Právě je 20 črc 2019 00:58

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina




Odeslat nové téma Odpovědět na téma  [ Příspěvků: 24 ]  Přejít na stránku 1, 2  Další
Autor Zpráva
 Předmět příspěvku: blue windows
PříspěvekNapsal: 11 úno 2019 22:05 
Offline
Návštěvník
Návštěvník

Registrován: 19 led 2018 22:31
Příspěvky: 18
Nazdar borci, jen při hraní GTA 5 mi naskočí blue windows (viz obrázek - https://uloz.to/!l17glH1IloXH/1-jpg) a systém se restartuje. Celkem problém když dokončujete dlouhou misi a před koncem mise se vám restaruje pc. Podotýkám, že vše je origo jak GTA 5 tak Win.

Díky za každou RADU


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: blue windows
PříspěvekNapsal: 12 úno 2019 06:30 
Offline
Rádce
Rádce
Uživatelský avatar

Registrován: 27 dub 2008 10:34
Příspěvky: 1678
Nie sme herne forum.

Ak to robi len pri tejto hre, moze ist o pretazenie CPU.

Skuste toto: https://www.tenforums.com/tutorials/690 ... -10-a.html
konkretne OPTION ONE

Ked budete pri tomto okienku: https://www.tenforums.com/attachments/t ... tart-2.png

tak odciarknite ten chlievik Automatically Restart.

_________________
¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: blue windows
PříspěvekNapsal: 12 úno 2019 15:25 
Offline
Návštěvník
Návštěvník

Registrován: 19 led 2018 22:31
Příspěvky: 18
Děkuji za odpověď. Už to řeším na hracím foru - čekám na odpověď. I tak poprosím o kontrolu logu. Pokud mám požadavek přesunout do jiné sekce stačí říct. Ve všem vyhovím.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.02.2019 01
Ran by Atari (administrator) on ATARI-PC (12-02-2019 15:23:02)
Running from F:\stažené
Loaded Profiles: Atari (Available Profiles: Atari)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\DELL\Dell Laser Printer 1110\LocalSM\jbDetect.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Users\Atari\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Atari\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AMD) C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(AMD) C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Dell Laser Printer 1110 SM_JB] => C:\Program Files (x86)\DELL\Dell Laser Printer 1110\LocalSM\jbDetect.exe [222448 2009-08-21] (Dell Inc. -> )
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19554936 2018-11-28] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Atari\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Atari\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\...\MountPoints2: {4275f2f7-08bc-11e8-a5ef-e03f4986cf50} - H:\Lenovo_Suite.exe
HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\...\MountPoints2: {a54588ce-fd53-11e7-92d4-806e6f6e6963} - G:\Bin\ASSETUP.exe
HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\...\MountPoints2: {d3c562d4-fd57-11e7-a57b-806e6f6e6963} - G:\Setup.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-27] (Google Inc -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{218B770E-D2F9-4ADE-80CE-05FB52A2B68F}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-4066017516-2149753528-1773050109-1000 -> {1FB0EA19-0358-4CA8-9DA0-975EA9C0EF68} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4066017516-2149753528-1773050109-1000 -> {259C1EA4-1866-415B-81CC-B4665A424B59} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4066017516-2149753528-1773050109-1000 -> {2D653AF0-AC66-408A-9A8D-353E7234B3F1} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4066017516-2149753528-1773050109-1000 -> {322203C9-31C6-4459-A147-96FD73BD58F3} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4066017516-2149753528-1773050109-1000 -> {6A80711B-02DB-4C13-A2A3-A6F4F18C983C} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4066017516-2149753528-1773050109-1000 -> {BC2871AA-A465-4E7A-9513-568359BEA0E1} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4066017516-2149753528-1773050109-1000 -> {CAF9507C-76C4-4FE1-A242-DA68414011E7} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4066017516-2149753528-1773050109-1000 -> {D67844AF-C1E4-4296-BC12-5FA248FC122C} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4066017516-2149753528-1773050109-1000 -> {E2E52D39-875F-4FEB-B5E9-A4A22EB2FF31} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 2h739zmo.default
FF ProfilePath: C:\Users\Atari\AppData\Roaming\Mozilla\Firefox\Profiles\2h739zmo.default [2019-02-12]
FF Homepage: Mozilla\Firefox\Profiles\2h739zmo.default -> seznam.cz
FF NewTabOverride: Mozilla\Firefox\Profiles\2h739zmo.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Avast Passwords) - C:\Users\Atari\AppData\Roaming\Mozilla\Firefox\Profiles\2h739zmo.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2019-01-12]
FF Extension: (Seznam doplněk - Esko) - C:\Users\Atari\AppData\Roaming\Mozilla\Firefox\Profiles\2h739zmo.default\Extensions\sko-extension@firma.seznam.cz.xpi [2018-11-25]
FF Extension: (Avast SafePrice) - C:\Users\Atari\AppData\Roaming\Mozilla\Firefox\Profiles\2h739zmo.default\Extensions\sp@avast.com.xpi [2018-06-21]
FF Extension: (Avast Online Security) - C:\Users\Atari\AppData\Roaming\Mozilla\Firefox\Profiles\2h739zmo.default\Extensions\wrc@avast.com.xpi [2019-01-30]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\Atari\AppData\Roaming\Mozilla\Firefox\Profiles\2h739zmo.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2018-04-27]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> "active": true,
"entry": "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"

