) C:\program files (x86)\ipcamerasearchtool\searchtool.exe ()
FirewallRules: [{482391F7-5765-4453-A227-E962EAA3775E}] => (Block) C:\program files (x86)\ipcamerasearchtool\searchtool.exe ()
FirewallRules: [{E9CB7E75-A617-4692-A21A-EEB3D262C24E}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (Softdeluxe Ltd. -> FreeDownloadManager.org)
FirewallRules: [{979B30FB-1233-4A70-B73E-4D06E4267750}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (Softdeluxe Ltd. -> FreeDownloadManager.org)
FirewallRules: [{FF7F1723-77C8-4EAD-8F57-D5AC57A5B862}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe (Ralink)
FirewallRules: [{C90EE39F-A3A7-45A2-8BCB-AE5DDCE6EC43}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe (Ralink)
FirewallRules: [{DB8965D5-20DE-4C07-8B5E-CBDAAC621692}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe (MEDIATEK INC. -> Mediatek Inc.)
FirewallRules: [TCP Query User{C462EB39-23FE-453F-93E4-EE1F68AFF93B}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{9C96CCC4-DA6F-4B64-A52E-C237FF178C63}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [TCP Query User{8758BCD8-75E3-4363-A89A-497F572C0A70}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{B1C0C7DC-5BB5-4966-9116-01E16198D1A0}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [{5C51827B-E6BE-46A9-9178-81B3F4C585CD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B0DBC307-3A18-4667-930E-962FE47E6B43}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{CFD45019-6B43-416F-A72B-53BD0257AE48}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C3F7E535-E896-4554-AD9A-32B4D49D5BAC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{CA08D84A-C7AE-4A3D-85A6-6E9A2555341D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F738F4B4-DD69-4F32-9FE6-83A00DC14AF5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F2FDE267-D526-4B44-AAFD-9C4BC8DE7BD4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{365C2984-9886-4DCE-84E8-DD0C25052502}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [UDP Query User{4B0C1C79-A5E7-4C91-83DA-F90EF6B5DFF6}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F037DB64-4874-4CD8-BCD9-DE01D6532CF8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{AF1C28C7-07F0-4635-A10A-F591363C6605}] => (Allow) c:\program files (x86)\opera\57.0.3098.106\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{C732C861-AA83-4321-87F3-376FBE461D61}] => (Allow) c:\program files (x86)\opera\57.0.3098.116\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{AB646575-766D-43DB-8D9F-6E84602A80F3}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{67B189C0-45C8-46F8-8C08-E17BA5471F2F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{A6746D53-8E30-4A4B-9708-94961D52283F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{B7F5A355-6827-4160-8C60-FAC4C100C774}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1E09FC95-4BBB-40CD-8CD0-DF2640BBB68E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{821B8B2D-DF90-49BB-BA29-F741FE5CA62A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
26-12-2018 10:22:03 Naplánovaný kontrolní bod
04-01-2019 20:55:27 Naplánovaný kontrolní bod
11-01-2019 09:16:28 Installed Rapport
21-01-2019 09:34:10 Naplánovaný kontrolní bod
28-01-2019 10:59:27 Naplánovaný kontrolní bod
05-02-2019 09:24:41 Naplánovaný kontrolní bod
06-02-2019 13:30:12 Restore Point Created by FRST
06-02-2019 14:07:05 Restore Point Created by FRST
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/06/2019 03:31:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/06/2019 03:27:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/06/2019 02:59:56 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2019 02:18:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/06/2019 02:07:04 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {2cc58155-6a4a-4827-87ca-1a7f6e2d07e8}
Error: (02/06/2019 02:03:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/06/2019 01:59:54 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2019 01:37:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (02/06/2019 03:32:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/06/2019 03:31:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Spybot-S&D 2 Scanner Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/06/2019 03:31:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Spybot-S&D 2 Scanner Service bylo dosaženo časového limitu (30000 ms).
Error: (02/06/2019 03:31:35 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 70. Stav interní chyby: 105
Error: (02/06/2019 03:29:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Error: (02/06/2019 03:29:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Error: (02/06/2019 03:29:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Error: (02/06/2019 03:29:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Windows Defender:
===================================
Date: 2015-11-27 02:55:34.420
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\ProgramData\eWMiniProe\WMiniPro.exe;folder:C:\Users\m\AppData\Roaming\istartsurf\;process:pid:1036,ProcessStart:130930626677479684;service:WdsManPro
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:
Date: 2015-11-25 16:19:33.708
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\ProgramData\eWMiniProe\WMiniPro.exe;folder:C:\Users\m\AppData\Roaming\istartsurf\;process:pid:1800,ProcessStart:130929380506725339;service:WdsManPro
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:
Date: 2015-11-24 09:34:35.982
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\ProgramData\eWMiniProe\WMiniPro.exe;process:pid:1988,ProcessStart:130918761752753436
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe
Date: 2015-08-21 08:10:44.237
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files (x86)\MiuiTab\BrowerWatchCH.dll;file:C:\Program Files (x86)\MiuiTab\BrowerWatchFF.dll;file:C:\Program Files (x86)\MiuiTab\BrowserAction.dll;file:C:\Program Files (x86)\MiuiTab\conf;file:C:\Program Files (x86)\MiuiTab\defsearchp@gmail.com!1.0.0.1039.xpi;file:C:\Program Files (x86)\MiuiTab\ffsearch_toolbar!1.0.0.1031.xpi;file:C:\Program Files (x86)\MiuiTab\IeWatchDog.dll;file:C:\Program Files (x86)\MiuiTab\install.data;file:C:\Program Files (x86)\MiuiTab\msvcp110.dll;file:C:\Program Files (x86)\MiuiTab\msvcr110.dll;file:C:\Program Files (x86)\MiuiTab\searchProvider.xml;file:C:\Program Files (x86)\MiuiTab\skin\about.png;file:C:\Program Files (x86)\MiuiTab\skin\about_bk.png;file:C:\Program Files (x86)\MiuiTab\skin\btn.png;file:C:\Program Files (x86)\MiuiTab\skin\btn_apply.png;file:C:\Program Files (x86)\MiuiTab\skin\close.png;file:C:\Program Files (x86)\MiuiTab\skin\conf.xml;file:C:\Program Files (x86)\MiuiTab\skin\conf_back.png;file:C:\Program Files (x86)\MiuiTab\skin\input_bk.png;file:C:\
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe
Date: 2015-08-21 08:04:21.468
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\ProgramData\nWinManPron\ProtectWindowsManager.exe;process:pid:1436,ProcessStart:130845279859304763
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe
Date: 2015-04-22 12:57:49.182
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
CodeIntegrity:
===================================
Date: 2016-12-27 18:27:08.665
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-27 18:27:08.579
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-27 18:26:22.818
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-24 10:45:08.586
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
Date: 2015-10-24 10:45:08.506
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
Date: 2015-10-24 10:45:08.426
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
Date: 2015-10-21 20:32:02.312
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
Date: 2015-10-21 20:32:02.247
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 49%
Total physical RAM: 8010.36 MB
Available physical RAM: 4006.34 MB
Total Virtual: 16018.88 MB
Available Virtual: 11865.71 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:261.75 GB) NTFS
\\?\Volume{de627543-639c-11e4-b131-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F63ECFB0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by m (06-02-2019 15:41:13)
Running from C:\Users\m\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-11-03 21:10:04)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-437069544-115546471-2938306295-500 - Administrator - Disabled)
Guest (S-1-5-21-437069544-115546471-2938306295-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-437069544-115546471-2938306295-1003 - Limited - Enabled)
m (S-1-5-21-437069544-115546471-2938306295-1000 - Administrator - Enabled) => C:\Users\m
UpdatusUser (S-1-5-21-437069544-115546471-2938306295-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 17.00 beta (x64) (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov)
Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{CB320215-F4BD-40FD-A209-62B131DA1B82}) (Version: 99.9 - Eyeo GmbH)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Arta Software version 1.8.5 (HKLM-x32\...\ArtaSoftware_is1) (Version: - ARTALABS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 71.0.1037.98 - Autoři prohlížeče Avast Secure Browser)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Bandizip (HKLM\...\Bandizip) (Version: 6.10 - Bandisoft.com)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.7.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG5500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series) (Version: 1.02 - Canon Inc.)
Canon MG5500 series On-screen Manual (HKLM-x32\...\Canon MG5500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - )
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.4.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5666 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DVB Dream version 1.5e (HKLM-x32\...\DVB Dream_is1) (Version: - )
DVD43 v4.6.0 (HKLM-x32\...\DVD43_is1) (Version: - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ETDWare PS/2-X64 10.6.9.9_WHQL (HKLM\...\Elantech) (Version: 10.6.9.9 - ELAN Microelectronic Corp.)
Firefox Preloader (HKLM-x32\...\Firefox Preloader_is1) (Version: 1.0.366.0 - 6XGate Incorporated)
FormatFactory 3.7.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.7.0.0 - Format Factory)
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: - FreeDownloadManager.ORG)
Free MP3 Recorder 1.0 (HKLM-x32\...\{AE84E7FF-4DEC-48EC-BBA9-9A808E48DF8E}_is1) (Version: 1.0 - WordAddin Studio)
Freemore MP3 Cutter 3.8.1 (HKLM-x32\...\Freemore MP3 Cutter_is1) (Version: - FreeMoreSoft, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HOLMImpulse (HKLM\...\{97D1B7D2-4428-4B1A-B676-1C4AC877EC5B}) (Version: 01.04.0200 - HOLM Acoustics)
CHIRP (HKLM-x32\...\CHIRP) (Version: - )
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
ICQ (verze 10.0.12114) (HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\icq.desktop) (Version: 10.0.12114 - ICQ)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2669 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
IPCameraSearchTool version 1.0.0.2 (HKLM-x32\...\{4EABBC6B-B00B-41E1-AA7E-88925CDA6BDE}_is1) (Version: 1.0.0.2 - NEO)
iTunes (HKLM\...\{8C125166-94A1-4721-84CC-C9739E6EA8A7}) (Version: 12.9.3.3 - Apple Inc.)
iTV - televizní program 1.7.756 (HKLM-x32\...\iTV - televizní program_is1) (Version: - Milan Vyšata)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
JPEG Resampler Vs 5.99.99 (HKLM-x32\...\JPEG Resampler_is1) (Version: - David Macek)
KiCad 4.0.5 (HKLM-x32\...\KiCad) (Version: 4.0.5 - KiCad)
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.132 - PandoraTV)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.13 - Acer Inc.)
Lexicon Alpha Driver (HKLM\...\{AAFA253A-08A9-46A8-AB30-B4C26E578424}) (Version: 2.6 - Lexicon) Hidden
Lexicon Alpha Driver (HKLM-x32\...\Lexicon Alpha Driver) (Version: - Lexicon)
Lexicon Pantheon VST Plug-in (remove only) (HKLM-x32\...\LexiconStudio) (Version: - )
Mediatek RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.38.101 - MediatekWiFi)
MediaTek SP Driver version 5.15.24.04 (HKLM\...\MediaTek SP Driver_is1) (Version: 5.15.24.04 - MediaTek.Inc.)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2010 pro podnikatele (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 65.0 (x64 cs) (HKLM\...\Mozilla Firefox 65.0 (x64 cs)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0 - Mozilla)
MP3 Speed Changer 3.01 (HKLM-x32\...\MP3SpeedChanger_is1) (Version: - Crazy Boomerang Software)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multi-channel USB Audio v3.20.0 (HKLM-x32\...\Software_Soundcraft_SoundcraftUSBAudio_Setup) (Version: 3.20.0 - Soundcraft)
Nero InCD (HKLM\...\{59482AA7-3E30-4B5E-A52F-4101DACC2707}) (Version: 6.6.5100 - Nero AG)
Nokia Care Suite 5.0 (HKLM-x32\...\{A0841FEE-879B-4825-86AE-90B8A44021F8}) (Version: 2012.40.5.8 - Nokia)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
NVIDIA Ovladače grafiky 311.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.30 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1930.243 - Trusteer)
Opera Stable 38.0.2220.31 (HKLM-x32\...\Opera 38.0.2220.31) (Version: 38.0.2220.31 - Opera Software)
Opera Stable 57.0.3098.116 (HKLM-x32\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software)
Ovládací panel NVIDIA 311.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 311.30 - NVIDIA Corporation) Hidden
P2P BLOW PC (HKLM-x32\...\{40EF2025-5FDE-4033-AE73-942CBBC2BAFE}) (Version: 3.0.2.6 - hi)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.9.0 - Prolific Technology INC)
PL-2303 Vista Driver Installer (HKLM-x32\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.2.0.0 - Prolific)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1930.243 - Trusteer) Hidden
REAPER (x64) (HKLM\...\REAPER) (Version: - )
Registrace uživatele zařízení Canon MG5500 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG5500 series) (Version: - Canon Inc.)