CHR Profile: C:\Users\Atari\AppData\Local\Google\Chrome\User Data\Default [2019-02-11]
CHR Extension: (Norton Security Toolbar) - C:\Users\Atari\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2018-09-29]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Atari\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-09-30]
CHR Extension: (Adobe Acrobat) - C:\Users\Atari\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-09-30]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Atari\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-09-30]
CHR Extension: (Avast Online Security) - C:\Users\Atari\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Atari\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-29]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Atari\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-09-30]
CHR Extension: (Chrome Media Router) - C:\Users\Atari\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-30]
CHR HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [499080 2019-01-23] (Advanced Micro Devices, Inc. -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-11-01] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R2 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe [43008 2019-01-22] (AMD) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [367728 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdhub30; C:\Windows\System32\DRIVERS\amdhub30.sys [106816 2013-05-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [52797832 2019-01-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [579976 2019-01-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdxhc; C:\Windows\System32\DRIVERS\amdxhc.sys [237416 2018-12-29] (Advanced Micro Devices Inc. -> Advanced Micro Devices, INC.)
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [82240 2013-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [42304 2013-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\Performance Profile Client\amd64\AODDriver2.sys [60104 2015-02-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [223056 2019-01-15] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166792 2019-01-19] (AVAST Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2018-10-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [512048 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [104840 2018-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 cpuz143; C:\Windows\temp\cpuz143\cpuz143_x64.sys [48960 2019-02-11] (CPUID -> CPUID)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-12-29] (Martin Malik - REALiX -> REALiX(tm))
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscRegistryFilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-12 15:22 - 2019-02-12 15:23 - 000000000 ____D C:\FRST
2019-02-11 21:56 - 2019-02-11 21:57 - 000834254 _____ C:\Users\Atari\Desktop\Bez názvu.bmp
2019-02-11 21:34 - 2019-02-11 21:34 - 917434233 _____ C:\Windows\MEMORY.DMP
2019-02-11 21:34 - 2019-02-11 21:34 - 000280312 _____ C:\Windows\Minidump\021119-13072-01.dmp
2019-02-11 17:22 - 2019-02-11 21:34 - 000000000 ____D C:\Windows\Minidump
2019-02-06 09:52 - 2019-02-06 09:52 - 000000000 ____D C:\ProgramData\Mozilla
2019-02-03 16:48 - 2019-02-12 15:02 - 000003102 _____ C:\Windows\System32\Tasks\AMDLinkUpdate
2019-02-03 16:48 - 2019-02-11 21:34 - 000003290 _____ C:\Windows\System32\Tasks\StartCNBM
2019-02-03 16:48 - 2019-02-11 21:34 - 000003146 _____ C:\Windows\System32\Tasks\StartCN
2019-02-03 16:48 - 2019-02-11 21:34 - 000003116 _____ C:\Windows\System32\Tasks\ModifyLinkUpdate
2019-02-03 16:48 - 2019-02-03 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2019-02-03 16:48 - 2019-02-03 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\##ID_STRING16##
2019-02-03 16:23 - 2019-02-03 16:23 - 026485000 _____ (AMD Inc.) C:\Users\Atari\Downloads\radeon-software-adrenalin-2019-19.1.2-minimalsetup-190124_64bit.exe
2019-01-23 02:02 - 2019-01-23 02:02 - 056423816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2019-01-23 02:02 - 2019-01-23 02:02 - 000331656 _____ C:\Windows\system32\clinfo.exe
2019-01-23 02:02 - 2019-01-23 02:02 - 000168328 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-01-23 02:02 - 2019-01-23 02:02 - 000144776 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-01-23 02:01 - 2019-01-23 02:01 - 046296456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2019-01-23 02:01 - 2019-01-23 02:01 - 026476936 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2019-01-23 02:01 - 2019-01-23 02:01 - 021245832 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2019-01-23 01:59 - 2019-01-23 01:59 - 001578376 _____ (AMD) C:\Windows\system32\coinst_18.50.dll
2019-01-23 01:58 - 2019-01-23 01:58 - 021582216 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2019-01-23 01:58 - 2019-01-23 01:58 - 018369928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2019-01-23 01:58 - 2019-01-23 01:58 - 003726216 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2019-01-23 01:58 - 2019-01-23 01:58 - 003354504 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2019-01-23 01:58 - 2019-01-23 01:58 - 000543624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2019-01-23 01:58 - 2019-01-23 01:58 - 000373640 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2019-01-23 01:56 - 2019-01-23 01:56 - 032465288 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2019-01-23 01:51 - 2019-01-23 01:51 - 012248440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2019-01-23 01:51 - 2019-01-23 01:51 - 000178872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2019-01-23 01:51 - 2019-01-23 01:51 - 000156440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amduve64.dll
2019-01-23 01:51 - 2019-01-23 01:51 - 000156200 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2019-01-23 01:51 - 2019-01-23 01:51 - 000149384 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2019-01-23 01:51 - 2019-01-23 01:51 - 000134280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amduve32.dll
2019-01-23 01:51 - 2019-01-23 01:51 - 000123240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2019-01-23 01:51 - 2019-01-23 01:51 - 000117072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2019-01-23 01:51 - 2019-01-23 01:51 - 000117072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2019-01-23 01:51 - 2019-01-23 01:51 - 000108296 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2019-01-23 01:51 - 2019-01-23 01:51 - 000096424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2019-01-23 01:51 - 2019-01-23 01:51 - 000096424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2019-01-23 01:50 - 2019-01-23 01:50 - 052797832 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2019-01-23 01:50 - 2019-01-23 01:50 - 017202056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2019-01-23 01:50 - 2019-01-23 01:50 - 014903688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2019-01-23 01:50 - 2019-01-23 01:50 - 000139144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2019-01-23 01:50 - 2019-01-23 01:50 - 000126344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2019-01-23 01:50 - 2019-01-23 01:50 - 000117128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2019-01-23 01:50 - 2019-01-23 01:50 - 000060296 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2019-01-23 01:45 - 2019-01-23 01:45 - 014170896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2019-01-23 01:44 - 2019-01-23 01:44 - 015761288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2019-01-23 01:44 - 2019-01-23 01:44 - 013332360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2019-01-23 01:44 - 2019-01-23 01:44 - 001572408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2019-01-23 01:44 - 2019-01-23 01:44 - 000561544 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2019-01-23 01:44 - 2019-01-23 01:44 - 000472456 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2019-01-23 01:44 - 2019-01-23 01:44 - 000349064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2019-01-23 01:44 - 2019-01-23 01:44 - 000174472 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2019-01-23 01:44 - 2019-01-23 01:44 - 000153480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2019-01-23 01:44 - 2019-01-23 01:44 - 000142728 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2019-01-23 01:44 - 2019-01-23 01:44 - 000128392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2019-01-23 01:44 - 2019-01-23 01:44 - 000067464 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2019-01-23 01:44 - 2019-01-23 01:44 - 000036744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2019-01-23 01:44 - 2019-01-23 01:44 - 000033672 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2019-01-23 01:43 - 2019-01-23 01:43 - 000913288 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2019-01-23 01:43 - 2019-01-23 01:43 - 000743304 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2019-01-23 01:33 - 2019-01-23 01:33 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2019-01-23 01:32 - 2019-01-23 01:32 - 011063352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2019-01-23 01:32 - 2019-01-23 01:32 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2019-01-23 01:32 - 2019-01-23 01:32 - 000483208 _____ C:\Windows\system32\dgtrayicon.exe
2019-01-23 01:32 - 2019-01-23 01:32 - 000470920 _____ C:\Windows\system32\GameManager64.dll
2019-01-23 01:32 - 2019-01-23 01:32 - 000373128 _____ C:\Windows\SysWOW64\GameManager32.dll
2019-01-23 01:32 - 2019-01-23 01:32 - 000172656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2019-01-23 01:32 - 2019-01-23 01:32 - 000155176 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2019-01-23 01:32 - 2019-01-23 01:32 - 000009936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2019-01-23 01:32 - 2019-01-23 01:32 - 000009936 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2019-01-23 01:31 - 2019-01-23 01:31 - 001201544 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2019-01-23 01:31 - 2019-01-23 01:31 - 000748424 _____ (AMD) C:\Windows\system32\atieclxx.exe
2019-01-23 01:31 - 2019-01-23 01:31 - 000579976 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2019-01-23 01:31 - 2019-01-23 01:31 - 000499080 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2019-01-23 01:31 - 2019-01-23 01:31 - 000493448 _____ (AMD) C:\Windows\system32\atitmm64.dll
2019-01-23 01:31 - 2019-01-23 01:31 - 000458632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2019-01-23 01:31 - 2019-01-23 01:31 - 000430472 _____ C:\Windows\system32\atieah64.exe
2019-01-23 01:31 - 2019-01-23 01:31 - 000343944 _____ C:\Windows\SysWOW64\atieah32.exe
2019-01-23 01:31 - 2019-01-23 01:31 - 000202120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2019-01-23 01:31 - 2019-01-23 01:31 - 000135048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2019-01-23 01:31 - 2019-01-23 01:31 - 000135048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2019-01-23 01:31 - 2019-01-23 01:31 - 000115592 _____ (AMD) C:\Windows\system32\atimuixx.dll
2019-01-23 01:30 - 2019-01-23 01:30 - 000464776 _____ C:\Windows\system32\amdgfxinfo64.dll
2019-01-23 01:30 - 2019-01-23 01:30 - 000373128 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2019-01-23 01:30 - 2019-01-23 01:30 - 000223624 _____ C:\Windows\system32\Drivers\amdacpksd.sys
2019-01-23 01:21 - 2019-01-23 01:21 - 000906744 _____ C:\Windows\SysWOW64\atiapfxx.blb
2019-01-23 01:21 - 2019-01-23 01:21 - 000906744 _____ C:\Windows\system32\atiapfxx.blb
2019-01-22 19:47 - 2019-01-22 19:47 - 000173432 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2019-01-22 19:47 - 2019-01-22 19:47 - 000145104 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2019-01-15 19:21 - 2019-01-15 19:21 - 000223056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-14 10:42 - 2019-01-14 10:42 - 001056020 _____ C:\Windows\system32\amdicdxx.dat

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-12 15:15 - 2009-07-14 05:45 - 000022736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-12 15:15 - 2009-07-14 05:45 - 000022736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-12 15:13 - 2018-01-27 12:58 - 000000000 ____D C:\Users\Atari\AppData\Local\Adobe
2019-02-12 15:12 - 2018-10-02 16:00 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-02-12 15:12 - 2018-10-02 16:00 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-12 15:12 - 2018-10-02 16:00 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-02-12 15:12 - 2018-10-02 16:00 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-02-12 15:12 - 2018-10-02 16:00 - 000000000 ____D C:\Windows\system32\Macromed
2019-02-12 15:08 - 2018-09-29 20:05 - 000000000 ____D C:\Users\Atari\AppData\Roaming\Seznam.cz
2019-02-12 15:06 - 2011-04-12 09:34 - 000668542 _____ C:\Windows\system32\perfh005.dat
2019-02-12 15:06 - 2011-04-12 09:34 - 000141202 _____ C:\Windows\system32\perfc005.dat
2019-02-12 15:06 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-12 15:06 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-02-12 15:04 - 2018-01-21 18:18 - 000000000 ____D C:\Users\Atari\AppData\Local\AVAST Software
2019-02-12 15:03 - 2018-02-03 09:33 - 000000000 ____D C:\Users\Atari\AppData\LocalLow\Mozilla
2019-02-12 15:02 - 2018-02-17 18:45 - 000000200 _____ C:\Windows\Tasks\AutoKMS.job
2019-02-12 15:02 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-11 22:16 - 2018-01-19 22:08 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-02-11 21:34 - 2018-12-18 11:09 - 000003168 _____ C:\Windows\System32\Tasks\SmartDefrag_AutoAnalyze
2019-02-11 21:34 - 2018-10-02 11:20 - 000003550 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-Atari-PC-Atari
2019-02-11 21:34 - 2018-06-19 21:26 - 000003502 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Atari-PC-Atari
2019-02-11 21:34 - 2018-01-27 13:42 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-02-11 21:34 - 2018-01-20 19:57 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-02-11 21:34 - 2018-01-20 19:57 - 000002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-02-11 21:34 - 2018-01-19 21:26 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-02-11 21:34 - 2018-01-19 21:26 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-02-11 20:35 - 2018-02-17 13:28 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-02-11 20:27 - 2018-12-18 11:09 - 000000000 ____D C:\Program Files (x86)\IObit
2019-02-11 10:43 - 2015-09-13 18:11 - 000000000 ___RD C:\Users\Atari\Desktop\Alda
2019-02-08 12:55 - 2018-05-15 10:21 - 000000000 ____D C:\Users\Atari\AppData\Local\CrashDumps
2019-02-06 21:26 - 2018-01-28 18:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-02-06 21:26 - 2018-01-19 21:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-06 09:50 - 2018-01-20 19:57 - 000000000 ____D C:\Program Files\CCleaner
2019-02-05 09:33 - 2018-12-18 11:09 - 000000000 ____D C:\ProgramData\ProductData
2019-02-04 09:33 - 2018-01-19 22:09 - 000000000 ____D C:\Users\Atari\AppData\Local\AMD
2019-02-04 09:28 - 2018-01-19 22:20 - 000109752 _____ C:\Users\Atari\AppData\Local\GDIPFONTCACHEV1.DAT
2019-02-04 09:27 - 2009-07-14 05:45 - 000409696 _____ C:\Windows\system32\FNTCACHE.DAT
2019-02-03 16:48 - 2018-09-30 07:48 - 000000000 ____D C:\Program Files (x86)\AMD
2019-02-03 16:48 - 2018-01-19 21:51 - 000000000 ____D C:\Program Files\AMD
2019-02-03 16:45 - 2018-07-17 09:10 - 000000000 ____D C:\Users\Atari\AppData\LocalLow\AMD
2019-02-03 16:45 - 2018-01-19 22:04 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2019-02-03 16:24 - 2018-06-28 11:19 - 000000060 _____ C:\ProgramData\SoftwareUpdateTemp.xml
2019-02-03 16:23 - 2018-01-19 21:50 - 000000000 ____D C:\AMD
2019-01-30 17:24 - 2018-01-19 22:11 - 000000000 ___RD C:\Users\Atari\Desktop\koš
2019-01-23 01:56 - 2017-11-28 02:01 - 039765896 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2019-01-23 01:51 - 2018-11-08 00:46 - 012883432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2019-01-23 01:45 - 2017-11-28 02:05 - 016992560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2019-01-23 01:44 - 2017-11-28 02:05 - 001932456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2019-01-23 01:32 - 2018-11-08 00:30 - 013733664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2019-01-23 01:32 - 2018-11-08 00:30 - 000190696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2019-01-23 01:32 - 2017-11-28 02:05 - 000206664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2019-01-23 01:31 - 2018-11-08 00:29 - 001201544 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2019-01-23 01:31 - 2017-11-28 02:04 - 000230792 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2019-01-23 01:31 - 2017-11-28 02:04 - 000159624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2019-01-23 01:31 - 2017-11-28 02:03 - 001653128 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2019-01-19 10:09 - 2018-01-21 18:07 - 000166792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-16 10:19 - 2018-12-18 11:09 - 000000000 ____D C:\ProgramData\IObit
2019-01-13 11:32 - 2018-08-23 10:43 - 000000000 ____D C:\Users\Atari\Desktop\IMPORT HDD

==================== Files in the root of some directories =======

2018-03-03 11:43 - 2018-10-09 17:43 - 000005632 _____ () C:\Users\Atari\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-10-03 12:48 - 2018-10-03 12:48 - 000000000 _____ () C:\Users\Atari\AppData\Local\oobelibMkey.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-02-04 10:20

==================== End of FRST.txt ============================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.02.2019 01
Ran by Atari (12-02-2019 15:23:51)
Running from F:\stažené
Windows 7 Professional Service Pack 1 (X64) (2018-01-19 20:19:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4066017516-2149753528-1773050109-500 - Administrator - Disabled)
Atari (S-1-5-21-4066017516-2149753528-1773050109-1000 - Administrator - Enabled) => C:\Users\Atari
Guest (S-1-5-21-4066017516-2149753528-1773050109-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 17.00 beta (x64) (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov)
7-Zip 18.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1801-000001000000}) (Version: 18.01.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.1.2 - Advanced Micro Devices, Inc.)
Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.50 - Piriform)
ConverterLite 1.6.11.0 (HKLM-x32\...\ConverterLite) (Version: 1.6.11.0 - ConverterLite)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
jwDuplFiles 2.0 (HKLM-x32\...\jwDuplFiles_is1) (Version: - jw)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox 65.0 (x64 cs) (HKLM\...\Mozilla Firefox 65.0 (x64 cs)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 65.0.0.6963 - Mozilla)
Mp3 Knife 3.4 (HKLM-x32\...\Mp3 Knife_is1) (Version: - Vicky's Cool Softwares)
Odinstalace softwaru k Dell Laser Printer 1110 (HKLM-x32\...\Dell Laser Printer 1110) (Version: - DELL Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.75.827.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
Seznam Software (HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Skype verze 8.31 (HKLM-x32\...\Skype_is1) (Version: 8.31 - Skype Technologies S.A.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0-2) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4066017516-2149753528-1773050109-1000_Classes\CLSID\{F09690BD-582D-4439-B6ED-5C2545D2F424}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-01-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {14548CE6-71F1-4A0E-851C-D61EF1456B30} - \AutoKMS -> No File <==== ATTENTION
Task: {1867AE6E-D17F-40E6-A90A-436A5DE1282C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {286B3788-5B7D-4B30-A5B6-5E79D85277D1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {290D9177-592D-4F41-8B52-D9160A6CC6EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {2FCBB84A-7B64-4FE8-9079-5E80108E52D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {2FCBB84A-7B64-4FE8-9079-5E80108E52D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Flash Player Updater" /ENABLE
Task: {2FCBB84A-7B64-4FE8-9079-5E80108E52D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\AdobeAAMUpdater-1.0-Atari-PC-Atari" /ENABLE
Task: {2FCBB84A-7B64-4FE8-9079-5E80108E52D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\AdobeGCInvoker-1.0-Atari-PC-Atari" /ENABLE
Task: {2FCBB84A-7B64-4FE8-9079-5E80108E52D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\AMDLinkUpdate" /ENABLE
Task: {2FCBB84A-7B64-4FE8-9079-5E80108E52D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {2FCBB84A-7B64-4FE8-9079-5E80108E52D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {2FCBB84A-7B64-4FE8-9079-5E80108E52D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {2FCBB84A-7B64-4FE8-9079-5E80108E52D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {2FCBB84A-7B64-4FE8-9079-5E80108E52D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\ModifyLinkUpdate" /ENABLE
Task: {2FCBB84A-7B64-4FE8-9079-5E80108E52D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\SmartDefrag_AutoAnalyze" /ENABLE
Task: {2FCBB84A-7B64-4FE8-9079-5E80108E52D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\StartCN" /ENABLE
Task: {2FCBB84A-7B64-4FE8-9079-5E80108E52D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\StartCNBM" /ENABLE
Task: {2FCBB84A-7B64-4FE8-9079-5E80108E52D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {478059A3-0D19-436E-91CF-271114A1E631} - System32\Tasks\AdobeGCInvoker-1.0-Atari-PC-Atari => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {58F2C2A4-55BC-419F-B663-F197AB6F96F9} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe
Task: {5DE82C14-2BA6-4CF8-A283-DED553377478} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {7F939DDA-2EBA-476A-9808-F6C85E6C634D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A71C0D00-FD69-43AF-9C9D-069973ED02F7} - System32\Tasks\AdobeAAMUpdater-1.0-Atari-PC-Atari => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {BE77EE4B-E1EA-4177-86C0-D949588F986C} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C0ED64C9-FE8C-4489-A545-90E38B16AB14} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {C363A9FF-A61C-429C-97EE-D7FE8D2B9F73} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]
Task: {CEE613D2-CEB4-43F5-8F0D-5A81F58A5D04} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {DA1D141C-6C6F-453D-9F4C-6A40F3F49402} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]
Task: {EB85289F-7DFF-4527-B82D-CCE887822430} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {FE22576F-FBA6-48E6-9959-AB769A48F21F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2019-01-06 09:00 - 2019-01-06 09:00 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-01-06 09:00 - 2019-01-06 09:00 - 000550792 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2019-01-06 09:00 - 2019-01-06 09:00 - 001175944 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2019-01-06 09:00 - 2019-01-06 09:00 - 001967496 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2019-02-12 15:03 - 2019-02-12 15:03 - 006865040 _____ () C:\Program Files\AVAST Software\Avast\defs\19021202\algo64.dll
2018-09-29 20:06 - 2017-11-13 15:46 - 000092368 _____ () C:\Users\Atari\AppData\Roaming\Seznam.cz\bin\1789libfoxloader-x64.dll
2013-11-01 11:46 - 2013-11-01 11:46 - 000214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 000814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 003650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2018-02-04 09:31 - 2009-08-21 13:36 - 000222448 ____R () C:\Program Files (x86)\DELL\Dell Laser Printer 1110\LocalSM\jbDetect.exe
2019-01-06 09:01 - 2019-01-06 09:01 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-09-29 20:06 - 2017-11-13 15:38 - 000506064 _____ () C:\Users\Atari\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2018-09-29 20:06 - 2017-02-08 12:39 - 000080576 _____ () C:\Users\Atari\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2018-11-28 17:11 - 2018-11-28 17:11 - 000093136 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-11-13 15:58 - 2018-11-13 15:58 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-11-13 15:58 - 2018-11-13 15:58 - 002551808 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-01-22 19:25 - 2019-01-22 19:25 - 000256512 _____ () C:\Program Files\AMD\CNext\CNext\WirelessVR-windesktop64.dll
2018-03-13 03:47 - 2018-03-13 03:47 - 003109888 _____ () C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2018-03-13 03:47 - 2018-03-13 03:47 - 000912896 _____ () C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2015-02-19 00:13 - 2015-02-19 00:13 - 003650560 _____ () C:\Program Files\AMD\Performance Profile Client\Platform.dll
2015-02-19 00:13 - 2015-02-19 00:13 - 000817152 _____ () C:\Program Files\AMD\Performance Profile Client\Device.dll
2018-09-29 20:06 - 2018-02-21 10:36 - 000869584 _____ () C:\Users\Atari\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2018-09-29 20:06 - 2017-11-13 15:49 - 000085200 _____ () C:\Users\Atari\AppData\Roaming\Seznam.cz\bin\1789libfoxloader.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-01-06 08:58 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Atari\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{AF4C46CE-D313-45D4-BB51-B06DF10F6F30}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B48FFAE1-E6B2-47CF-93F2-B0C02F4C3788}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C45F0532-589C-4160-9B10-E694F176565B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C92ABE34-0F20-4057-BB09-487BECF54C33}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{68558E0E-D76B-441A-8805-0A4A4888CD1C}] => (Allow) E:\Hry\Gta5\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{9CD6981B-5ADD-4EA6-BE7E-DDEA34AE076F}] => (Allow) E:\Hry\Gta5\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{ADB596E3-F857-475B-B4CB-68BB8B2E8D93}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B01766A0-3C34-4468-86B8-A5F1A49D61F1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{57810AB9-F039-4D79-978E-4225EEF35B8B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{57AC1D7B-EB81-470D-9B69-1BA818DFCE3F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{A4AEEBD3-4B3F-40FF-9291-A140450EF979}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{AC30DE5E-B89C-4F1B-8536-917F96A3BA1D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{6AC0E9DA-6880-418D-B037-06766179F766}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{7076C5B4-4EBD-49D5-ADF9-8B0D006EB1D9}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{BA956F8F-0F22-418D-847C-87B637669C74}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