Room EQ Wizard 5.16 (HKLM-x32\...\4549-9647-2313-4375) (Version: 5.16 - John Mulcahy)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.45.00(23.5.2014) - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.01.00:36 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
SFM 4 B2 Mouse Driver (HKLM-x32\...\{865865F2-6748-4710-99DC-5248204D8FD4}_is1) (Version: 1.0 - )
Skype verze 8.38 (HKLM-x32\...\Skype_is1) (Version: 8.38 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
Software Informer 1.4.1273.0 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
SpeakerManagement V1.3 (HKLM-x32\...\SpeakerManagement V1.3) (Version: - )
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.0.13880 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
UC232A_Win 7_64bit (HKLM-x32\...\{437BDACD-9584-4A01-A814-27EA01B452A6}) (Version: 1.0.082 - Aten International Co., Ltd.)
UV_5R_VIP (HKLM-x32\...\ST6UNST #2) (Version: - )
VDownloader 4.1.1539 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
VirtualDJ LE (N4) (HKLM-x32\...\{70D728E5-253A-4296-8D1E-F37DADA6F3F5}) (Version: 7.0.5 - Atomix Productions)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VUPlayer (HKLM-x32\...\VUPlayer) (Version: - )
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 8.40 - NCH Software)
web control version 3.0.4.0 (HKLM-x32\...\{3D8D219C-0362-457F-B847-2FC07C2BE520}_is1) (Version: 3.0.4.0 - )
WhatsApp (HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\WhatsApp) (Version: 0.2.5371 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (01/27/2014 2.10.00) (HKLM\...\A360E2EA788FFC586113AFE1F2AABF01EBE7A248) (Version: 01/27/2014 2.10.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (01/27/2014 2.10.00) (HKLM\...\42F5D8399C4B7EB9005D88E9045ABB1A715CD59A) (Version: 01/27/2014 2.10.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Wings 3D 2.1.5 (HKLM-x32\...\Wings 3D 2.1.5) (Version: - )
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinZip 21.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410F}) (Version: 21.5.12480 - WinZip Computing, S.L. )
wOBD (HKLM-x32\...\ST6UNST #1) (Version: - )
Yamaha USB-MIDI Driver (HKLM\...\{2D488455-3E89-49EF-BA6E-92C2503DC89D}) (Version: 3.1.4.1 - Yamaha Corporation) Hidden
Yamaha USB-MIDI Driver (HKLM-x32\...\InstallShield_{2D488455-3E89-49EF-BA6E-92C2503DC89D}) (Version: 3.1.4.1 - Yamaha Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-437069544-115546471-2938306295-1000_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl64.dll (Bandisoft -> Bandisoft.com)
CustomCLSID: HKU\S-1-5-21-437069544-115546471-2938306295-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers1: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers1: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => -> No File
ContextMenuHandlers1-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers1-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-19] (Corel Corporation -> WinZip Computing, S.L.)
ContextMenuHandlers2: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers2: [InCDShellExt] -> {09bffb91-ecda-4149-bcfd-d87a345c219e} => C:\Program Files\Nero\Tools\InCD\InCDshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers2-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers4: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers4-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers4-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-19] (Corel Corporation -> WinZip Computing, S.L.)
ContextMenuHandlers5: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-02-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG -> Nero AG)
ContextMenuHandlers6-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-19] (Corel Corporation -> WinZip Computing, S.L.)
ContextMenuHandlers1_S-1-5-21-437069544-115546471-2938306295-1000: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers2_S-1-5-21-437069544-115546471-2938306295-1000: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers4_S-1-5-21-437069544-115546471-2938306295-1000: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers5_S-1-5-21-437069544-115546471-2938306295-1000: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2017-10-21] (Bandisoft -> Bandisoft.com)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0C51C327-9E18-481E-8194-45FC00B1F650} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {0C996BD2-9C49-4A0F-B792-4E50A1F8D30A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {11ADFA52-B4FB-4F70-A387-BAC8CD635106} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {15819AD5-E153-4F8D-AB3F-D043A95E8890} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
Task: {564A30B6-AB9B-47AE-8A60-9C553EB8A1F5} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {5A1F9590-A9BF-4081-8A48-91C09BC9AE91} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd -> Piriform Ltd)
Task: {5BC44BC8-277D-4534-A828-EC6BA64EE5B8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {92C2D418-D10A-4430-B362-208E4FEC92E2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A8C24962-0FF0-45FD-8362-252A11C00111} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {AF3B488E-FDBD-4777-88DD-4CD66D915A08} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2015-03-30] (Informer Technologies, Inc.)
Task: {B00FE2D2-28D4-4E0C-B79F-386DE6BC8099} - System32\Tasks\Opera scheduled Autoupdate 1415390993 => c:\program files (x86)\opera\launcher.exe [2019-01-09] (Opera Software AS -> Opera Software)
Task: {B4A9E5E5-C44F-4152-BD47-DE26A615A8AD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {B832EFFE-E7E7-434B-A0D3-6345A9D1EC98} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C057EADB-886A-4CF5-978A-CC5D496CED3D} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {CC4A4CC9-B09D-4644-9389-E6F4DC92729E} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2017-04-19] (WinZip)
Task: {E36B06F1-CC42-4603-99EB-2613FA943AF9} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2019-01-15] (Apple Inc. -> Apple Inc.)
Task: {F1752DA7-A09C-40AC-AE21-55E19174BA32} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com
Shortcut: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com
ShortcutWithArgument: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\m\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
==================== Loaded Modules (Whitelisted) ==============
2014-11-04 21:23 - 2013-02-20 20:24 - 000087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2019-01-17 09:23 - 2019-01-17 09:23 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-02-06 08:53 - 2019-02-06 08:53 - 006953616 _____ () C:\Program Files\AVAST Software\Avast\defs\19020506\algo64.dll
2019-01-17 09:23 - 2019-01-17 09:23 - 000550792 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2019-01-17 09:24 - 2019-01-17 09:24 - 001175944 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2019-01-17 09:23 - 2019-01-17 09:23 - 001967496 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2015-11-25 13:20 - 2011-04-11 06:26 - 000034304 _____ () C:\Windows\System32\spd__l.dll
2012-02-28 09:07 - 2012-02-28 09:07 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2019-01-17 09:24 - 2019-01-17 09:24 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-15 01:27 - 2019-01-15 01:27 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-01-05 00:14 - 2018-01-05 00:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-04-11 03:17 - 2017-04-11 03:17 - 000192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2015-01-04 19:54 - 2013-05-14 10:50 - 000140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2019-01-09 10:28 - 2018-05-14 17:58 - 000614400 _____ () C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe
2014-10-23 20:19 - 2018-09-10 15:12 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2019-01-15 01:28 - 2019-01-15 01:28 - 001042744 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2018-01-05 00:14 - 2018-01-05 00:14 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2019-01-15 01:28 - 2019-01-15 01:28 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2017-05-17 17:36 - 2014-08-06 03:37 - 001203856 _____ () C:\Program Files (x86)\MediatekWiFi\Common\RaWLAPI.dll
2019-01-09 10:28 - 2018-06-15 09:11 - 000057344 _____ () C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\lan.dll
2019-01-09 10:28 - 2018-05-05 17:26 - 000040960 _____ () C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\KBHook.dll
2015-06-02 14:51 - 2015-06-02 14:51 - 000545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\samsungsetup.com -> hxxp://www.samsungsetup.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2019-02-06 10:52 - 000000053 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\VDownloader
HKU\S-1-5-21-437069544-115546471-2938306295-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\m\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 178.17.0.11 - 178.17.0.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Firefox Preloader.lnk => C:\Windows\pss\Firefox Preloader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Soundcraft USB Audio Control Panel Autostart.lnk => C:\Windows\pss\Soundcraft USB Audio Control Panel Autostart.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Soundcraft USB Control Panel.lnk => C:\Windows\pss\Soundcraft USB Control Panel.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^m^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk => C:\Windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk.Startup
MSCONFIG\startupreg: AvgUi => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
MSCONFIG\startupreg: BlazeServoTool => "C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe"
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MSCONFIG\startupreg: icq.desktop => "C:\Users\m\AppData\Roaming\ICQ\bin\icq.exe" /startup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1445AB92-FC2D-4D9A-B4B8-4B0F690A836F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B7735037-14F6-4CC4-BC1A-40E93C847C17}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D3518227-15BA-4E13-AA38-31BD481FFF72}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{47FFF7A7-F96B-4E49-9BBB-CF96369C5DB0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{E88AE31C-5FE0-4E92-BCD8-6299B913EA52}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{206325AE-8C1E-48E2-B6EF-F3A4C13FC7B0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D0AA8663-AA6E-4E92-A593-F80760D7033A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{957F6428-E58A-472D-BF64-7ABFB3117530}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FAF6C809-9CDA-4CDC-AC27-00958FB26445}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2969165D-0CEA-483E-B95B-36F3EE83DCD7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{F925D4D7-4FB9-470F-B561-30D4C27084EE}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe (chen jun hao -> Picosmos)
FirewallRules: [UDP Query User{DF37F468-0F30-4483-AD8A-EBF3298C0E1B}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe (chen jun hao -> Picosmos)
FirewallRules: [TCP Query User{DC6D1239-988B-48B1-A6D8-5E4451BB67DE}C:\program files (x86)\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\formatfactory\formatfactory.exe (chen jun hao -> Free Time)
FirewallRules: [UDP Query User{8784F955-8CF5-4600-8911-E98C31689AF3}C:\program files (x86)\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\formatfactory\formatfactory.exe (chen jun hao -> Free Time)
FirewallRules: [{2C28C83C-CE44-42B9-BE86-FCE7BFD36AF3}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{5842C6AB-DC34-4CD7-9DB2-5F1C39E8207C}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{F1152C46-4681-49D8-940D-FD558204923A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{7B2AD1CA-231F-4BFC-BF47-DDBF5A0B07C0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{3BB0E174-CE0C-4934-B89C-826298115763}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{CA1623C8-6835-4127-A9ED-71F213912254}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{E2C9C1C5-005D-4D45-B1AC-1874205DCC6B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{255820FD-7323-4746-994D-ADE21D827566}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{4F8AF6C3-30FE-4B47-8668-ECCB7164BA6A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe (CryptCATAdminCalcHashFromFileHandle failed to return cbHash, #2 -> Samsung Electronics Co., Ltd.)
FirewallRules: [{C1AE4854-1F07-4FB5-B5B1-612F4495D0D5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe (CryptCATAdminCalcHashFromFileHandle failed to return cbHash, #2 -> Samsung Electronics Co., Ltd.)
FirewallRules: [{89885AB9-CF7F-430E-82C6-52B0592A8550}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{F0ABDE51-B6D7-41D8-B120-7CB58E2EF63D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{766E061C-A817-44D3-9B35-723D42ACB92A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe (Samsung Electronics CO., LTD. -> ScanProcess)
FirewallRules: [{5C34C3B6-A77A-4229-8331-332D9A491609}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe (Samsung Electronics CO., LTD. -> ScanProcess)
FirewallRules: [{69569208-7DBF-453C-9995-454C45468075}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe (Samsung Electronics CO., LTD. -> Scan2PCNotify)
FirewallRules: [{23879F8F-C9F2-4EC0-AE7C-1616030A7DE2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe (Samsung Electronics CO., LTD. -> Scan2PCNotify)
FirewallRules: [{DE3E7CFE-E1BF-4A95-B2EB-DF8142344201}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{FE1A7505-155B-450F-8EA0-E96C14AAA5A2}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{5D9B9FA3-7AD0-4229-8BE6-48C8E5CB7BF6}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe ()
FirewallRules: [UDP Query User{1ED373B2-C8AF-40B9-B6E4-31FC4A6CDF43}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe ()
FirewallRules: [TCP Query User{4CB14BCD-F281-40DB-8244-27252D716E16}C:\program files (x86)\ipcamerasearchtool\searchtool.exe] => (Allow) C:\program files (x86)\ipcamerasearchtool\searchtool.exe ()
FirewallRules: [UDP Query User{BFEB0B56-1E32-4ABA-AFD9-C4F9DE4DAAC5}C:\program files (x86)\ipcamerasearchtool\searchtool.exe] => (Allow) C:\program files (x86)\ipcamerasearchtool\searchtool.exe ()
FirewallRules: [{9763EE5A-4224-4C22-8580-019A896BD084}] => (Block) C:\program files (x86)\ipcamerasearchtool\searchtool.exe ()
FirewallRules: [{482391F7-5765-4453-A227-E962EAA3775E}] => (Block) C:\program files (x86)\ipcamerasearchtool\searchtool.exe ()
FirewallRules: [{E9CB7E75-A617-4692-A21A-EEB3D262C24E}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (Softdeluxe Ltd. -> FreeDownloadManager.org)
FirewallRules: [{979B30FB-1233-4A70-B73E-4D06E4267750}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (Softdeluxe Ltd. -> FreeDownloadManager.org)
FirewallRules: [{FF7F1723-77C8-4EAD-8F57-D5AC57A5B862}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe (Ralink)
FirewallRules: [{C90EE39F-A3A7-45A2-8BCB-AE5DDCE6EC43}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe (Ralink)
FirewallRules: [{DB8965D5-20DE-4C07-8B5E-CBDAAC621692}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe (MEDIATEK INC. -> Mediatek Inc.)