08-02-2019 10:22:49 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/12/2019 03:02:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/11/2019 09:34:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/11/2019 08:26:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/11/2019 07:07:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/11/2019 05:22:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/11/2019 04:40:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/11/2019 09:08:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/10/2019 05:52:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (02/11/2019 10:16:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD User Experience Program Launcher byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/11/2019 09:34:34 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x0000001e (0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000). Výpis byl uložen do: C:\Windows\MEMORY.DMP. ID hlášení: 021119-13072-01

Error: (02/11/2019 09:34:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:33:34, ‎11.‎2.‎2019) bylo neočekávané.

Error: (02/11/2019 08:25:44 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x0000001e (0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000). Výpis byl uložen do: C:\Windows\MEMORY.DMP. ID hlášení: 021119-12979-01

Error: (02/11/2019 08:25:42 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:24:24, ‎11.‎2.‎2019) bylo neočekávané.

Error: (02/11/2019 08:25:33 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (02/11/2019 07:07:23 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (02/11/2019 05:27:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD User Experience Program Launcher byla neočekávaně ukončena. Tento stav nastal již 1krát.


==================== Memory info ===========================

Processor: AMD A10-7700K APU with Radeon(TM) R7 Graphics
Percentage of memory in use: 50%
Total physical RAM: 8132.68 MB
Available physical RAM: 4051.93 MB
Total Virtual: 16263.49 MB
Available Virtual: 10850.97 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:32.85 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:465.76 GB) (Free:125.27 GB) NTFS
Drive e: () (Fixed) (Total:488.28 GB) (Free:403.25 GB) NTFS
Drive f: () (Fixed) (Total:337.5 GB) (Free:273.05 GB) NTFS

\\?\Volume{a54588c7-fd53-11e7-92d4-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 30E330E3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=337.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 4B4E14DD)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: blue windows
PříspěvekNapsal: 12 úno 2019 15:57 
Offline
Rádce
Rádce
Uživatelský avatar

Registrován: 27 dub 2008 10:34
Příspěvky: 1678
:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

_________________
¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: blue windows
PříspěvekNapsal: 12 úno 2019 23:02 
Offline
Návštěvník
Návštěvník

Registrován: 19 led 2018 22:31
Příspěvky: 18
# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-02-07.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-12-2019
# Duration: 00:00:02
# OS: Windows 7 Professional
# Cleaned: 19
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\Atari\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\Atari\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\Atari\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email
Deleted Seznam doplněk - Esko

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2731 octets] - [12/02/2019 22:55:31]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: blue windows
PříspěvekNapsal: 13 úno 2019 03:12 
Offline
Rádce
Rádce
Uživatelský avatar

Registrován: 27 dub 2008 10:34
Příspěvky: 1678
Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.

_________________
¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: blue windows
PříspěvekNapsal: 13 úno 2019 20:30 
Offline
Návštěvník
Návštěvník

Registrován: 19 led 2018 22:31
Příspěvky: 18
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13.02.2019
Ran by Atari (administrator) on ATARI-PC (13-02-2019 20:28:12)
Running from F:\stažené
Loaded Profiles: Atari (Available Profiles: Atari)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\DELL\Dell Laser Printer 1110\LocalSM\jbDetect.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AMD) C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(AMD) C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Dell Laser Printer 1110 SM_JB] => C:\Program Files (x86)\DELL\Dell Laser Printer 1110\LocalSM\jbDetect.exe [222448 2009-08-21] (Dell Inc. -> )
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19554936 2018-11-28] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\...\MountPoints2: {4275f2f7-08bc-11e8-a5ef-e03f4986cf50} - H:\Lenovo_Suite.exe
HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\...\MountPoints2: {a54588ce-fd53-11e7-92d4-806e6f6e6963} - G:\Bin\ASSETUP.exe
HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\...\MountPoints2: {d3c562d4-fd57-11e7-a57b-806e6f6e6963} - G:\Setup.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-27] (Google Inc -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{218B770E-D2F9-4ADE-80CE-05FB52A2B68F}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-4066017516-2149753528-1773050109-1000 -> {1FB0EA19-0358-4CA8-9DA0-975EA9C0EF68} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4066017516-2149753528-1773050109-1000 -> {259C1EA4-1866-415B-81CC-B4665A424B59} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4066017516-2149753528-1773050109-1000 -> {2D653AF0-AC66-408A-9A8D-353E7234B3F1} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4066017516-2149753528-1773050109-1000 -> {322203C9-31C6-4459-A147-96FD73BD58F3} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4066017516-2149753528-1773050109-1000 -> {6A80711B-02DB-4C13-A2A3-A6F4F18C983C} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4066017516-2149753528-1773050109-1000 -> {BC2871AA-A465-4E7A-9513-568359BEA0E1} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4066017516-2149753528-1773050109-1000 -> {CAF9507C-76C4-4FE1-A242-DA68414011E7} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4066017516-2149753528-1773050109-1000 -> {D67844AF-C1E4-4296-BC12-5FA248FC122C} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4066017516-2149753528-1773050109-1000 -> {E2E52D39-875F-4FEB-B5E9-A4A22EB2FF31} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 2h739zmo.default
FF ProfilePath: C:\Users\Atari\AppData\Roaming\Mozilla\Firefox\Profiles\2h739zmo.default [2019-02-13]
FF Homepage: Mozilla\Firefox\Profiles\2h739zmo.default -> seznam.cz
FF NewTabOverride: Mozilla\Firefox\Profiles\2h739zmo.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Avast Passwords) - C:\Users\Atari\AppData\Roaming\Mozilla\Firefox\Profiles\2h739zmo.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2019-01-12]
FF Extension: (Seznam doplněk - Esko) - C:\Users\Atari\AppData\Roaming\Mozilla\Firefox\Profiles\2h739zmo.default\Extensions\sko-extension@firma.seznam.cz.xpi [2018-11-25]
FF Extension: (Avast SafePrice) - C:\Users\Atari\AppData\Roaming\Mozilla\Firefox\Profiles\2h739zmo.default\Extensions\sp@avast.com.xpi [2018-06-21]
FF Extension: (Avast Online Security) - C:\Users\Atari\AppData\Roaming\Mozilla\Firefox\Profiles\2h739zmo.default\Extensions\wrc@avast.com.xpi [2019-01-30]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\Atari\AppData\Roaming\Mozilla\Firefox\Profiles\2h739zmo.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2018-04-27]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> "active": true,
"entry": "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"