FirewallRules: [TCP Query User{C462EB39-23FE-453F-93E4-EE1F68AFF93B}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{9C96CCC4-DA6F-4B64-A52E-C237FF178C63}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [TCP Query User{8758BCD8-75E3-4363-A89A-497F572C0A70}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{B1C0C7DC-5BB5-4966-9116-01E16198D1A0}C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\solarpower1.07\jre\bin\javaw.exe (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FirewallRules: [{5C51827B-E6BE-46A9-9178-81B3F4C585CD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B0DBC307-3A18-4667-930E-962FE47E6B43}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{CFD45019-6B43-416F-A72B-53BD0257AE48}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C3F7E535-E896-4554-AD9A-32B4D49D5BAC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{CA08D84A-C7AE-4A3D-85A6-6E9A2555341D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F738F4B4-DD69-4F32-9FE6-83A00DC14AF5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F2FDE267-D526-4B44-AAFD-9C4BC8DE7BD4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{365C2984-9886-4DCE-84E8-DD0C25052502}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [UDP Query User{4B0C1C79-A5E7-4C91-83DA-F90EF6B5DFF6}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F037DB64-4874-4CD8-BCD9-DE01D6532CF8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{AF1C28C7-07F0-4635-A10A-F591363C6605}] => (Allow) c:\program files (x86)\opera\57.0.3098.106\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{C732C861-AA83-4321-87F3-376FBE461D61}] => (Allow) c:\program files (x86)\opera\57.0.3098.116\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{AB646575-766D-43DB-8D9F-6E84602A80F3}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{67B189C0-45C8-46F8-8C08-E17BA5471F2F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{A6746D53-8E30-4A4B-9708-94961D52283F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{B7F5A355-6827-4160-8C60-FAC4C100C774}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1E09FC95-4BBB-40CD-8CD0-DF2640BBB68E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{821B8B2D-DF90-49BB-BA29-F741FE5CA62A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
26-12-2018 10:22:03 Naplánovaný kontrolní bod
04-01-2019 20:55:27 Naplánovaný kontrolní bod
11-01-2019 09:16:28 Installed Rapport
21-01-2019 09:34:10 Naplánovaný kontrolní bod
28-01-2019 10:59:27 Naplánovaný kontrolní bod
05-02-2019 09:24:41 Naplánovaný kontrolní bod
06-02-2019 13:30:12 Restore Point Created by FRST
06-02-2019 14:07:05 Restore Point Created by FRST
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/06/2019 03:31:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/06/2019 03:27:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/06/2019 02:59:56 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2019 02:18:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/06/2019 02:07:04 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {2cc58155-6a4a-4827-87ca-1a7f6e2d07e8}
Error: (02/06/2019 02:03:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/06/2019 01:59:54 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2019 01:37:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (02/06/2019 03:32:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/06/2019 03:31:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Spybot-S&D 2 Scanner Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/06/2019 03:31:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Spybot-S&D 2 Scanner Service bylo dosaženo časového limitu (30000 ms).
Error: (02/06/2019 03:31:35 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 70. Stav interní chyby: 105
Error: (02/06/2019 03:29:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Error: (02/06/2019 03:29:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Error: (02/06/2019 03:29:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Error: (02/06/2019 03:29:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Windows Defender:
===================================
Date: 2015-11-27 02:55:34.420
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\ProgramData\eWMiniProe\WMiniPro.exe;folder:C:\Users\m\AppData\Roaming\istartsurf\;process:pid:1036,ProcessStart:130930626677479684;service:WdsManPro
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:
Date: 2015-11-25 16:19:33.708
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\ProgramData\eWMiniProe\WMiniPro.exe;folder:C:\Users\m\AppData\Roaming\istartsurf\;process:pid:1800,ProcessStart:130929380506725339;service:WdsManPro
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:
Date: 2015-11-24 09:34:35.982
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\ProgramData\eWMiniProe\WMiniPro.exe;process:pid:1988,ProcessStart:130918761752753436
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe
Date: 2015-08-21 08:10:44.237
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files (x86)\MiuiTab\BrowerWatchCH.dll;file:C:\Program Files (x86)\MiuiTab\BrowerWatchFF.dll;file:C:\Program Files (x86)\MiuiTab\BrowserAction.dll;file:C:\Program Files (x86)\MiuiTab\conf;file:C:\Program Files (x86)\MiuiTab\defsearchp@gmail.com!1.0.0.1039.xpi;file:C:\Program Files (x86)\MiuiTab\ffsearch_toolbar!1.0.0.1031.xpi;file:C:\Program Files (x86)\MiuiTab\IeWatchDog.dll;file:C:\Program Files (x86)\MiuiTab\install.data;file:C:\Program Files (x86)\MiuiTab\msvcp110.dll;file:C:\Program Files (x86)\MiuiTab\msvcr110.dll;file:C:\Program Files (x86)\MiuiTab\searchProvider.xml;file:C:\Program Files (x86)\MiuiTab\skin\about.png;file:C:\Program Files (x86)\MiuiTab\skin\about_bk.png;file:C:\Program Files (x86)\MiuiTab\skin\btn.png;file:C:\Program Files (x86)\MiuiTab\skin\btn_apply.png;file:C:\Program Files (x86)\MiuiTab\skin\close.png;file:C:\Program Files (x86)\MiuiTab\skin\conf.xml;file:C:\Program Files (x86)\MiuiTab\skin\conf_back.png;file:C:\Program Files (x86)\MiuiTab\skin\input_bk.png;file:C:\
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe
Date: 2015-08-21 08:04:21.468
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
ID:214126
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\ProgramData\nWinManPron\ProtectWindowsManager.exe;process:pid:1436,ProcessStart:130845279859304763
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe
Date: 2015-04-22 12:57:49.182
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
CodeIntegrity:
===================================
Date: 2016-12-27 18:27:08.665
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-27 18:27:08.579
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-27 18:26:22.818
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-24 10:45:08.586
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
Date: 2015-10-24 10:45:08.506
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
Date: 2015-10-24 10:45:08.426
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
Date: 2015-10-21 20:32:02.312
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
Date: 2015-10-21 20:32:02.247
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 49%
Total physical RAM: 8010.36 MB
Available physical RAM: 4006.34 MB
Total Virtual: 16018.88 MB
Available Virtual: 11865.71 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:261.75 GB) NTFS
\\?\Volume{de627543-639c-11e4-b131-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F63ECFB0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout
Nedavajte sem logy uz mam v tom chaos. robte co vam poviem a logy sem davajte naraz, nie pojednom.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout
tak ještě druhý Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 4.02.2019
Ran by m (administrator) on M-PC (06-02-2019 15:39:28)
Running from C:\Users\m\Desktop
Loaded Profiles: m & UpdatusUser (Available Profiles: m & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Nero AG) C:\Program Files (x86)\Nero\Tools\InCD\InCDSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe
(Nero AG) C:\Program Files (x86)\Nero\Tools\InCD\NBHRegInCDSrv.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\m\Desktop\FRST64(2).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [1878016 2017-04-19] (WinZip)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1106512 2012-03-02] (Dritek System Inc. -> Dritek System Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [dvd43] => C:\Program Files (x86)\dvd43\dvd43_tray.exe [827904 2009-10-23] ()
HKLM-x32\...\Run: [SFM 4 B2 Mouse Driver] => C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe [614400 2018-05-14] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10431176 2017-01-20] (Softdeluxe Ltd. -> FreeDownloadManager.org)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\MountPoints2: {5903b727-1677-11e5-9201-68942328a459} - F:\laucher.exe
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\MountPoints2: {ea5a313e-4ed1-11e7-a479-68942328a45a} - F:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-18] (Google Inc -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\Installer\chrmstp.exe [2019-01-16] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-02-20] (NVIDIA CORPORATION -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-02-20] (NVIDIA CORPORATION -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mediatek Wireless Utility.lnk [2017-05-17]
ShortcutTarget: Mediatek Wireless Utility.lnk -> C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe (Mediatek Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SPDriverInstall.lnk [2016-09-17]
ShortcutTarget: SPDriverInstall.lnk -> C:\Program Files\MediaTek\SP Driver\SPDriverInstall (No File)
Startup: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2017-07-25]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction ? <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Tcpip\Parameters: [DhcpNameServer] 178.17.0.11 178.17.0.12
Tcpip\..\Interfaces\{464C6660-F1BE-4595-B543-DE14D7A085CE}: [DhcpNameServer] 109.205.75.22
Tcpip\..\Interfaces\{6F01AEF7-0D77-47A4-B029-C65780083693}: [DhcpNameServer] 178.17.0.11 178.17.0.12
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.1.117,1]
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930854286339096&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-437069544-115546471-2938306295-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-437069544-115546471-2938306295-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 0AD95A27AF13D04D9447BD9B2E2B0761 URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 28F55112567F11A7DBADE182EB0E2AFF URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 6561DF71FFA8F9C488FEF0C602C8F88A URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 8B2130DBC0AEAA85CBFB5E9FEC1C1479 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (Canon Inc. -> CANON INC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12] (Eyeo GmbH -> Adblock Plus)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (Canon Inc. -> CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Eyeo GmbH -> Adblock Plus)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (Canon Inc. -> CANON INC.)
DPF: HKLM-x32 {F680B28A-3AEE-4C88-93ED-45AE9215C128} hxxps://adisepo.mfcr.cz/adistc/adis/idpr_pub/xspa/bin/cryptsignx.cab
FireFox:
========
FF ProfilePath: C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204 [2019-02-06]
FF Homepage: Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204 -> hxxp://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204 -> hxxps://www.amazon.com/gp/bit/amazonserp/ref=bi ... 4_CZ_ff_nt_
FF Extension: (IBM Security Rapport) - C:\Users\m\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2019-02-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\m\AppData\Local\Google\Chrome\User Data\Default [2019-02-06]
CHR Extension: (Prezentace) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-23]
CHR Extension: (Dokumenty) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-23]
CHR Extension: (Disk Google) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-08]
CHR Extension: (IBM Security Rapport) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2018-09-30]
CHR Extension: (Seznam doplněk - Email) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-12-21]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-12-21]
CHR Extension: (YouTube) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-08]
CHR Extension: (Vyhledávání Google) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-08]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-01]
CHR Extension: (Avast Online Security) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-12-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-23]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-10-01]
CHR Extension: (Gmail) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-08]
CHR Extension: (Chrome Media Router) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-01]
CHR HKU\S-1-5-21-437069544-115546471-2938306295-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR StartupUrls: "hxxp://www.seznam.cz/?clid=6826"
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-23] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-23] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\elevation_service.exe [390552 2019-01-09] (AVAST Software s.r.o. -> AVAST Software)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-04-11] (Huawei Software Technologies Co., LTD. -> )
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] (Canon Inc. -> )
R2 InCDSrv; C:\Program Files (x86)\Nero\Tools\InCD\InCDSrv.exe [1420592 2009-10-16] (Nero AG -> Nero AG)
R2 MediatekRegistryWriter; C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe [401040 2014-07-31] (MEDIATEK INC. -> Mediatek Inc.)
R2 MediatekRegistryWriter64; C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe [454288 2014-07-31] (MEDIATEK INC. -> Mediatek Inc.)
R2 NeroRegInCDSrv; C:\Program Files (x86)\Nero\Tools\InCD\NBHRegInCDSrv.exe [53560 2009-10-16] (Nero AG -> Nero AG)
S3 RaMediaServer; C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5264888 2018-12-26] (IBM -> IBM Corp.)
S3 Samsung UPD Service2; C:\Windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics CO., LTD. -> Samsung Electronics)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11786992 2018-11-14] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [491088 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 adpahci; C:\Windows\system32\drivers\adpahci.sys [339536 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 adpu320; C:\Windows\system32\drivers\adpu320.sys [182864 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [507392 2015-06-27] (Microsoft Windows Hardware Compatibility Publisher -> ITETech )
S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-14] (Microsoft Windows -> Acer Laboratories Inc.)
S3 arc; C:\Windows\system32\drivers\arc.sys [87632 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 arcsas; C:\Windows\system32\drivers\arcsas.sys [97856 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [223056 2019-01-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166792 2019-01-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [3538432 2012-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 b06bdrv; C:\Windows\system32\drivers\bxvbda.sys [468480 2009-06-10] (Microsoft Windows -> Broadcom Corporation)
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Microsoft Windows -> Broadcom Corporation)
S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-10] (Microsoft Windows -> Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-10] (Microsoft Windows -> Brother Industries, Ltd.)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Microsoft Windows -> Brother Industries Ltd.)
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-14] (Microsoft Windows -> CMD Technology, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-07] (Disc Soft Ltd -> Disc Soft Ltd)
S3 elxstor; C:\Windows\system32\drivers\elxstor.sys [530496 2009-07-14] (Microsoft Windows -> Emulex)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Microsoft Windows -> Hauppauge Computer Works, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-11] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [14741632 2012-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 InCDFs; C:\Windows\System32\DRIVERS\InCDFs.sys [168984 2009-10-16] (Nero AG -> Nero AG)
R3 InCDPass; C:\Windows\System32\DRIVERS\InCDPass.sys [60952 2009-10-16] (Nero AG -> Nero AG)
R1 InCDRec; C:\Windows\System32\DRIVERS\InCDRec.sys [22040 2009-10-16] (Nero AG -> Nero AG)
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [331264 2011-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2016-01-05] (Microsoft Windows Hardware Compatibility Publisher -> ITE )
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2212496 2014-07-04] (MEDIATEK INC. -> MediaTek Inc.)