CHR Profile: C:\Users\Atari\AppData\Local\Google\Chrome\User Data\Default [2019-02-12]
CHR Extension: (Norton Security Toolbar) - C:\Users\Atari\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2018-09-29]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Atari\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-09-30]
CHR Extension: (Adobe Acrobat) - C:\Users\Atari\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-09-30]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Atari\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-09-30]
CHR Extension: (Avast Online Security) - C:\Users\Atari\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Atari\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-29]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Atari\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-09-30]
CHR Extension: (Chrome Media Router) - C:\Users\Atari\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-30]
CHR HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [499080 2019-02-01] (Advanced Micro Devices, Inc. -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-11-01] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R2 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe [43008 2019-02-01] (AMD) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [367728 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdhub30; C:\Windows\System32\DRIVERS\amdhub30.sys [106816 2013-05-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [52799368 2019-02-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [581000 2019-02-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdxhc; C:\Windows\System32\DRIVERS\amdxhc.sys [237416 2018-12-29] (Advanced Micro Devices Inc. -> Advanced Micro Devices, INC.)
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [82240 2013-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [42304 2013-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\Performance Profile Client\amd64\AODDriver2.sys [60104 2015-02-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [223056 2019-01-15] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166792 2019-01-19] (AVAST Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2018-10-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [512048 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [104840 2018-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-12-29] (Martin Malik - REALiX -> REALiX(tm))
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscRegistryFilter.sys [X]
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-12 22:55 - 2019-02-12 23:00 - 000000000 ____D C:\AdwCleaner
2019-02-12 22:33 - 2019-02-12 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
2019-02-12 22:32 - 2019-02-12 22:32 - 000000000 ____D C:\Users\Atari\AppData\Local\Downloaded Installations
2019-02-12 19:50 - 2019-02-12 22:53 - 000003146 _____ C:\Windows\System32\Tasks\StartCN
2019-02-12 19:50 - 2019-02-12 22:53 - 000003060 _____ C:\Windows\System32\Tasks\StartDVR
2019-02-12 19:50 - 2019-02-12 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2019-02-12 19:50 - 2019-02-12 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\##ID_STRING16##
2019-02-12 19:21 - 2019-02-12 19:22 - 026470000 _____ (AMD Inc.) C:\Users\Atari\Downloads\radeon-software-adrenalin-2019-19.2.1-minimalsetup-190204_64bit.exe
2019-02-12 15:22 - 2019-02-13 20:25 - 000000000 ____D C:\FRST
2019-02-11 17:22 - 2019-02-12 23:03 - 000000000 ____D C:\Windows\Minidump
2019-02-06 09:52 - 2019-02-06 09:52 - 000000000 ____D C:\ProgramData\Mozilla
2019-02-03 16:48 - 2019-02-13 20:19 - 000003102 _____ C:\Windows\System32\Tasks\AMDLinkUpdate
2019-02-03 16:48 - 2019-02-12 22:53 - 000003290 _____ C:\Windows\System32\Tasks\StartCNBM
2019-02-03 16:48 - 2019-02-12 22:53 - 000003116 _____ C:\Windows\System32\Tasks\ModifyLinkUpdate
2019-02-03 16:23 - 2019-02-03 16:23 - 026485000 _____ (AMD Inc.) C:\Users\Atari\Downloads\radeon-software-adrenalin-2019-19.1.2-minimalsetup-190124_64bit.exe
2019-02-01 23:32 - 2019-02-01 23:32 - 003726216 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2019-02-01 23:32 - 2019-02-01 23:32 - 003354504 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2019-02-01 23:31 - 2019-02-01 23:31 - 021582216 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2019-02-01 23:31 - 2019-02-01 23:31 - 018370440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2019-02-01 23:31 - 2019-02-01 23:31 - 000543624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2019-02-01 23:31 - 2019-02-01 23:31 - 000373640 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2019-02-01 23:24 - 2019-02-01 23:24 - 000331656 _____ C:\Windows\system32\clinfo.exe
2019-02-01 23:24 - 2019-02-01 23:24 - 000168328 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-02-01 23:24 - 2019-02-01 23:24 - 000144776 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-02-01 23:23 - 2019-02-01 23:23 - 056423816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2019-02-01 23:23 - 2019-02-01 23:23 - 026476936 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2019-02-01 23:23 - 2019-02-01 23:23 - 021245832 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2019-02-01 23:22 - 2019-02-01 23:22 - 046296456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2019-02-01 23:18 - 2019-02-01 23:18 - 012252560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2019-02-01 23:18 - 2019-02-01 23:18 - 000178872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2019-02-01 23:18 - 2019-02-01 23:18 - 000156440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amduve64.dll
2019-02-01 23:18 - 2019-02-01 23:18 - 000156200 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2019-02-01 23:18 - 2019-02-01 23:18 - 000134280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amduve32.dll
2019-02-01 23:18 - 2019-02-01 23:18 - 000123240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2019-02-01 23:18 - 2019-02-01 23:18 - 000117072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2019-02-01 23:18 - 2019-02-01 23:18 - 000117072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2019-02-01 23:18 - 2019-02-01 23:18 - 000108296 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2019-02-01 23:18 - 2019-02-01 23:18 - 000096424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2019-02-01 23:18 - 2019-02-01 23:18 - 000096424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2019-02-01 23:17 - 2019-02-01 23:17 - 052799368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2019-02-01 23:17 - 2019-02-01 23:17 - 017201544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2019-02-01 23:17 - 2019-02-01 23:17 - 000149384 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2019-02-01 23:17 - 2019-02-01 23:17 - 000126344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2019-02-01 23:17 - 2019-02-01 23:17 - 000060296 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2019-02-01 23:16 - 2019-02-01 23:16 - 014903688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2019-02-01 23:16 - 2019-02-01 23:16 - 000139144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2019-02-01 23:16 - 2019-02-01 23:16 - 000117128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2019-02-01 23:13 - 2019-02-01 23:13 - 032467848 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2019-02-01 23:13 - 2019-02-01 23:13 - 014220848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2019-02-01 23:13 - 2019-02-01 23:13 - 001572920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2019-02-01 23:12 - 2019-02-01 23:12 - 015761288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2019-02-01 23:12 - 2019-02-01 23:12 - 000561544 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2019-02-01 23:12 - 2019-02-01 23:12 - 000472456 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2019-02-01 23:12 - 2019-02-01 23:12 - 000349064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2019-02-01 23:12 - 2019-02-01 23:12 - 000174472 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2019-02-01 23:12 - 2019-02-01 23:12 - 000153480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2019-02-01 23:12 - 2019-02-01 23:12 - 000142728 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2019-02-01 23:12 - 2019-02-01 23:12 - 000128392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2019-02-01 23:12 - 2019-02-01 23:12 - 000067464 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2019-02-01 23:12 - 2019-02-01 23:12 - 000036744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2019-02-01 23:12 - 2019-02-01 23:12 - 000033672 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2019-02-01 23:11 - 2019-02-01 23:11 - 013332360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2019-02-01 23:11 - 2019-02-01 23:11 - 000913288 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2019-02-01 23:11 - 2019-02-01 23:11 - 000743304 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2019-02-01 23:06 - 2019-02-01 23:06 - 011063352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2019-02-01 23:06 - 2019-02-01 23:06 - 000172656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2019-02-01 23:06 - 2019-02-01 23:06 - 000155176 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2019-02-01 23:06 - 2019-02-01 23:06 - 000009936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2019-02-01 23:06 - 2019-02-01 23:06 - 000009936 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2019-02-01 23:05 - 2019-02-01 23:05 - 000581000 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2019-02-01 23:05 - 2019-02-01 23:05 - 000499080 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2019-02-01 23:05 - 2019-02-01 23:05 - 000493448 _____ (AMD) C:\Windows\system32\atitmm64.dll
2019-02-01 23:05 - 2019-02-01 23:05 - 000483208 _____ C:\Windows\system32\dgtrayicon.exe
2019-02-01 23:05 - 2019-02-01 23:05 - 000470920 _____ C:\Windows\system32\GameManager64.dll
2019-02-01 23:05 - 2019-02-01 23:05 - 000373128 _____ C:\Windows\SysWOW64\GameManager32.dll
2019-02-01 23:05 - 2019-02-01 23:05 - 000202120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2019-02-01 23:05 - 2019-02-01 23:05 - 000135048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2019-02-01 23:05 - 2019-02-01 23:05 - 000135048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2019-02-01 23:05 - 2019-02-01 23:05 - 000115592 _____ (AMD) C:\Windows\system32\atimuixx.dll
2019-02-01 23:04 - 2019-02-01 23:04 - 001201544 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2019-02-01 23:04 - 2019-02-01 23:04 - 001201544 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2019-02-01 23:04 - 2019-02-01 23:04 - 000748424 _____ (AMD) C:\Windows\system32\atieclxx.exe
2019-02-01 23:04 - 2019-02-01 23:04 - 000464776 _____ C:\Windows\system32\amdgfxinfo64.dll
2019-02-01 23:04 - 2019-02-01 23:04 - 000458632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2019-02-01 23:04 - 2019-02-01 23:04 - 000430472 _____ C:\Windows\system32\atieah64.exe
2019-02-01 23:04 - 2019-02-01 23:04 - 000343944 _____ C:\Windows\SysWOW64\atieah32.exe
2019-02-01 23:03 - 2019-02-01 23:03 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2019-02-01 23:03 - 2019-02-01 23:03 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2019-02-01 23:03 - 2019-02-01 23:03 - 000373128 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2019-02-01 23:03 - 2019-02-01 23:03 - 000223624 _____ C:\Windows\system32\Drivers\amdacpksd.sys
2019-02-01 22:53 - 2019-02-01 22:53 - 000906872 _____ C:\Windows\SysWOW64\atiapfxx.blb
2019-02-01 22:53 - 2019-02-01 22:53 - 000906872 _____ C:\Windows\system32\atiapfxx.blb
2019-02-01 17:16 - 2019-02-01 17:16 - 000173432 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2019-02-01 17:16 - 2019-02-01 17:16 - 000145104 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2019-01-24 21:48 - 2019-01-24 21:48 - 000234032 _____ C:\Windows\system32\ativvaxy_cik_nd.dat
2019-01-24 21:46 - 2019-01-24 21:46 - 000324672 _____ C:\Windows\system32\ativvaxy_vi_nd.dat
2019-01-24 21:43 - 2019-01-24 21:43 - 000267472 _____ C:\Windows\system32\ativvaxy_FJ_nd.dat
2019-01-23 01:59 - 2019-02-01 23:32 - 001578376 _____ (AMD) C:\Windows\system32\coinst_18.50.dll
2019-01-23 01:59 - 2019-01-23 01:59 - 001578376 _____ (AMD) C:\Windows\system32\SETCF4.tmp
2019-01-23 01:03 - 2019-01-23 01:03 - 000277920 _____ C:\Windows\system32\ativvaxy_stn_nd.dat
2019-01-23 00:58 - 2019-01-23 00:58 - 000272288 _____ C:\Windows\system32\ativvaxy_cz_nd.dat
2019-01-22 23:06 - 2019-01-22 23:06 - 000379744 _____ C:\Windows\system32\ativvaxy_vg20_nd.dat
2019-01-22 23:04 - 2019-01-22 23:04 - 000377024 _____ C:\Windows\system32\ativvaxy_gl_nd.dat
2019-01-22 23:03 - 2019-01-22 23:03 - 000374560 _____ C:\Windows\system32\ativvaxy_el_nd.dat
2019-01-22 23:03 - 2019-01-22 23:03 - 000348832 _____ C:\Windows\system32\ativvaxy_rv.dat
2019-01-15 19:21 - 2019-01-15 19:21 - 000223056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-14 10:42 - 2019-01-14 10:42 - 001056020 _____ C:\Windows\system32\amdicdxx.dat