S3 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [51264 2009-07-14] (Microsoft Windows -> IBM Corporation)
S3 nmwcd; C:\Windows\System32\drivers\ccdcmbx64.sys [19968 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbox64.sys [27136 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfdx64.sys [26112 2012-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 ql2300; C:\Windows\system32\drivers\ql2300.sys [1524816 2009-07-14] (Microsoft Windows -> QLogic Corporation)
S3 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [128592 2009-07-14] (Microsoft Windows -> QLogic Corporation)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [501256 2018-12-26] (IBM -> IBM Corp.)
R1 RapportCerberus_1930247; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1930247.sys [1657968 2019-01-11] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [725192 2018-12-26] (IBM -> IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [461768 2018-12-26] (IBM -> IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [604752 2018-09-06] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [758168 2018-12-26] (IBM -> IBM Corp.)
S4 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Microsoft Windows -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [167936 2013-10-22] (Microsoft Windows Hardware Compatibility Publisher -> ATEN)
S3 SoundcraftUSBAudio; C:\Windows\System32\DRIVERS\SoundcraftUSBAudio_x64.sys [269312 2015-09-03] (Harman Music Group Inc. -> )
S3 SoundcraftUSBAudioks; C:\Windows\System32\DRIVERS\SoundcraftUSBAudioks_x64.sys [50688 2015-09-03] (Harman Music Group Inc. -> )
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys [9216 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltjx64.sys [9216 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 YMIDUSBW; C:\Windows\System32\drivers\ymidusbx64.sys [43744 2015-07-28] (Yamaha Corporation -> Yamaha Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-06 15:25 - 2019-02-06 15:26 - 000105044 _____ C:\Windows\ntbtlog.txt
2019-02-06 15:24 - 2019-02-06 15:24 - 000000000 ____D C:\Users\m\Desktop\nouzák
2019-02-06 14:58 - 2019-02-06 15:40 - 000032272 _____ C:\Users\m\Desktop\FRST.txt
2019-02-06 14:25 - 2019-02-06 14:59 - 000066348 _____ C:\Users\m\Desktop\Addition.txt
2019-02-06 13:16 - 2019-02-06 13:17 - 000000413 _____ C:\Users\m\Downloads\Search.txt
2019-02-06 13:15 - 2019-02-06 13:15 - 002433024 _____ (Farbar) C:\Users\m\Desktop\FRST64(2).exe
2019-02-06 11:35 - 2019-02-06 11:35 - 002433024 _____ (Farbar) C:\Users\m\Downloads\FRST64.exe
2019-02-06 11:09 - 2019-02-06 11:09 - 007316688 _____ (Malwarebytes) C:\Users\m\Downloads\adwcleaner_7.2.7.0.exe
2019-02-06 10:52 - 2019-02-06 10:52 - 001222144 _____ C:\Users\m\Downloads\RSITx64(1).exe
2019-02-06 10:30 - 2019-02-06 10:31 - 000491363 _____ C:\Users\m\Downloads\fwpoptvka.zip
2019-02-06 10:16 - 2019-02-06 10:16 - 000322056 _____ (Mozilla) C:\Users\m\Downloads\Firefox Installer.exe
2019-02-06 10:14 - 2019-02-06 10:15 - 000712678 _____ C:\Users\m\Desktop\Záložky 2019.html
2019-02-05 18:04 - 2019-02-05 18:04 - 008595456 _____ C:\Users\m\Downloads\PI TRUSS AND STAGE(CRYSTAL WANG)(1).xls
2019-02-05 18:02 - 2019-02-05 18:02 - 000252681 _____ C:\Users\m\Downloads\prilohy_54516.zip
2019-02-05 17:54 - 2019-02-05 17:54 - 001080486 _____ C:\Users\m\Downloads\Spigot truss and stage (CRYSTAL).pdf
2019-02-05 12:38 - 2019-02-05 12:39 - 000000000 ____D C:\Users\m\Desktop\chris rea
2019-02-05 12:33 - 2019-02-05 12:34 - 164698825 _____ C:\Users\m\Downloads\Chris Rea_mp3.rar
2019-02-04 18:39 - 2019-02-04 18:53 - 616799430 _____ C:\Users\m\Downloads\Amatérské rádio PE 2018.rar
2019-02-04 18:39 - 2019-02-04 18:50 - 421465641 _____ C:\Users\m\Downloads\Amatérské rádio 2017.rar
2019-02-02 17:06 - 2019-02-02 17:43 - 2070805738 _____ C:\Users\m\Desktop\Bohemian Rhapsody CZ TITULKY 2018 NOVINKA Queen Freddie Mercury Rami Malek Lucy Boynton Rapsody Rapsodi české titulky RODINNÝ RODINNÁ DRAMA DRÁMA HUDEBNÍ HUDOBNÝ ŽIVOTOPISNÍ ŽIVOTOPISNÝ.avi
2019-02-02 15:15 - 2019-02-02 15:28 - 992362682 _____ C:\Users\m\Desktop\Po cem muzi touzi 2018 CZ.avi
2019-01-31 17:40 - 2019-01-31 17:40 - 001221276 _____ C:\Users\m\Downloads\Odprodej_nepotřebného_majetku-KRPZ-100730-28_ČJ-2018-1500AO-služební_dopravní_prostředky.pdf
2019-01-30 09:33 - 2019-01-30 09:33 - 000544605 _____ C:\Users\m\Desktop\Kovohutě.pdf
2019-01-30 09:21 - 2019-01-30 09:21 - 000418903 _____ C:\Users\m\Downloads\Kh, Přijatá objednávka - Kupní smlouva CZ.pdf
2019-01-29 11:04 - 2019-01-29 11:04 - 003868748 _____ C:\Users\m\Downloads\SiCompact_v3_3_Build6(2).zip
2019-01-29 10:27 - 2019-01-29 10:33 - 176181196 _____ C:\Users\m\Downloads\uiupdate-k-3.0.7865-ui24v2.zip
2019-01-29 08:49 - 2019-01-29 08:50 - 000111881 _____ C:\Users\m\Downloads\priloha_643661555_0_Inventura OSVČ.pdf
2019-01-29 08:49 - 2019-01-29 08:49 - 000163315 _____ C:\Users\m\Downloads\zprava_643661555_prijata.zfo
2019-01-28 09:33 - 2019-01-28 09:33 - 000001111 _____ C:\Users\m\Desktop\Hrdina silnicní 2018.xml
2019-01-28 09:08 - 2019-01-28 09:08 - 000001707 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-01-28 09:08 - 2019-01-28 09:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-01-28 09:08 - 2019-01-28 09:08 - 000000000 ____D C:\Program Files\iPod
2019-01-28 09:07 - 2019-01-28 09:08 - 000000000 ____D C:\Program Files\iTunes
2019-01-28 08:59 - 2019-01-28 08:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2019-01-25 09:01 - 2019-01-25 09:01 - 000000523 _____ C:\Users\m\Desktop\kara.JPEG.lnk
2019-01-25 09:00 - 2019-01-25 09:02 - 000093301 _____ C:\Users\m\Desktop\kara.JPEG
2019-01-24 15:36 - 2019-01-24 15:36 - 000620343 _____ C:\Users\m\Desktop\FAM TRIP KOLUMBIE 2016.pdf
2019-01-24 15:20 - 2019-01-24 15:20 - 000282385 _____ C:\Users\m\Desktop\faktura zes.pdf
2019-01-24 15:19 - 2019-01-24 15:18 - 000245152 _____ C:\Users\m\Desktop\faktura Litvínov.pdf
2019-01-24 15:17 - 2019-01-24 15:17 - 000432444 _____ C:\Users\m\Desktop\faktura Neubert.pdf
2019-01-24 15:16 - 2019-01-24 15:15 - 000437734 _____ C:\Users\m\Desktop\faktura Roudnice.pdf
2019-01-24 09:29 - 2019-01-24 09:29 - 000006209 _____ C:\Users\m\Desktop\J. Hrdina KH 4.Q 18.xml
2019-01-21 23:40 - 2019-01-22 09:21 - 000642705 _____ C:\Users\m\Downloads\Součet Fidlovačka Listopad + Prosinec 2.pages
2019-01-21 10:55 - 2019-01-21 10:55 - 000223056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-21 10:34 - 2019-01-21 10:38 - 269393736 _____ (Apple Inc.) C:\Users\m\Downloads\iTunes64Setup(3).exe
2019-01-21 08:29 - 2019-01-21 08:29 - 000203448 _____ C:\Users\m\Downloads\new power supply .pdf
2019-01-21 08:24 - 2019-01-21 08:24 - 000314319 _____ C:\Users\m\Downloads\Thomann_Retoure_2044149.pdf
2019-01-21 08:18 - 2019-01-21 08:18 - 000171345 _____ C:\Users\m\Downloads\D 4CH POWER SUPPLY .pdf
2019-01-18 09:56 - 2019-01-18 09:56 - 000138952 _____ C:\Users\m\Downloads\Pay confirmation (2).pdf
2019-01-18 09:55 - 2019-01-18 09:55 - 000138952 _____ C:\Users\m\Desktop\Pay confirmation (2).pdf
2019-01-18 09:53 - 2019-01-18 09:53 - 000197630 _____ C:\Users\m\Downloads\Jaromir-Hrdina-A-Z-servis117-HQLITE.pdf
2019-01-18 09:52 - 2019-01-18 09:52 - 000138952 _____ C:\Users\m\Downloads\DokladProvedeni_566591.pdf
2019-01-18 08:48 - 2019-01-18 08:48 - 000010279 _____ C:\Users\m\Downloads\原始-小杨-捷克-恒生-201890118-Proforma invoice sent to Mirek(Jaromir Hrdina) from Czech.pdf
2019-01-18 08:19 - 2019-01-18 08:19 - 000000000 ____D C:\Users\m\AppData\LocalLow\Oracle
2019-01-17 14:22 - 2019-01-17 14:22 - 000213666 _____ C:\Users\m\Downloads\551184364.pdf
2019-01-17 14:21 - 2019-01-17 14:21 - 000068100 _____ C:\Users\m\Downloads\2018-12-01-3613766754-5_62871_10_00_100000-fs(1).pdf
2019-01-17 14:14 - 2019-01-17 14:14 - 000051662 _____ C:\Users\m\Downloads\2018_12_27_39541033.pdf
2019-01-17 13:49 - 2019-01-17 13:49 - 003998157 _____ C:\Users\m\Downloads\prilohy_171933.zip
2019-01-17 13:44 - 2019-01-17 13:44 - 000592128 _____ C:\Users\m\Downloads\Potvrzení pro daňový odpočet(1).pdf
2019-01-17 11:16 - 2019-01-17 11:16 - 000278016 _____ C:\Users\m\Desktop\PI-hrdinaj 0726-czech republiky-HQLITE.xls
2019-01-17 09:25 - 2019-01-17 09:23 - 000361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-17 09:25 - 2019-01-17 09:23 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-17 09:25 - 2019-01-17 09:23 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-17 09:25 - 2019-01-17 09:23 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-17 09:25 - 2019-01-17 09:23 - 000037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-01-16 10:59 - 2019-01-16 10:59 - 000168609 _____ C:\Users\m\Downloads\28923484.pdf
2019-01-16 10:59 - 2019-01-16 10:59 - 000168609 _____ C:\Users\m\Downloads\28913398.pdf
2019-01-16 10:59 - 2019-01-16 10:59 - 000168608 _____ C:\Users\m\Downloads\25924057.pdf
2019-01-15 11:59 - 2019-01-18 08:53 - 004194054 _____ C:\Users\m\Downloads\Hqlite-quote1901-6.8.pdf
2019-01-14 09:20 - 2019-01-14 09:20 - 000066312 _____ C:\Users\m\Downloads\77748121_1_1132_20190111.pdf
2019-01-14 09:16 - 2019-01-14 09:15 - 001307015 _____ C:\Users\m\Desktop\Faktura Strakonice2.pdf
2019-01-13 22:14 - 2019-01-13 22:13 - 001322130 _____ C:\Users\m\Desktop\faktury Strakonice.pdf
2019-01-12 16:37 - 2019-01-12 16:37 - 008595456 _____ C:\Users\m\Downloads\PI TRUSS AND STAGE(CRYSTAL WANG).xls
2019-01-10 11:10 - 2019-01-10 11:10 - 000046195 _____ C:\Users\m\Downloads\Zálohová faktura 14180003(1).pdf
2019-01-10 10:57 - 2019-01-10 10:58 - 000095916 _____ C:\Users\m\Downloads\3801021872.pdf
2019-01-10 10:53 - 2019-01-10 10:53 - 000253855 _____ C:\Users\m\Downloads\PI 19-01107S.pdf
2019-01-10 10:47 - 2019-01-10 10:47 - 000118136 _____ C:\Users\m\Downloads\Tipa - faktura II. - 128 aktualni(1).pdf
2019-01-10 10:41 - 2019-01-10 10:41 - 000206182 _____ C:\Users\m\Downloads\Faktura vydaná_FV18113908.pdf
2019-01-10 09:52 - 2019-01-10 09:52 - 000087920 _____ C:\Users\m\Downloads\Daňový doklad o přijetí platby 15180002(2).pdf
2019-01-10 09:24 - 2019-01-10 09:24 - 000085045 _____ C:\Users\m\Downloads\77748121_20181228_20190109.pdf
2019-01-10 05:00 - 2019-01-10 05:00 - 000000000 ___HD C:\$AV_ASW
2019-01-09 10:28 - 2019-01-09 10:28 - 000001820 _____ C:\Users\Public\Desktop\SFM 4 B2 Mouse Driver.lnk
2019-01-09 10:28 - 2019-01-09 10:28 - 000000000 ____D C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse
2019-01-09 10:28 - 2019-01-09 10:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFM 4 B2 Mouse
2019-01-09 09:50 - 2019-01-09 09:50 - 000015700 _____ C:\Users\m\Downloads\Subject(2).PDF
2019-01-09 09:49 - 2019-01-09 09:49 - 000015700 _____ C:\Users\m\Downloads\Subject(1).PDF
2019-01-09 09:47 - 2019-01-09 09:47 - 000115589 _____ C:\Users\m\Downloads\CLRI409260430128_5011305896954518927.pdf
2019-01-09 08:50 - 2019-01-09 08:50 - 000368128 _____ C:\Users\m\Downloads\faktura Weinas 12-2018(1).xls
2019-01-09 08:48 - 2019-01-09 08:49 - 000076753 _____ C:\Users\m\Downloads\CLRI784334076702_021545309061610(1).pdf
2019-01-08 23:43 - 2019-01-08 23:43 - 000027136 _____ C:\Users\m\Downloads\梅捷克 Jaromir (LHM20180912)(3).xls
2019-01-08 23:31 - 2019-01-08 23:31 - 000027136 _____ C:\Users\m\Downloads\faktura gisen 12.18.xls
2019-01-08 22:42 - 2019-01-08 22:42 - 000027136 _____ C:\Users\m\Downloads\梅捷克 Jaromir (LHM20180912)(2).xls
2019-01-08 22:37 - 2019-01-08 22:37 - 000078741 _____ C:\Users\m\Downloads\544(1).tiff
2019-01-08 21:43 - 2019-01-08 21:43 - 000075003 _____ C:\Users\m\Downloads\77748121_20181210_20190107.pdf
2019-01-08 21:10 - 2019-01-08 21:10 - 000646960 _____ C:\Users\m\Downloads\prilohy_166409.zip
2019-01-08 20:38 - 2019-01-08 20:38 - 000138251 _____ C:\Users\m\Downloads\DokladProvedeni_535832.pdf
2019-01-08 17:09 - 2019-01-08 17:09 - 000056265 _____ C:\Users\m\Downloads\055b0e6d-3e1a-4ee7-b041-d6260b570480.pdf
2019-01-08 09:13 - 2019-01-08 09:14 - 000015660 _____ C:\Users\m\Downloads\Subject.PDF