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-13 20:27 - 2018-05-15 10:21 - 000000000 ____D C:\Users\Atari\AppData\Local\CrashDumps
2019-02-13 20:24 - 2011-04-12 09:34 - 000668542 _____ C:\Windows\system32\perfh005.dat
2019-02-13 20:24 - 2011-04-12 09:34 - 000141202 _____ C:\Windows\system32\perfc005.dat
2019-02-13 20:24 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-13 20:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-02-13 20:21 - 2018-02-03 09:33 - 000000000 ____D C:\Users\Atari\AppData\LocalLow\Mozilla
2019-02-13 20:21 - 2018-01-21 18:18 - 000000000 ____D C:\Users\Atari\AppData\Local\AVAST Software
2019-02-13 20:19 - 2018-02-17 18:45 - 000000200 _____ C:\Windows\Tasks\AutoKMS.job
2019-02-13 20:19 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-12 23:12 - 2018-09-30 07:48 - 000000000 ____D C:\Program Files (x86)\AMD
2019-02-12 23:12 - 2018-01-19 22:08 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-02-12 23:09 - 2009-07-14 05:45 - 000022736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-12 23:09 - 2009-07-14 05:45 - 000022736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-12 23:00 - 2018-12-18 11:09 - 000000000 ____D C:\Users\Atari\AppData\Roaming\IObit
2019-02-12 23:00 - 2018-12-18 11:09 - 000000000 ____D C:\Users\Atari\AppData\LocalLow\IObit
2019-02-12 23:00 - 2018-12-18 11:09 - 000000000 ____D C:\ProgramData\IObit
2019-02-12 22:53 - 2018-12-18 11:09 - 000003168 _____ C:\Windows\System32\Tasks\SmartDefrag_AutoAnalyze
2019-02-12 22:53 - 2018-10-02 16:00 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-02-12 22:53 - 2018-10-02 11:20 - 000003550 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-Atari-PC-Atari
2019-02-12 22:53 - 2018-06-19 21:26 - 000003502 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Atari-PC-Atari
2019-02-12 22:53 - 2018-02-17 13:28 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-02-12 22:53 - 2018-01-27 13:42 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-02-12 22:53 - 2018-01-20 19:57 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-02-12 22:53 - 2018-01-20 19:57 - 000002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-02-12 22:53 - 2018-01-19 21:26 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-02-12 22:53 - 2018-01-19 21:26 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-02-12 22:07 - 2018-01-19 22:20 - 000109752 _____ C:\Users\Atari\AppData\Local\GDIPFONTCACHEV1.DAT
2019-02-12 19:56 - 2018-01-19 22:09 - 000000000 ____D C:\Users\Atari\AppData\Local\AMD
2019-02-12 19:52 - 2009-07-14 05:45 - 000409696 _____ C:\Windows\system32\FNTCACHE.DAT
2019-02-12 19:51 - 2018-01-19 21:51 - 000000000 ____D C:\Program Files\AMD
2019-02-12 19:48 - 2018-01-19 22:04 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2019-02-12 19:23 - 2018-06-28 11:19 - 000000060 _____ C:\ProgramData\SoftwareUpdateTemp.xml
2019-02-12 19:22 - 2018-01-19 21:50 - 000000000 ____D C:\AMD
2019-02-12 15:27 - 2018-01-19 22:11 - 000000000 ___RD C:\Users\Atari\Desktop\koš
2019-02-12 15:27 - 2015-09-13 18:11 - 000000000 ___RD C:\Users\Atari\Desktop\Alda
2019-02-12 15:13 - 2018-01-27 12:58 - 000000000 ____D C:\Users\Atari\AppData\Local\Adobe
2019-02-12 15:12 - 2018-10-02 16:00 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-02-12 15:12 - 2018-10-02 16:00 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-12 15:12 - 2018-10-02 16:00 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-02-12 15:12 - 2018-10-02 16:00 - 000000000 ____D C:\Windows\system32\Macromed
2019-02-11 20:27 - 2018-12-18 11:09 - 000000000 ____D C:\Program Files (x86)\IObit
2019-02-06 21:26 - 2018-01-28 18:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-02-06 21:26 - 2018-01-19 21:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-06 09:50 - 2018-01-20 19:57 - 000000000 ____D C:\Program Files\CCleaner
2019-02-05 09:33 - 2018-12-18 11:09 - 000000000 ____D C:\ProgramData\ProductData
2019-02-03 16:45 - 2018-07-17 09:10 - 000000000 ____D C:\Users\Atari\AppData\LocalLow\AMD
2019-02-01 23:18 - 2018-11-08 00:46 - 012887552 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2019-02-01 23:13 - 2017-11-28 02:05 - 017047168 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2019-02-01 23:13 - 2017-11-28 02:05 - 001932968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2019-02-01 23:13 - 2017-11-28 02:01 - 039767432 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2019-02-01 23:06 - 2018-11-08 00:30 - 013733664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2019-02-01 23:06 - 2018-11-08 00:30 - 000190696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2019-02-01 23:06 - 2017-11-28 02:05 - 000206664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2019-02-01 23:05 - 2017-11-28 02:04 - 000230792 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2019-02-01 23:05 - 2017-11-28 02:04 - 000159624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2019-02-01 23:04 - 2017-11-28 02:03 - 001653128 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2019-01-23 01:56 - 2017-11-28 02:01 - 039765896 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\SETCE89.tmp
2019-01-23 01:51 - 2018-11-08 00:46 - 012883432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETC96C.tmp
2019-01-23 01:45 - 2017-11-28 02:05 - 016992560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETD911.tmp
2019-01-23 01:44 - 2017-11-28 02:05 - 001932456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETEDB7.tmp
2019-01-23 01:32 - 2018-11-08 00:30 - 013733664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETC842.tmp
2019-01-23 01:32 - 2018-11-08 00:30 - 000190696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETED43.tmp
2019-01-23 01:32 - 2017-11-28 02:05 - 000206664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETED55.tmp
2019-01-23 01:31 - 2017-11-28 02:04 - 000230792 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETED66.tmp
2019-01-23 01:31 - 2017-11-28 02:04 - 000159624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETA38.tmp
2019-01-23 01:31 - 2017-11-28 02:03 - 001653128 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\SETCA0D.tmp
2019-01-19 10:09 - 2018-01-21 18:07 - 000166792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

==================== Files in the root of some directories =======

2018-03-03 11:43 - 2018-10-09 17:43 - 000005632 _____ () C:\Users\Atari\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-10-03 12:48 - 2018-10-03 12:48 - 000000000 _____ () C:\Users\Atari\AppData\Local\oobelibMkey.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-02-04 10:20

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13.02.2019
Ran by Atari (13-02-2019 20:28:49)
Running from F:\stažené
Windows 7 Professional Service Pack 1 (X64) (2018-01-19 20:19:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4066017516-2149753528-1773050109-500 - Administrator - Disabled)
Atari (S-1-5-21-4066017516-2149753528-1773050109-1000 - Administrator - Enabled) => C:\Users\Atari
Guest (S-1-5-21-4066017516-2149753528-1773050109-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 17.00 beta (x64) (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov)
7-Zip 18.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1801-000001000000}) (Version: 18.01.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
AMD OverDrive (HKLM-x32\...\{EEB605FD-C5F5-4946-90F3-D65C604A9187}) (Version: 4.3.1.0698 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.2.1 - Advanced Micro Devices, Inc.)
Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.50 - Piriform)
ConverterLite 1.6.11.0 (HKLM-x32\...\ConverterLite) (Version: 1.6.11.0 - ConverterLite)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
jwDuplFiles 2.0 (HKLM-x32\...\jwDuplFiles_is1) (Version: - jw)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox 65.0 (x64 cs) (HKLM\...\Mozilla Firefox 65.0 (x64 cs)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 65.0.0.6963 - Mozilla)
Mp3 Knife 3.4 (HKLM-x32\...\Mp3 Knife_is1) (Version: - Vicky's Cool Softwares)
Odinstalace softwaru k Dell Laser Printer 1110 (HKLM-x32\...\Dell Laser Printer 1110) (Version: - DELL Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.75.827.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
Skype verze 8.31 (HKLM-x32\...\Skype_is1) (Version: 8.31 - Skype Technologies S.A.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0-2) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4066017516-2149753528-1773050109-1000_Classes\CLSID\{F09690BD-582D-4439-B6ED-5C2545D2F424}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-02-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {14548CE6-71F1-4A0E-851C-D61EF1456B30} - \AutoKMS -> No File <==== ATTENTION
Task: {1867AE6E-D17F-40E6-A90A-436A5DE1282C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {286B3788-5B7D-4B30-A5B6-5E79D85277D1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {290D9177-592D-4F41-8B52-D9160A6CC6EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {37B2D0E1-7E0F-49BB-9D29-790A1480F9C8} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {439F1423-813F-4DA0-AC34-25F5141274E7} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {478059A3-0D19-436E-91CF-271114A1E631} - System32\Tasks\AdobeGCInvoker-1.0-Atari-PC-Atari => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {58F2C2A4-55BC-419F-B663-F197AB6F96F9} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe
Task: {5DE82C14-2BA6-4CF8-A283-DED553377478} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {62455753-6879-45BB-A37D-2A2BC85CF0BA} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {787225A0-3474-4BAE-AA57-9384B65BC0FB} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]
Task: {7F939DDA-2EBA-476A-9808-F6C85E6C634D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A71C0D00-FD69-43AF-9C9D-069973ED02F7} - System32\Tasks\AdobeAAMUpdater-1.0-Atari-PC-Atari => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C0ED64C9-FE8C-4489-A545-90E38B16AB14} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {C363A9FF-A61C-429C-97EE-D7FE8D2B9F73} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]
Task: {EB85289F-7DFF-4527-B82D-CCE887822430} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {FE22576F-FBA6-48E6-9959-AB769A48F21F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2019-01-06 09:00 - 2019-01-06 09:00 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-02-12 19:19 - 2019-02-12 19:19 - 006865040 _____ () C:\Program Files\AVAST Software\Avast\defs\19021204\algo64.dll
2019-01-06 09:00 - 2019-01-06 09:00 - 000550792 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2019-01-06 09:00 - 2019-01-06 09:00 - 001175944 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2019-01-06 09:00 - 2019-01-06 09:00 - 001967496 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2019-02-13 20:21 - 2019-02-13 20:21 - 006877328 _____ () C:\Program Files\AVAST Software\Avast\defs\19021304\algo64.dll
2013-11-01 11:46 - 2013-11-01 11:46 - 000214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 000814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 003650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2019-01-06 09:01 - 2019-01-06 09:01 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-02-04 09:31 - 2009-08-21 13:36 - 000222448 ____R () C:\Program Files (x86)\DELL\Dell Laser Printer 1110\LocalSM\jbDetect.exe
2018-11-28 17:11 - 2018-11-28 17:11 - 000093136 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-11-14 12:34 - 2018-11-14 12:34 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-11-14 12:34 - 2018-11-14 12:34 - 002551808 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-02-01 16:58 - 2019-02-01 16:58 - 000256512 _____ () C:\Program Files\AMD\CNext\CNext\WirelessVR-windesktop64.dll
2018-03-13 03:47 - 2018-03-13 03:47 - 003109888 _____ () C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2018-03-13 03:47 - 2018-03-13 03:47 - 000912896 _____ () C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2015-02-19 00:13 - 2015-02-19 00:13 - 003650560 _____ () C:\Program Files\AMD\Performance Profile Client\Platform.dll
2015-02-19 00:13 - 2015-02-19 00:13 - 000817152 _____ () C:\Program Files\AMD\Performance Profile Client\Device.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-01-06 08:58 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Atari\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{AF4C46CE-D313-45D4-BB51-B06DF10F6F30}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B48FFAE1-E6B2-47CF-93F2-B0C02F4C3788}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C45F0532-589C-4160-9B10-E694F176565B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C92ABE34-0F20-4057-BB09-487BECF54C33}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{68558E0E-D76B-441A-8805-0A4A4888CD1C}] => (Allow) E:\Hry\Gta5\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{9CD6981B-5ADD-4EA6-BE7E-DDEA34AE076F}] => (Allow) E:\Hry\Gta5\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{ADB596E3-F857-475B-B4CB-68BB8B2E8D93}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B01766A0-3C34-4468-86B8-A5F1A49D61F1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{57810AB9-F039-4D79-978E-4225EEF35B8B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{57AC1D7B-EB81-470D-9B69-1BA818DFCE3F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{A4AEEBD3-4B3F-40FF-9291-A140450EF979}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{AC30DE5E-B89C-4F1B-8536-917F96A3BA1D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{6AC0E9DA-6880-418D-B037-06766179F766}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{7076C5B4-4EBD-49D5-ADF9-8B0D006EB1D9}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{BA956F8F-0F22-418D-847C-87B637669C74}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

08-02-2019 10:22:49 Naplánovaný kontrolní bod
12-02-2019 19:24:03 Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429
12-02-2019 19:49:09 Instalace balíčku ovladače zařízení: Advanced Micro Devices, Inc. Grafické adaptéry
12-02-2019 22:33:19 Installed AMD OverDrive.
12-02-2019 22:39:00 Removed AMD OverDrive.
12-02-2019 23:11:30 Removed AMD OverDrive.

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/13/2019 08:26:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FRST64.exe, verze: 13.2.2019.1, časové razítko: 0x5c646538
Název chybujícího modulu: FRST64.exe, verze: 13.2.2019.1, časové razítko: 0x5c646538
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000026905
ID chybujícího procesu: 0xef0
Čas spuštění chybující aplikace: 0x01d4c3d1e173598f
Cesta k chybující aplikaci: F:\stažené\FRST64.exe
Cesta k chybujícímu modulu: F:\stažené\FRST64.exe
ID zprávy: 4c1147df-2fc5-11e9-b2f4-e03f4986cf50

Error: (02/13/2019 08:20:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/13/2019 08:12:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/12/2019 11:01:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/12/2019 10:38:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/12/2019 10:34:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/12/2019 10:02:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/12/2019 09:25:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (02/13/2019 08:19:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (02/13/2019 08:19:40 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (8:12:02, ‎13.‎2.‎2019) bylo neočekávané.