2019-01-07 11:39 - 2019-01-07 11:39 - 000075676 _____ C:\Users\m\Downloads\CLRI724965744740_021531841283040.pdf
2019-01-07 11:38 - 2019-01-07 11:38 - 000100491 _____ C:\Users\m\Downloads\JSD.pdf
2019-01-07 11:37 - 2019-01-07 11:37 - 000076753 _____ C:\Users\m\Downloads\CLRI784334076702_021545309061610.pdf
2019-01-07 11:36 - 2019-01-07 11:36 - 000033578 _____ C:\Users\m\Downloads\Vyuctovani_50214520_1812.pdf
2019-01-07 11:34 - 2019-01-07 11:34 - 000033553 _____ C:\Users\m\Downloads\Vyuctovani_50214520_1811.pdf
2019-01-07 11:33 - 2019-01-07 11:33 - 000033565 _____ C:\Users\m\Downloads\Vyuctovani_50214520_1810(1).pdf
2019-01-07 10:40 - 2019-01-07 10:40 - 000068754 _____ C:\Users\m\Downloads\2019-01-01-3613766754-5_62871_10_00_100000-fs.pdf
2019-01-07 10:40 - 2019-01-07 10:40 - 000062674 _____ C:\Users\m\Downloads\2019-01-01-3620769603-5_62871_10_00_100001-fs.pdf
2019-01-07 10:39 - 2019-01-07 10:39 - 000068100 _____ C:\Users\m\Downloads\2018-12-01-3613766754-5_62871_10_00_100000-fs.pdf
2019-01-07 10:38 - 2019-01-07 10:39 - 000062868 _____ C:\Users\m\Downloads\2018-12-01-3620769603-5_62871_10_00_100001-fs.pdf
2019-01-07 10:37 - 2019-01-07 10:37 - 000069389 _____ C:\Users\m\Downloads\2018-11-01-3613766754-5_62871_10_00_100000-fs.pdf
2019-01-07 10:37 - 2019-01-07 10:37 - 000062553 _____ C:\Users\m\Downloads\2018-11-01-3620769603-5_62871_10_00_100001-fs.pdf
2019-01-07 10:35 - 2019-01-07 10:35 - 000037224 _____ C:\Users\m\Downloads\Vyúčtování_2018_10-1363326304.pdf
2019-01-07 10:34 - 2019-01-07 10:35 - 000039879 _____ C:\Users\m\Downloads\Vyúčtování_2018_10-1363326301.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-06 15:39 - 2015-09-14 12:41 - 000000000 ____D C:\FRST
2019-02-06 15:36 - 2014-11-07 21:09 - 000000000 ____D C:\Program Files (x86)\Opera
2019-02-06 15:36 - 2011-04-12 09:34 - 000668792 _____ C:\Windows\system32\perfh005.dat
2019-02-06 15:36 - 2011-04-12 09:34 - 000141420 _____ C:\Windows\system32\perfc005.dat
2019-02-06 15:36 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-06 15:36 - 2009-07-14 05:45 - 000022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-06 15:36 - 2009-07-14 05:45 - 000022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-06 15:36 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-02-06 15:34 - 2018-03-01 19:51 - 000000085 _____ C:\Windows\Wininit.ini
2019-02-06 15:34 - 2016-10-31 21:23 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-02-06 15:33 - 2016-12-02 17:52 - 000000000 ____D C:\Users\m\AppData\LocalLow\Mozilla
2019-02-06 15:33 - 2016-10-31 21:23 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-02-06 15:31 - 2018-11-25 20:06 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-02-06 15:31 - 2017-11-12 18:47 - 000000000 ___RD C:\Users\m\iCloudDrive
2019-02-06 15:31 - 2017-01-31 22:23 - 000000000 ____D C:\Users\m\AppData\Local\Free Download Manager
2019-02-06 15:30 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-06 14:13 - 2016-10-28 09:53 - 000000000 ____D C:\Users\m\AppData\LocalLow\Temp
2019-02-06 12:54 - 2015-03-26 09:00 - 000000000 ____D C:\Users\m\Documents\bordel plocha
2019-02-06 11:38 - 2016-10-02 08:57 - 000056908 _____ C:\Users\m\Downloads\FRST.txt
2019-02-06 11:38 - 2015-09-14 12:42 - 000068343 _____ C:\Users\m\Downloads\Addition.txt
2019-02-06 11:29 - 2015-12-15 18:37 - 000000000 ____D C:\Program Files\trend micro
2019-02-06 11:17 - 2017-05-06 09:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-02-06 11:17 - 2014-11-07 20:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-06 11:12 - 2015-12-15 20:40 - 000000000 ____D C:\AdwCleaner
2019-02-06 11:12 - 2014-11-13 18:57 - 000000000 ____D C:\Users\m\AppData\Roaming\IObit
2019-02-06 11:12 - 2014-11-13 18:57 - 000000000 ____D C:\Users\m\AppData\LocalLow\IObit
2019-02-06 11:12 - 2014-11-13 18:57 - 000000000 ____D C:\ProgramData\IObit
2019-02-06 10:21 - 2014-11-07 20:43 - 000000000 ____D C:\ProgramData\Mozilla
2019-02-06 10:20 - 2015-05-13 19:01 - 000000000 ____D C:\Users\m\AppData\Local\CrashDumps
2019-02-06 10:19 - 2014-11-07 20:43 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-02-06 10:19 - 2014-11-07 20:43 - 000001147 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-02-06 10:03 - 2017-05-15 19:53 - 006980216 _____ (ESET spol. s r.o.) C:\Users\m\Downloads\esetonlinescanner_csy.exe
2019-02-05 17:57 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2019-02-05 13:46 - 2014-11-07 21:06 - 000000000 ____D C:\Program Files\CCleaner
2019-02-05 08:31 - 2017-03-03 08:11 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-02-04 18:44 - 2017-08-30 12:45 - 000000000 ____D C:\Windows\AutoKMS
2019-02-04 18:43 - 2016-07-07 18:52 - 000151552 _____ C:\Windows\KMSEmulator.exe
2019-02-04 12:44 - 2018-03-17 10:47 - 000004512 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-02-04 12:44 - 2018-03-07 10:17 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-02-04 12:44 - 2017-11-12 18:46 - 000003404 _____ C:\Windows\System32\Tasks\Apple Diagnostics
2019-02-04 12:44 - 2017-05-15 13:58 - 000003380 _____ C:\Windows\System32\Tasks\WinZip Update Notifier
2019-02-04 12:44 - 2015-12-15 11:34 - 000004500 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-02-04 12:44 - 2015-12-15 11:33 - 000003838 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1415390993
2019-02-04 12:44 - 2015-12-03 18:40 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-02-04 12:44 - 2015-06-24 10:31 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-02-04 12:44 - 2015-05-28 12:27 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-02-04 12:44 - 2015-05-10 22:25 - 000003282 _____ C:\Windows\System32\Tasks\SoftwareInformerService
2019-02-04 12:44 - 2014-11-07 21:06 - 000002764 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-02-04 12:44 - 2014-11-05 07:39 - 000003520 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2019-02-04 10:33 - 2018-08-31 08:28 - 000001306 _____ C:\Users\Public\Desktop\Skype.lnk
2019-02-04 10:33 - 2018-08-31 08:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-01-30 09:33 - 2016-02-09 18:55 - 000000000 ____D C:\Users\m\scany
2019-01-29 21:14 - 2014-11-04 21:23 - 000000000 ____D C:\Users\UpdatusUser
2019-01-21 11:03 - 2017-11-12 18:47 - 000000000 ____D C:\Users\m\AppData\Local\C55D15D0-4E46-4797-82FF-7B3F63036861.aplzod
2019-01-21 11:02 - 2014-11-11 11:45 - 000000000 ____D C:\Users\m\AppData\Local\Apple Computer
2019-01-21 10:55 - 2016-10-02 18:09 - 000166792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-17 09:24 - 2017-11-21 08:38 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-17 09:24 - 2017-10-17 11:13 - 000239808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-17 09:23 - 2018-10-23 08:08 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-17 09:23 - 2016-10-02 18:09 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-01-16 15:06 - 2018-04-23 20:56 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-01-15 09:37 - 2018-04-23 20:54 - 000000000 ____D C:\Users\m\AppData\Local\AVAST Software
2019-01-13 20:00 - 2015-01-04 19:47 - 000000000 ____D C:\ProgramData\CanonIJPLM
2019-01-11 09:19 - 2017-10-04 15:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2019-01-10 05:00 - 2018-12-23 19:37 - 000000000 ____D C:\Program Files (x86)\iTV
2019-01-09 12:30 - 2014-11-07 20:49 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-01-09 12:30 - 2014-11-07 20:49 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-09 12:30 - 2014-11-07 20:49 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-01-09 12:30 - 2014-11-07 20:49 - 000000000 ____D C:\Windows\system32\Macromed
2019-01-08 23:36 - 2018-12-29 09:26 - 000016075 _____ C:\Users\m\Downloads\20181229 -Proforma invoice sent to Mirek from Czech.pdf
2019-01-08 23:29 - 2018-12-05 13:31 - 000027136 _____ C:\Users\m\Downloads\PROFORMA INVOICE to Mirek CZ-M-12052018.xls
2019-01-08 21:20 - 2018-07-02 13:15 - 000001312 _____ C:\Users\m\Desktop\Gisen 07.2018.xls.lnk
==================== Files in the root of some directories =======
2015-10-21 19:28 - 2015-08-27 15:48 - 000444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2015-11-25 16:08 - 2019-02-06 13:02 - 000262123 _____ () C:\Users\m\AppData\Roaming\Error.log
2016-02-07 19:34 - 2016-02-07 19:34 - 000000017 _____ () C:\Users\m\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2019-02-03 17:28
==================== End of FRST.txt ============================
Ran by m (administrator) on M-PC (06-02-2019 15:39:28)
Running from C:\Users\m\Desktop
Loaded Profiles: m & UpdatusUser (Available Profiles: m & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Nero AG) C:\Program Files (x86)\Nero\Tools\InCD\InCDSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe
(Nero AG) C:\Program Files (x86)\Nero\Tools\InCD\NBHRegInCDSrv.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\m\Desktop\FRST64(2).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [1878016 2017-04-19] (WinZip)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1106512 2012-03-02] (Dritek System Inc. -> Dritek System Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [dvd43] => C:\Program Files (x86)\dvd43\dvd43_tray.exe [827904 2009-10-23] ()
HKLM-x32\...\Run: [SFM 4 B2 Mouse Driver] => C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse\Monitor.exe [614400 2018-05-14] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10431176 2017-01-20] (Softdeluxe Ltd. -> FreeDownloadManager.org)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\MountPoints2: {5903b727-1677-11e5-9201-68942328a459} - F:\laucher.exe
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\MountPoints2: {ea5a313e-4ed1-11e7-a479-68942328a45a} - F:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-18] (Google Inc -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\Installer\chrmstp.exe [2019-01-16] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-02-20] (NVIDIA CORPORATION -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-02-20] (NVIDIA CORPORATION -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mediatek Wireless Utility.lnk [2017-05-17]
ShortcutTarget: Mediatek Wireless Utility.lnk -> C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe (Mediatek Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SPDriverInstall.lnk [2016-09-17]
ShortcutTarget: SPDriverInstall.lnk -> C:\Program Files\MediaTek\SP Driver\SPDriverInstall (No File)
Startup: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2017-07-25]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction ? <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Tcpip\Parameters: [DhcpNameServer] 178.17.0.11 178.17.0.12
Tcpip\..\Interfaces\{464C6660-F1BE-4595-B543-DE14D7A085CE}: [DhcpNameServer] 109.205.75.22
Tcpip\..\Interfaces\{6F01AEF7-0D77-47A4-B029-C65780083693}: [DhcpNameServer] 178.17.0.11 178.17.0.12
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.1.117,1]
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930854286339096&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-437069544-115546471-2938306295-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-437069544-115546471-2938306295-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 0AD95A27AF13D04D9447BD9B2E2B0761 URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 28F55112567F11A7DBADE182EB0E2AFF URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 6561DF71FFA8F9C488FEF0C602C8F88A URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 8B2130DBC0AEAA85CBFB5E9FEC1C1479 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (Canon Inc. -> CANON INC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12] (Eyeo GmbH -> Adblock Plus)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (Canon Inc. -> CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Eyeo GmbH -> Adblock Plus)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (Canon Inc. -> CANON INC.)