Error: (02/13/2019 08:12:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (02/12/2019 11:12:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD User Experience Program Launcher byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/12/2019 11:00:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD User Experience Program Launcher byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/12/2019 11:00:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (02/12/2019 11:00:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD FUEL Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/12/2019 11:00:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Software Integrity Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


==================== Memory info ===========================

Processor: AMD A10-7700K APU with Radeon(TM) R7 Graphics
Percentage of memory in use: 51%
Total physical RAM: 8132.68 MB
Available physical RAM: 3969.44 MB
Total Virtual: 16263.49 MB
Available Virtual: 11030.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:29.19 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:465.76 GB) (Free:125.27 GB) NTFS
Drive e: () (Fixed) (Total:488.28 GB) (Free:403.25 GB) NTFS
Drive f: () (Fixed) (Total:337.5 GB) (Free:273.04 GB) NTFS

\\?\Volume{a54588c7-fd53-11e7-92d4-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 30E330E3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=337.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 4B4E14DD)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: blue windows
PříspěvekNapsal: 14 úno 2019 05:03 
Offline
Rádce
Rádce
Uživatelský avatar

Registrován: 27 dub 2008 10:34
Příspěvky: 1678
Do poznamkoveho bloku skopirujte obsah dole:

Kód:
CloseProcesses:
CreateRestorePoint:

C:\Windows\AutoKMS.exe

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\...\MountPoints2: {4275f2f7-08bc-11e8-a5ef-e03f4986cf50} - H:\Lenovo_Suite.exe
HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\...\MountPoints2: {a54588ce-fd53-11e7-92d4-806e6f6e6963} - G:\Bin\ASSETUP.exe
HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\...\MountPoints2: {d3c562d4-fd57-11e7-a57b-806e6f6e6963} - G:\Setup.exe
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [X]
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscRegistryFilter.sys [X]
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys [X]
2019-02-12 23:12 - 2018-01-19 22:08 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-02-12 23:00 - 2018-12-18 11:09 - 000000000 ____D C:\ProgramData\IObit
2019-02-12 22:53 - 2018-01-19 21:26 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-02-12 22:53 - 2018-01-19 21:26 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-02-11 20:27 - 2018-12-18 11:09 - 000000000 ____D C:\Program Files (x86)\IObit
Task: {14548CE6-71F1-4A0E-851C-D61EF1456B30} - \AutoKMS -> No File <==== ATTENTION
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe



Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

_________________
¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: blue windows
PříspěvekNapsal: 14 úno 2019 20:20 
Offline
Návštěvník
Návštěvník

Registrován: 19 led 2018 22:31
Příspěvky: 18
Fix result of Farbar Recovery Scan Tool (x64) Version: 13.02.2019
Ran by Atari (14-02-2019 20:15:50) Run:1
Running from F:\stažené\FRST-OlderVersion
Loaded Profiles: Atari (Available Profiles: Atari)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

C:\Windows\AutoKMS.exe

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\...\MountPoints2: {4275f2f7-08bc-11e8-a5ef-e03f4986cf50} - H:\Lenovo_Suite.exe
HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\...\MountPoints2: {a54588ce-fd53-11e7-92d4-806e6f6e6963} - G:\Bin\ASSETUP.exe
HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\...\MountPoints2: {d3c562d4-fd57-11e7-a57b-806e6f6e6963} - G:\Setup.exe
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [X]
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscRegistryFilter.sys [X]
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys [X]
2019-02-12 23:12 - 2018-01-19 22:08 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-02-12 23:00 - 2018-12-18 11:09 - 000000000 ____D C:\ProgramData\IObit
2019-02-12 22:53 - 2018-01-19 21:26 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-02-12 22:53 - 2018-01-19 21:26 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-02-11 20:27 - 2018-12-18 11:09 - 000000000 ____D C:\Program Files (x86)\IObit
Task: {14548CE6-71F1-4A0E-851C-D61EF1456B30} - \AutoKMS -> No File <==== ATTENTION
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe

*****************

Processes closed successfully.
Restore point was successfully created.
"C:\Windows\AutoKMS.exe" => not found
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4275f2f7-08bc-11e8-a5ef-e03f4986cf50} => removed successfully
HKLM\Software\Classes\CLSID\{4275f2f7-08bc-11e8-a5ef-e03f4986cf50} => not found
HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a54588ce-fd53-11e7-92d4-806e6f6e6963} => removed successfully
HKLM\Software\Classes\CLSID\{a54588ce-fd53-11e7-92d4-806e6f6e6963} => not found
HKU\S-1-5-21-4066017516-2149753528-1773050109-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d3c562d4-fd57-11e7-a57b-806e6f6e6963} => removed successfully
HKLM\Software\Classes\CLSID\{d3c562d4-fd57-11e7-a57b-806e6f6e6963} => not found
HKLM\System\CurrentControlSet\Services\AODService => removed successfully
AODService => service removed successfully
HKLM\System\CurrentControlSet\Services\AscFileFilter => removed successfully
AscFileFilter => service removed successfully
HKLM\System\CurrentControlSet\Services\AscRegistryFilter => removed successfully
AscRegistryFilter => service removed successfully
HKLM\System\CurrentControlSet\Services\cpuz143 => removed successfully
cpuz143 => service removed successfully
C:\Windows\system32\spu_storage.bin => moved successfully
C:\ProgramData\IObit => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Program Files (x86)\IObit => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{14548CE6-71F1-4A0E-851C-D61EF1456B30}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14548CE6-71F1-4A0E-851C-D61EF1456B30}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
C:\Windows\Tasks\AutoKMS.job => moved successfully


The system needed a reboot.

==== End of Fixlog 20:16:09 ====


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: blue windows
PříspěvekNapsal: 14 úno 2019 20:25 
Offline
Rádce
Rádce
Uživatelský avatar

Registrován: 27 dub 2008 10:34
Příspěvky: 1678
Vypnite automaticke restarty podla navodu nizsie. Vykonajte navod pod oznacenim OPTION ONE a ODciarknite chlievik Automatically Reestart z obrazku: https://www.tenforums.com/attachments/t ... 8b69f0b8a7
https://www.tenforums.com/tutorials/690 ... -10-a.html

Ako je na tom pocitac?

_________________
¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: blue windows
PříspěvekNapsal: 14 úno 2019 23:48 
Offline
Návštěvník
Návštěvník

Registrován: 19 led 2018 22:31
Příspěvky: 18
Pc je na tom takto - dnes jsem hrál GTA 5 na plné rozlišení a po 3 hodinách opět ta samá chyba (pc spadlo do blue win). Opět jsem zkusil hru rozjed a pc spadlo po 5 minutách hraní. Nevím jestli má na to vliv zátěž nebo to je jiná chyba. Zkusím ještě vypnout ten restart. Jak jsem hledal řešení k mému problému, tak jsem narazil na tento program: prosím pozor nestahovat - avast mi hlásil hrozbu při stahování - není to úplně 100 % zdroj

(https://errorkit.com/errors-directory/i ... BAQAvD_BwE)

co jsi o tom myslíte prosím vás vy ?


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: blue windows
PříspěvekNapsal: 15 úno 2019 00:07 
Offline
Návštěvník
Návštěvník

Registrován: 19 led 2018 22:31
Příspěvky: 18
Vypnutí restartu (win 7 profesional) jsem provedl dle následujícího návodu:

https://wintip.cz/400-jak-zakazat-autom ... ci-windows


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: blue windows
PříspěvekNapsal: 15 úno 2019 05:00 
Offline
Rádce
Rádce
Uživatelský avatar

Registrován: 27 dub 2008 10:34
Příspěvky: 1678
Citace:
tak jsem narazil na tento program: prosím pozor nestahovat - avast mi hlásil hrozbu při stahování - není to úplně 100 % zdroj

(https://errorkit.com/errors-directory/i ... BAQAvD_BwE)

co jsi o tom myslíte prosím vás vy ?


TA URL je v poriadku, pri stahovani vypnite

_________________
¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: blue windows
PříspěvekNapsal: 15 úno 2019 09:26 
Offline
Návštěvník
Návštěvník

Registrován: 19 led 2018 22:31
Příspěvky: 18
Tento prográmek mi nejde naistalovat viz foto (https://uloz.to/!GMwZgnzOJtmt/bez-nazvu-jpg). Zasekne se u 99% a instalace se nedokončí. Vypínal jsem i avast ale nic z toho nepomohlo.

Prosím vás nevíte o nějakém podobném prográmku ? Připadá mi, že toto by mi mohlo pomoci.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: blue windows
PříspěvekNapsal: 15 úno 2019 09:56 
Offline
Rádce
Rádce
Uživatelský avatar

Registrován: 27 dub 2008 10:34
Příspěvky: 1678
Vypina vam to teda len pri tej hre ?

_________________
¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.


Nahoru
 Profil  
Odpovědět s citací  
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Odpovědět na téma  [ Příspěvků: 24 ]  Přejít na stránku 1, 2  Další

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Žádní registrovaní uživatelé


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Přispějete na provoz fóra?