DPF: HKLM-x32 {F680B28A-3AEE-4C88-93ED-45AE9215C128} hxxps://adisepo.mfcr.cz/adistc/adis/idpr_pub/xspa/bin/cryptsignx.cab
FireFox:
========
FF ProfilePath: C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204 [2019-02-06]
FF Homepage: Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204 -> hxxp://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\wy33w0jp.default-1478070043204 -> hxxps://www.amazon.com/gp/bit/amazonserp/ref=bi ... 4_CZ_ff_nt_
FF Extension: (IBM Security Rapport) - C:\Users\m\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2019-02-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\m\AppData\Local\Google\Chrome\User Data\Default [2019-02-06]
CHR Extension: (Prezentace) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-23]
CHR Extension: (Dokumenty) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-23]
CHR Extension: (Disk Google) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-08]
CHR Extension: (IBM Security Rapport) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2018-09-30]
CHR Extension: (Seznam doplněk - Email) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-12-21]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-12-21]
CHR Extension: (YouTube) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-08]
CHR Extension: (Vyhledávání Google) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-08]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-01]
CHR Extension: (Avast Online Security) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-12-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-23]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-10-01]
CHR Extension: (Gmail) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-08]
CHR Extension: (Chrome Media Router) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-01]
CHR HKU\S-1-5-21-437069544-115546471-2938306295-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR StartupUrls: "hxxp://www.seznam.cz/?clid=6826"
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-23] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-23] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\elevation_service.exe [390552 2019-01-09] (AVAST Software s.r.o. -> AVAST Software)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-04-11] (Huawei Software Technologies Co., LTD. -> )
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] (Canon Inc. -> )
R2 InCDSrv; C:\Program Files (x86)\Nero\Tools\InCD\InCDSrv.exe [1420592 2009-10-16] (Nero AG -> Nero AG)
R2 MediatekRegistryWriter; C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe [401040 2014-07-31] (MEDIATEK INC. -> Mediatek Inc.)
R2 MediatekRegistryWriter64; C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe [454288 2014-07-31] (MEDIATEK INC. -> Mediatek Inc.)
R2 NeroRegInCDSrv; C:\Program Files (x86)\Nero\Tools\InCD\NBHRegInCDSrv.exe [53560 2009-10-16] (Nero AG -> Nero AG)
S3 RaMediaServer; C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5264888 2018-12-26] (IBM -> IBM Corp.)
S3 Samsung UPD Service2; C:\Windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics CO., LTD. -> Samsung Electronics)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11786992 2018-11-14] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [491088 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 adpahci; C:\Windows\system32\drivers\adpahci.sys [339536 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 adpu320; C:\Windows\system32\drivers\adpu320.sys [182864 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [507392 2015-06-27] (Microsoft Windows Hardware Compatibility Publisher -> ITETech )
S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-14] (Microsoft Windows -> Acer Laboratories Inc.)
S3 arc; C:\Windows\system32\drivers\arc.sys [87632 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 arcsas; C:\Windows\system32\drivers\arcsas.sys [97856 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [223056 2019-01-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166792 2019-01-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [3538432 2012-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 b06bdrv; C:\Windows\system32\drivers\bxvbda.sys [468480 2009-06-10] (Microsoft Windows -> Broadcom Corporation)
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Microsoft Windows -> Broadcom Corporation)
S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-10] (Microsoft Windows -> Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-10] (Microsoft Windows -> Brother Industries, Ltd.)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Microsoft Windows -> Brother Industries Ltd.)
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-14] (Microsoft Windows -> CMD Technology, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-07] (Disc Soft Ltd -> Disc Soft Ltd)
S3 elxstor; C:\Windows\system32\drivers\elxstor.sys [530496 2009-07-14] (Microsoft Windows -> Emulex)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Microsoft Windows -> Hauppauge Computer Works, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-11] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [14741632 2012-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 InCDFs; C:\Windows\System32\DRIVERS\InCDFs.sys [168984 2009-10-16] (Nero AG -> Nero AG)
R3 InCDPass; C:\Windows\System32\DRIVERS\InCDPass.sys [60952 2009-10-16] (Nero AG -> Nero AG)
R1 InCDRec; C:\Windows\System32\DRIVERS\InCDRec.sys [22040 2009-10-16] (Nero AG -> Nero AG)
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [331264 2011-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2016-01-05] (Microsoft Windows Hardware Compatibility Publisher -> ITE )
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2212496 2014-07-04] (MEDIATEK INC. -> MediaTek Inc.)
S3 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [51264 2009-07-14] (Microsoft Windows -> IBM Corporation)
S3 nmwcd; C:\Windows\System32\drivers\ccdcmbx64.sys [19968 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbox64.sys [27136 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfdx64.sys [26112 2012-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 ql2300; C:\Windows\system32\drivers\ql2300.sys [1524816 2009-07-14] (Microsoft Windows -> QLogic Corporation)
S3 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [128592 2009-07-14] (Microsoft Windows -> QLogic Corporation)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [501256 2018-12-26] (IBM -> IBM Corp.)
R1 RapportCerberus_1930247; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1930247.sys [1657968 2019-01-11] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [725192 2018-12-26] (IBM -> IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [461768 2018-12-26] (IBM -> IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [604752 2018-09-06] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [758168 2018-12-26] (IBM -> IBM Corp.)
S4 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Microsoft Windows -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [167936 2013-10-22] (Microsoft Windows Hardware Compatibility Publisher -> ATEN)
S3 SoundcraftUSBAudio; C:\Windows\System32\DRIVERS\SoundcraftUSBAudio_x64.sys [269312 2015-09-03] (Harman Music Group Inc. -> )
S3 SoundcraftUSBAudioks; C:\Windows\System32\DRIVERS\SoundcraftUSBAudioks_x64.sys [50688 2015-09-03] (Harman Music Group Inc. -> )
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys [9216 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltjx64.sys [9216 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 YMIDUSBW; C:\Windows\System32\drivers\ymidusbx64.sys [43744 2015-07-28] (Yamaha Corporation -> Yamaha Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-06 15:25 - 2019-02-06 15:26 - 000105044 _____ C:\Windows\ntbtlog.txt
2019-02-06 15:24 - 2019-02-06 15:24 - 000000000 ____D C:\Users\m\Desktop\nouzák
2019-02-06 14:58 - 2019-02-06 15:40 - 000032272 _____ C:\Users\m\Desktop\FRST.txt
2019-02-06 14:25 - 2019-02-06 14:59 - 000066348 _____ C:\Users\m\Desktop\Addition.txt
2019-02-06 13:16 - 2019-02-06 13:17 - 000000413 _____ C:\Users\m\Downloads\Search.txt
2019-02-06 13:15 - 2019-02-06 13:15 - 002433024 _____ (Farbar) C:\Users\m\Desktop\FRST64(2).exe
2019-02-06 11:35 - 2019-02-06 11:35 - 002433024 _____ (Farbar) C:\Users\m\Downloads\FRST64.exe
2019-02-06 11:09 - 2019-02-06 11:09 - 007316688 _____ (Malwarebytes) C:\Users\m\Downloads\adwcleaner_7.2.7.0.exe
2019-02-06 10:52 - 2019-02-06 10:52 - 001222144 _____ C:\Users\m\Downloads\RSITx64(1).exe
2019-02-06 10:30 - 2019-02-06 10:31 - 000491363 _____ C:\Users\m\Downloads\fwpoptvka.zip
2019-02-06 10:16 - 2019-02-06 10:16 - 000322056 _____ (Mozilla) C:\Users\m\Downloads\Firefox Installer.exe
2019-02-06 10:14 - 2019-02-06 10:15 - 000712678 _____ C:\Users\m\Desktop\Záložky 2019.html
2019-02-05 18:04 - 2019-02-05 18:04 - 008595456 _____ C:\Users\m\Downloads\PI TRUSS AND STAGE(CRYSTAL WANG)(1).xls
2019-02-05 18:02 - 2019-02-05 18:02 - 000252681 _____ C:\Users\m\Downloads\prilohy_54516.zip
2019-02-05 17:54 - 2019-02-05 17:54 - 001080486 _____ C:\Users\m\Downloads\Spigot truss and stage (CRYSTAL).pdf
2019-02-05 12:38 - 2019-02-05 12:39 - 000000000 ____D C:\Users\m\Desktop\chris rea
2019-02-05 12:33 - 2019-02-05 12:34 - 164698825 _____ C:\Users\m\Downloads\Chris Rea_mp3.rar
2019-02-04 18:39 - 2019-02-04 18:53 - 616799430 _____ C:\Users\m\Downloads\Amatérské rádio PE 2018.rar
2019-02-04 18:39 - 2019-02-04 18:50 - 421465641 _____ C:\Users\m\Downloads\Amatérské rádio 2017.rar
2019-02-02 17:06 - 2019-02-02 17:43 - 2070805738 _____ C:\Users\m\Desktop\Bohemian Rhapsody CZ TITULKY 2018 NOVINKA Queen Freddie Mercury Rami Malek Lucy Boynton Rapsody Rapsodi české titulky RODINNÝ RODINNÁ DRAMA DRÁMA HUDEBNÍ HUDOBNÝ ŽIVOTOPISNÍ ŽIVOTOPISNÝ.avi
2019-02-02 15:15 - 2019-02-02 15:28 - 992362682 _____ C:\Users\m\Desktop\Po cem muzi touzi 2018 CZ.avi
2019-01-31 17:40 - 2019-01-31 17:40 - 001221276 _____ C:\Users\m\Downloads\Odprodej_nepotřebného_majetku-KRPZ-100730-28_ČJ-2018-1500AO-služební_dopravní_prostředky.pdf
2019-01-30 09:33 - 2019-01-30 09:33 - 000544605 _____ C:\Users\m\Desktop\Kovohutě.pdf
2019-01-30 09:21 - 2019-01-30 09:21 - 000418903 _____ C:\Users\m\Downloads\Kh, Přijatá objednávka - Kupní smlouva CZ.pdf
2019-01-29 11:04 - 2019-01-29 11:04 - 003868748 _____ C:\Users\m\Downloads\SiCompact_v3_3_Build6(2).zip
2019-01-29 10:27 - 2019-01-29 10:33 - 176181196 _____ C:\Users\m\Downloads\uiupdate-k-3.0.7865-ui24v2.zip
2019-01-29 08:49 - 2019-01-29 08:50 - 000111881 _____ C:\Users\m\Downloads\priloha_643661555_0_Inventura OSVČ.pdf
2019-01-29 08:49 - 2019-01-29 08:49 - 000163315 _____ C:\Users\m\Downloads\zprava_643661555_prijata.zfo
2019-01-28 09:33 - 2019-01-28 09:33 - 000001111 _____ C:\Users\m\Desktop\Hrdina silnicní 2018.xml
2019-01-28 09:08 - 2019-01-28 09:08 - 000001707 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-01-28 09:08 - 2019-01-28 09:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-01-28 09:08 - 2019-01-28 09:08 - 000000000 ____D C:\Program Files\iPod
2019-01-28 09:07 - 2019-01-28 09:08 - 000000000 ____D C:\Program Files\iTunes
2019-01-28 08:59 - 2019-01-28 08:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2019-01-25 09:01 - 2019-01-25 09:01 - 000000523 _____ C:\Users\m\Desktop\kara.JPEG.lnk
2019-01-25 09:00 - 2019-01-25 09:02 - 000093301 _____ C:\Users\m\Desktop\kara.JPEG
2019-01-24 15:36 - 2019-01-24 15:36 - 000620343 _____ C:\Users\m\Desktop\FAM TRIP KOLUMBIE 2016.pdf
2019-01-24 15:20 - 2019-01-24 15:20 - 000282385 _____ C:\Users\m\Desktop\faktura zes.pdf
2019-01-24 15:19 - 2019-01-24 15:18 - 000245152 _____ C:\Users\m\Desktop\faktura Litvínov.pdf
2019-01-24 15:17 - 2019-01-24 15:17 - 000432444 _____ C:\Users\m\Desktop\faktura Neubert.pdf
2019-01-24 15:16 - 2019-01-24 15:15 - 000437734 _____ C:\Users\m\Desktop\faktura Roudnice.pdf
2019-01-24 09:29 - 2019-01-24 09:29 - 000006209 _____ C:\Users\m\Desktop\J. Hrdina KH 4.Q 18.xml
2019-01-21 23:40 - 2019-01-22 09:21 - 000642705 _____ C:\Users\m\Downloads\Součet Fidlovačka Listopad + Prosinec 2.pages
2019-01-21 10:55 - 2019-01-21 10:55 - 000223056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-21 10:34 - 2019-01-21 10:38 - 269393736 _____ (Apple Inc.) C:\Users\m\Downloads\iTunes64Setup(3).exe
2019-01-21 08:29 - 2019-01-21 08:29 - 000203448 _____ C:\Users\m\Downloads\new power supply .pdf
2019-01-21 08:24 - 2019-01-21 08:24 - 000314319 _____ C:\Users\m\Downloads\Thomann_Retoure_2044149.pdf
2019-01-21 08:18 - 2019-01-21 08:18 - 000171345 _____ C:\Users\m\Downloads\D 4CH POWER SUPPLY .pdf
2019-01-18 09:56 - 2019-01-18 09:56 - 000138952 _____ C:\Users\m\Downloads\Pay confirmation (2).pdf
2019-01-18 09:55 - 2019-01-18 09:55 - 000138952 _____ C:\Users\m\Desktop\Pay confirmation (2).pdf
2019-01-18 09:53 - 2019-01-18 09:53 - 000197630 _____ C:\Users\m\Downloads\Jaromir-Hrdina-A-Z-servis117-HQLITE.pdf
2019-01-18 09:52 - 2019-01-18 09:52 - 000138952 _____ C:\Users\m\Downloads\DokladProvedeni_566591.pdf
2019-01-18 08:48 - 2019-01-18 08:48 - 000010279 _____ C:\Users\m\Downloads\原始-小杨-捷克-恒生-201890118-Proforma invoice sent to Mirek(Jaromir Hrdina) from Czech.pdf
2019-01-18 08:19 - 2019-01-18 08:19 - 000000000 ____D C:\Users\m\AppData\LocalLow\Oracle
2019-01-17 14:22 - 2019-01-17 14:22 - 000213666 _____ C:\Users\m\Downloads\551184364.pdf
2019-01-17 14:21 - 2019-01-17 14:21 - 000068100 _____ C:\Users\m\Downloads\2018-12-01-3613766754-5_62871_10_00_100000-fs(1).pdf
2019-01-17 14:14 - 2019-01-17 14:14 - 000051662 _____ C:\Users\m\Downloads\2018_12_27_39541033.pdf
2019-01-17 13:49 - 2019-01-17 13:49 - 003998157 _____ C:\Users\m\Downloads\prilohy_171933.zip
2019-01-17 13:44 - 2019-01-17 13:44 - 000592128 _____ C:\Users\m\Downloads\Potvrzení pro daňový odpočet(1).pdf
2019-01-17 11:16 - 2019-01-17 11:16 - 000278016 _____ C:\Users\m\Desktop\PI-hrdinaj 0726-czech republiky-HQLITE.xls
2019-01-17 09:25 - 2019-01-17 09:23 - 000361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-17 09:25 - 2019-01-17 09:23 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-17 09:25 - 2019-01-17 09:23 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-17 09:25 - 2019-01-17 09:23 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-17 09:25 - 2019-01-17 09:23 - 000037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-01-16 10:59 - 2019-01-16 10:59 - 000168609 _____ C:\Users\m\Downloads\28923484.pdf
2019-01-16 10:59 - 2019-01-16 10:59 - 000168609 _____ C:\Users\m\Downloads\28913398.pdf
2019-01-16 10:59 - 2019-01-16 10:59 - 000168608 _____ C:\Users\m\Downloads\25924057.pdf
2019-01-15 11:59 - 2019-01-18 08:53 - 004194054 _____ C:\Users\m\Downloads\Hqlite-quote1901-6.8.pdf
2019-01-14 09:20 - 2019-01-14 09:20 - 000066312 _____ C:\Users\m\Downloads\77748121_1_1132_20190111.pdf
2019-01-14 09:16 - 2019-01-14 09:15 - 001307015 _____ C:\Users\m\Desktop\Faktura Strakonice2.pdf
2019-01-13 22:14 - 2019-01-13 22:13 - 001322130 _____ C:\Users\m\Desktop\faktury Strakonice.pdf
2019-01-12 16:37 - 2019-01-12 16:37 - 008595456 _____ C:\Users\m\Downloads\PI TRUSS AND STAGE(CRYSTAL WANG).xls
2019-01-10 11:10 - 2019-01-10 11:10 - 000046195 _____ C:\Users\m\Downloads\Zálohová faktura 14180003(1).pdf
2019-01-10 10:57 - 2019-01-10 10:58 - 000095916 _____ C:\Users\m\Downloads\3801021872.pdf
2019-01-10 10:53 - 2019-01-10 10:53 - 000253855 _____ C:\Users\m\Downloads\PI 19-01107S.pdf
2019-01-10 10:47 - 2019-01-10 10:47 - 000118136 _____ C:\Users\m\Downloads\Tipa - faktura II. - 128 aktualni(1).pdf
2019-01-10 10:41 - 2019-01-10 10:41 - 000206182 _____ C:\Users\m\Downloads\Faktura vydaná_FV18113908.pdf
2019-01-10 09:52 - 2019-01-10 09:52 - 000087920 _____ C:\Users\m\Downloads\Daňový doklad o přijetí platby 15180002(2).pdf
2019-01-10 09:24 - 2019-01-10 09:24 - 000085045 _____ C:\Users\m\Downloads\77748121_20181228_20190109.pdf
2019-01-10 05:00 - 2019-01-10 05:00 - 000000000 ___HD C:\$AV_ASW
2019-01-09 10:28 - 2019-01-09 10:28 - 000001820 _____ C:\Users\Public\Desktop\SFM 4 B2 Mouse Driver.lnk
2019-01-09 10:28 - 2019-01-09 10:28 - 000000000 ____D C:\Users\m\AppData\Roaming\SFM 4 B2 Mouse
2019-01-09 10:28 - 2019-01-09 10:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFM 4 B2 Mouse
2019-01-09 09:50 - 2019-01-09 09:50 - 000015700 _____ C:\Users\m\Downloads\Subject(2).PDF
2019-01-09 09:49 - 2019-01-09 09:49 - 000015700 _____ C:\Users\m\Downloads\Subject(1).PDF
2019-01-09 09:47 - 2019-01-09 09:47 - 000115589 _____ C:\Users\m\Downloads\CLRI409260430128_5011305896954518927.pdf
2019-01-09 08:50 - 2019-01-09 08:50 - 000368128 _____ C:\Users\m\Downloads\faktura Weinas 12-2018(1).xls
2019-01-09 08:48 - 2019-01-09 08:49 - 000076753 _____ C:\Users\m\Downloads\CLRI784334076702_021545309061610(1).pdf
2019-01-08 23:43 - 2019-01-08 23:43 - 000027136 _____ C:\Users\m\Downloads\梅捷克 Jaromir (LHM20180912)(3).xls
2019-01-08 23:31 - 2019-01-08 23:31 - 000027136 _____ C:\Users\m\Downloads\faktura gisen 12.18.xls
2019-01-08 22:42 - 2019-01-08 22:42 - 000027136 _____ C:\Users\m\Downloads\梅捷克 Jaromir (LHM20180912)(2).xls
2019-01-08 22:37 - 2019-01-08 22:37 - 000078741 _____ C:\Users\m\Downloads\544(1).tiff
2019-01-08 21:43 - 2019-01-08 21:43 - 000075003 _____ C:\Users\m\Downloads\77748121_20181210_20190107.pdf
2019-01-08 21:10 - 2019-01-08 21:10 - 000646960 _____ C:\Users\m\Downloads\prilohy_166409.zip
2019-01-08 20:38 - 2019-01-08 20:38 - 000138251 _____ C:\Users\m\Downloads\DokladProvedeni_535832.pdf
2019-01-08 17:09 - 2019-01-08 17:09 - 000056265 _____ C:\Users\m\Downloads\055b0e6d-3e1a-4ee7-b041-d6260b570480.pdf
2019-01-08 09:13 - 2019-01-08 09:14 - 000015660 _____ C:\Users\m\Downloads\Subject.PDF
2019-01-07 11:39 - 2019-01-07 11:39 - 000075676 _____ C:\Users\m\Downloads\CLRI724965744740_021531841283040.pdf
2019-01-07 11:38 - 2019-01-07 11:38 - 000100491 _____ C:\Users\m\Downloads\JSD.pdf
2019-01-07 11:37 - 2019-01-07 11:37 - 000076753 _____ C:\Users\m\Downloads\CLRI784334076702_021545309061610.pdf
2019-01-07 11:36 - 2019-01-07 11:36 - 000033578 _____ C:\Users\m\Downloads\Vyuctovani_50214520_1812.pdf
2019-01-07 11:34 - 2019-01-07 11:34 - 000033553 _____ C:\Users\m\Downloads\Vyuctovani_50214520_1811.pdf
2019-01-07 11:33 - 2019-01-07 11:33 - 000033565 _____ C:\Users\m\Downloads\Vyuctovani_50214520_1810(1).pdf
2019-01-07 10:40 - 2019-01-07 10:40 - 000068754 _____ C:\Users\m\Downloads\2019-01-01-3613766754-5_62871_10_00_100000-fs.pdf
2019-01-07 10:40 - 2019-01-07 10:40 - 000062674 _____ C:\Users\m\Downloads\2019-01-01-3620769603-5_62871_10_00_100001-fs.pdf
2019-01-07 10:39 - 2019-01-07 10:39 - 000068100 _____ C:\Users\m\Downloads\2018-12-01-3613766754-5_62871_10_00_100000-fs.pdf
2019-01-07 10:38 - 2019-01-07 10:39 - 000062868 _____ C:\Users\m\Downloads\2018-12-01-3620769603-5_62871_10_00_100001-fs.pdf
2019-01-07 10:37 - 2019-01-07 10:37 - 000069389 _____ C:\Users\m\Downloads\2018-11-01-3613766754-5_62871_10_00_100000-fs.pdf
2019-01-07 10:37 - 2019-01-07 10:37 - 000062553 _____ C:\Users\m\Downloads\2018-11-01-3620769603-5_62871_10_00_100001-fs.pdf
2019-01-07 10:35 - 2019-01-07 10:35 - 000037224 _____ C:\Users\m\Downloads\Vyúčtování_2018_10-1363326304.pdf
2019-01-07 10:34 - 2019-01-07 10:35 - 000039879 _____ C:\Users\m\Downloads\Vyúčtování_2018_10-1363326301.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-06 15:39 - 2015-09-14 12:41 - 000000000 ____D C:\FRST
2019-02-06 15:36 - 2014-11-07 21:09 - 000000000 ____D C:\Program Files (x86)\Opera
2019-02-06 15:36 - 2011-04-12 09:34 - 000668792 _____ C:\Windows\system32\perfh005.dat
2019-02-06 15:36 - 2011-04-12 09:34 - 000141420 _____ C:\Windows\system32\perfc005.dat
2019-02-06 15:36 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-06 15:36 - 2009-07-14 05:45 - 000022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-06 15:36 - 2009-07-14 05:45 - 000022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-06 15:36 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-02-06 15:34 - 2018-03-01 19:51 - 000000085 _____ C:\Windows\Wininit.ini
2019-02-06 15:34 - 2016-10-31 21:23 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-02-06 15:33 - 2016-12-02 17:52 - 000000000 ____D C:\Users\m\AppData\LocalLow\Mozilla
2019-02-06 15:33 - 2016-10-31 21:23 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-02-06 15:31 - 2018-11-25 20:06 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-02-06 15:31 - 2017-11-12 18:47 - 000000000 ___RD C:\Users\m\iCloudDrive
2019-02-06 15:31 - 2017-01-31 22:23 - 000000000 ____D C:\Users\m\AppData\Local\Free Download Manager
2019-02-06 15:30 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-06 14:13 - 2016-10-28 09:53 - 000000000 ____D C:\Users\m\AppData\LocalLow\Temp
2019-02-06 12:54 - 2015-03-26 09:00 - 000000000 ____D C:\Users\m\Documents\bordel plocha
2019-02-06 11:38 - 2016-10-02 08:57 - 000056908 _____ C:\Users\m\Downloads\FRST.txt
2019-02-06 11:38 - 2015-09-14 12:42 - 000068343 _____ C:\Users\m\Downloads\Addition.txt
2019-02-06 11:29 - 2015-12-15 18:37 - 000000000 ____D C:\Program Files\trend micro
2019-02-06 11:17 - 2017-05-06 09:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-02-06 11:17 - 2014-11-07 20:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-06 11:12 - 2015-12-15 20:40 - 000000000 ____D C:\AdwCleaner
2019-02-06 11:12 - 2014-11-13 18:57 - 000000000 ____D C:\Users\m\AppData\Roaming\IObit
2019-02-06 11:12 - 2014-11-13 18:57 - 000000000 ____D C:\Users\m\AppData\LocalLow\IObit
2019-02-06 11:12 - 2014-11-13 18:57 - 000000000 ____D C:\ProgramData\IObit
2019-02-06 10:21 - 2014-11-07 20:43 - 000000000 ____D C:\ProgramData\Mozilla
2019-02-06 10:20 - 2015-05-13 19:01 - 000000000 ____D C:\Users\m\AppData\Local\CrashDumps
2019-02-06 10:19 - 2014-11-07 20:43 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-02-06 10:19 - 2014-11-07 20:43 - 000001147 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-02-06 10:03 - 2017-05-15 19:53 - 006980216 _____ (ESET spol. s r.o.) C:\Users\m\Downloads\esetonlinescanner_csy.exe
2019-02-05 17:57 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2019-02-05 13:46 - 2014-11-07 21:06 - 000000000 ____D C:\Program Files\CCleaner
2019-02-05 08:31 - 2017-03-03 08:11 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-02-04 18:44 - 2017-08-30 12:45 - 000000000 ____D C:\Windows\AutoKMS
2019-02-04 18:43 - 2016-07-07 18:52 - 000151552 _____ C:\Windows\KMSEmulator.exe
2019-02-04 12:44 - 2018-03-17 10:47 - 000004512 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-02-04 12:44 - 2018-03-07 10:17 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-02-04 12:44 - 2017-11-12 18:46 - 000003404 _____ C:\Windows\System32\Tasks\Apple Diagnostics
2019-02-04 12:44 - 2017-05-15 13:58 - 000003380 _____ C:\Windows\System32\Tasks\WinZip Update Notifier
2019-02-04 12:44 - 2015-12-15 11:34 - 000004500 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-02-04 12:44 - 2015-12-15 11:33 - 000003838 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1415390993
2019-02-04 12:44 - 2015-12-03 18:40 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-02-04 12:44 - 2015-06-24 10:31 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-02-04 12:44 - 2015-05-28 12:27 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-02-04 12:44 - 2015-05-10 22:25 - 000003282 _____ C:\Windows\System32\Tasks\SoftwareInformerService
2019-02-04 12:44 - 2014-11-07 21:06 - 000002764 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-02-04 12:44 - 2014-11-05 07:39 - 000003520 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2019-02-04 10:33 - 2018-08-31 08:28 - 000001306 _____ C:\Users\Public\Desktop\Skype.lnk
2019-02-04 10:33 - 2018-08-31 08:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-01-30 09:33 - 2016-02-09 18:55 - 000000000 ____D C:\Users\m\scany
2019-01-29 21:14 - 2014-11-04 21:23 - 000000000 ____D C:\Users\UpdatusUser
2019-01-21 11:03 - 2017-11-12 18:47 - 000000000 ____D C:\Users\m\AppData\Local\C55D15D0-4E46-4797-82FF-7B3F63036861.aplzod
2019-01-21 11:02 - 2014-11-11 11:45 - 000000000 ____D C:\Users\m\AppData\Local\Apple Computer
2019-01-21 10:55 - 2016-10-02 18:09 - 000166792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-17 09:24 - 2017-11-21 08:38 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-17 09:24 - 2017-10-17 11:13 - 000239808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-17 09:24 - 2016-10-02 18:09 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-17 09:23 - 2018-10-23 08:08 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-17 09:23 - 2016-10-02 18:09 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-01-16 15:06 - 2018-04-23 20:56 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-01-15 09:37 - 2018-04-23 20:54 - 000000000 ____D C:\Users\m\AppData\Local\AVAST Software
2019-01-13 20:00 - 2015-01-04 19:47 - 000000000 ____D C:\ProgramData\CanonIJPLM
2019-01-11 09:19 - 2017-10-04 15:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2019-01-10 05:00 - 2018-12-23 19:37 - 000000000 ____D C:\Program Files (x86)\iTV
2019-01-09 12:30 - 2014-11-07 20:49 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-01-09 12:30 - 2014-11-07 20:49 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-09 12:30 - 2014-11-07 20:49 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-01-09 12:30 - 2014-11-07 20:49 - 000000000 ____D C:\Windows\system32\Macromed
2019-01-08 23:36 - 2018-12-29 09:26 - 000016075 _____ C:\Users\m\Downloads\20181229 -Proforma invoice sent to Mirek from Czech.pdf
2019-01-08 23:29 - 2018-12-05 13:31 - 000027136 _____ C:\Users\m\Downloads\PROFORMA INVOICE to Mirek CZ-M-12052018.xls
2019-01-08 21:20 - 2018-07-02 13:15 - 000001312 _____ C:\Users\m\Desktop\Gisen 07.2018.xls.lnk
==================== Files in the root of some directories =======
2015-10-21 19:28 - 2015-08-27 15:48 - 000444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2015-11-25 16:08 - 2019-02-06 13:02 - 000262123 _____ () C:\Users\m\AppData\Roaming\Error.log
2016-02-07 19:34 - 2016-02-07 19:34 - 000000017 _____ () C:\Users\m\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2019-02-03 17:28
==================== End of FRST.txt ============================
Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout
Uz tu, prosim nedavajte nic, az kym vam nepoviem, lebo som zmeteny.
Chodte do nudzoveho rezimu.
Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Chodte do nudzoveho rezimu.
Do poznamkoveho bloku skopirujte obsah dole:
Kód: Vybrat vše
CloseProcesses:
C:\windows\kmsemulator.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\MountPoints2: {5903b727-1677-11e5-9201-68942328a459} - F:\laucher.exe
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\MountPoints2: {ea5a313e-4ed1-11e7-a479-68942328a45a} - F:\HiSuiteDownLoader.exe
ShortcutTarget: SPDriverInstall.lnk -> C:\Program Files\MediaTek\SP Driver\SPDriverInstall (No File)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction ? <==== ATTENTION
FirewallRules: [TCP Query User{5D9B9FA3-7AD0-4229-8BE6-48C8E5CB7BF6}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe ()
FirewallRules: [UDP Query User{1ED373B2-C8AF-40B9-B6E4-31FC4A6CDF43}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe ()
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout
Fix result of Farbar Recovery Scan Tool (x64) Version: 4.02.2019
Ran by m (06-02-2019 16:20:36) Run:3
Running from C:\Users\m\Desktop
Loaded Profiles: m (Available Profiles: m & UpdatusUser)
Boot Mode: Safe Mode (with Networking)
==============================================
fixlist content:
*****************
CloseProcesses:
C:\windows\kmsemulator.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\MountPoints2: {5903b727-1677-11e5-9201-68942328a459} - F:\laucher.exe
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\MountPoints2: {ea5a313e-4ed1-11e7-a479-68942328a45a} - F:\HiSuiteDownLoader.exe
ShortcutTarget: SPDriverInstall.lnk -> C:\Program Files\MediaTek\SP Driver\SPDriverInstall (No File)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction ? <==== ATTENTION
FirewallRules: [TCP Query User{5D9B9FA3-7AD0-4229-8BE6-48C8E5CB7BF6}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe ()
FirewallRules: [UDP Query User{1ED373B2-C8AF-40B9-B6E4-31FC4A6CDF43}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe ()
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
*****************
Processes closed successfully.
C:\windows\kmsemulator.exe => moved successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-437069544-115546471-2938306295-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5903b727-1677-11e5-9201-68942328a459} => removed successfully
HKLM\Software\Classes\CLSID\{5903b727-1677-11e5-9201-68942328a459} => not found
HKU\S-1-5-21-437069544-115546471-2938306295-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea5a313e-4ed1-11e7-a479-68942328a45a} => removed successfully
HKLM\Software\Classes\CLSID\{ea5a313e-4ed1-11e7-a479-68942328a45a} => not found
"C:\Program Files\MediaTek\SP Driver\SPDriverInstall" => not found
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5D9B9FA3-7AD0-4229-8BE6-48C8E5CB7BF6}C:\windows\kmsemulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1ED373B2-C8AF-40B9-B6E4-31FC4A6CDF43}C:\windows\kmsemulator.exe" => removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SDTray => removed successfully
The system needed a reboot.
==== End of Fixlog 16:20:39 ====
Ran by m (06-02-2019 16:20:36) Run:3
Running from C:\Users\m\Desktop
Loaded Profiles: m (Available Profiles: m & UpdatusUser)
Boot Mode: Safe Mode (with Networking)
==============================================
fixlist content:
*****************
CloseProcesses:
C:\windows\kmsemulator.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\MountPoints2: {5903b727-1677-11e5-9201-68942328a459} - F:\laucher.exe
HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\MountPoints2: {ea5a313e-4ed1-11e7-a479-68942328a45a} - F:\HiSuiteDownLoader.exe
ShortcutTarget: SPDriverInstall.lnk -> C:\Program Files\MediaTek\SP Driver\SPDriverInstall (No File)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction ? <==== ATTENTION
FirewallRules: [TCP Query User{5D9B9FA3-7AD0-4229-8BE6-48C8E5CB7BF6}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe ()
FirewallRules: [UDP Query User{1ED373B2-C8AF-40B9-B6E4-31FC4A6CDF43}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe ()
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
*****************
Processes closed successfully.
C:\windows\kmsemulator.exe => moved successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-437069544-115546471-2938306295-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5903b727-1677-11e5-9201-68942328a459} => removed successfully
HKLM\Software\Classes\CLSID\{5903b727-1677-11e5-9201-68942328a459} => not found
HKU\S-1-5-21-437069544-115546471-2938306295-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea5a313e-4ed1-11e7-a479-68942328a45a} => removed successfully
HKLM\Software\Classes\CLSID\{ea5a313e-4ed1-11e7-a479-68942328a45a} => not found
"C:\Program Files\MediaTek\SP Driver\SPDriverInstall" => not found
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5D9B9FA3-7AD0-4229-8BE6-48C8E5CB7BF6}C:\windows\kmsemulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1ED373B2-C8AF-40B9-B6E4-31FC4A6CDF43}C:\windows\kmsemulator.exe" => removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SDTray => removed successfully
The system needed a reboot.
==== End of Fixlog 16:20:39 ====
Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout
odinstalujte Spybot
hodte sem vysledok testu, otestujte subor a po skene sem vlozte url.
C:\Windows\System32\DRIVERS\ser2at64.sys
hodte sem vysledok testu, otestujte subor a po skene sem vlozte url.
C:\Windows\System32\DRIVERS\ser2at64.sys
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout
Spybot již nikde nevidím a hlasilo to, že je odinstalovaný
Basic Properties
MD5
1e687394129b3c579ddfb64c270c5a83
SHA-1
7ccb6ab124b71a6601c24c1f94a92760917beca2
Authentihash
7cab52769db42c46dcda9033ff61d5b37110b74ffdf8b9af110b785d4ae6b902
Imphash
eca39b746a653804c49484d6f6a9521d
File Type
Win32 EXE
Magic
PE32+ executable for MS Windows (native) Mono/.Net assembly
SSDeep
3072:BkGDNPAB8lXKIRNxGydEdqyheDgnUBK9wAYyp5SZDwN5qCJZr:GGdrIIRNxdi9
TRiD
OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
File Size
164 KB
Basic Properties
MD5
1e687394129b3c579ddfb64c270c5a83
SHA-1
7ccb6ab124b71a6601c24c1f94a92760917beca2
Authentihash
7cab52769db42c46dcda9033ff61d5b37110b74ffdf8b9af110b785d4ae6b902
Imphash
eca39b746a653804c49484d6f6a9521d
File Type
Win32 EXE
Magic
PE32+ executable for MS Windows (native) Mono/.Net assembly
SSDeep
3072:BkGDNPAB8lXKIRNxGydEdqyheDgnUBK9wAYyp5SZDwN5qCJZr:GGdrIIRNxdi9
TRiD
OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
File Size
164 KB
Re: Prosím o kontrolu záseky systému, kolečko nejde vypnout
Uploadnite ten subor na havetarnu - odkaz v mojom podpise.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Přispějete na provoz fóra?