Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

PC mojej priatelky

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Uživatelský avatar
Sudoku33
Návštěvník
Návštěvník
Příspěvky: 198
Registrován: 24 bře 2019 20:36
Bydliště: Slovensko

PC mojej priatelky

#1 Příspěvek od Sudoku33 »

Dobry vecer, moja priatelka ma mensi problem s PC (ktorý dostala od otca, preto má mužské meno PC :lol: ). Pozerava online filmy, avšak včera, dnes sa jej začali ihneď ako otvorí Google Chrome objavovať vpravo dole reklamy a iné sračky :D :(

Ihneď ako som to uvidel som PC Prešiel Antivírusom (Avast), Malwarebytes a AdWare Cleaner ale žiadny z nich nič nenašiel. Avšak reklamy prestali. Ale posielam logy pre istotu že by sa zas vrátili alebo tam niekde sa nachádzal vo Windowse vírus. Logy nižšie :oops:
Naposledy upravil(a) Sudoku33 dne 06 čer 2019 20:04, celkem upraveno 1 x.
PC: Intel Core i5-11600k (3,9GHz)
16GB DDR4 Ram
120GB SSD Kingston + 1TB WD Blue
MSI GeForce RTX 2060 VENTUS 12G OC
Windows 10 Pro

Som jednoduchý človek ktorý má rád techniku a prírodu :)

Uživatelský avatar
Sudoku33
Návštěvník
Návštěvník
Příspěvky: 198
Registrován: 24 bře 2019 20:36
Bydliště: Slovensko

Re: PC mojej priatelky

#2 Příspěvek od Sudoku33 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2019
Ran by Richard (administrator) on GALLAS (Hewlett-Packard HP 15 Notebook PC) (06-06-2019 20:54:05)
Running from C:\Users\Richard\Desktop
Loaded Profiles: Richard & (Available Profiles: Richard & Administrator)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\EAC MW klient\eIDCertPropagator.exe
() [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\Vpn.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Disig a.s. -> Disig a.s.) C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Ministerstvo vnútra Slovenskej republiky -> Ministerstvo vnútra Slovenskej republiky) C:\Program Files (x86)\EAC MW klient\EAC_MW_klient.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SafeNet Canada, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplms.exe
(SafeNet Canada, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplmv.exe
(Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7535832 2014-02-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-19] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-10-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [EAC_MW_klient] => C:\Program Files (x86)\EAC MW klient\EAC_MW_klient.exe [10600336 2019-03-18] (Ministerstvo vnútra Slovenskej republiky -> Ministerstvo vnútra Slovenskej republiky)
HKLM-x32\...\Run: [eIDCertPropagator] => C:\Program Files (x86)\EAC MW klient\eIDCertPropagator.exe [533504 2019-01-17] () [File not signed]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-10-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002\...\Run: [AvastBrowserAutoLaunch_FEC1B1EBE9D1F5B302899B220563DBD4] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002\...\RunOnce: [Uninstall C:\Users\Richard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-10-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\Run: [AvastBrowserAutoLaunch_FEC1B1EBE9D1F5B302899B220563DBD4] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\RunOnce: [Uninstall C:\Users\Richard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\RunOnce: [Uninstall 19.043.0304.0007\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\19.043.0304.0007\amd64"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\RunOnce: [Uninstall 19.043.0304.0007] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\19.043.0304.0007"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-10-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\Run: [AvastBrowserAutoLaunch_FEC1B1EBE9D1F5B302899B220563DBD4] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\RunOnce: [Uninstall C:\Users\Richard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\RunOnce: [Uninstall 19.043.0304.0007\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\19.043.0304.0007\amd64"
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\RunOnce: [Uninstall 19.043.0304.0007] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\19.043.0304.0007"
HKU\S-1-5-21-4070732696-2307962366-2096404084-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084023999\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1714952 2013-10-16] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-4070732696-2307962366-2096404084-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084023999\...\Run: [WindowsWelcomeCenter] => C:\WINDOWS\system32\oobefldr.dll [630784 2014-03-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.80\Installer\chrmstp.exe [2019-06-05] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.132\Installer\chrmstp.exe [2019-05-31] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-03-07] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-03-15]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine.lnk [2019-03-15]
ShortcutTarget: Avast SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Web Signer.lnk [2019-01-29]
ShortcutTarget: Web Signer.lnk -> C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe (Disig a.s. -> Disig a.s.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0955BD0D-3644-4BD6-B602-04CB9958EB6F} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [339008 2013-03-12] (CyberLink Corp. -> CyberLink Corp.)
Task: {29D13C42-15FF-4A96-A1B6-959F59956877} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
Task: {2B907BCD-542C-4D28-91A3-521FB2FECCBF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {394D1DBC-A520-45F5-928B-83CA7ECD2F19} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [603008 2012-11-29] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {41AFE415-DC62-4281-AAB8-6DF09AD42D31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-20] (Google Inc -> Google Inc.)
Task: {4CF4DEE6-D976-4A5F-A34A-AAEA47BD1AC6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008 2014-01-13] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {4DA5BAF9-2D9F-47B8-8C75-02EBCA532C85} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803440 2013-12-13] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {76A60A7F-71C6-4BE2-8B60-52DBE0430404} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {836FD934-48D2-4BB1-BB55-40A53DE56CBB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CF64658-B606-498F-B226-1893F00B5C85} - System32\Tasks\AutoPico Daily Restart => F:\ALL [Argument = MS OFFICE WINDOWS PERNAMEN ACTIVATOR!\AutoPico.exe /silent]
Task: {9C37F18C-D5A0-4154-84A5-C46B33EDFC80} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {B2136804-334A-4A32-B737-A35D121E9AF5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {BBA14721-7986-42DF-8383-980F4A4077F2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE472F04-ED83-4320-AF15-C8A6AB9784E6} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink Corp. -> CyberLink)
Task: {BEBD267A-5DD9-45DA-A009-3EE10975047F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CA68711C-8005-4407-8EF4-F38F28EFFB1D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {D2DD6048-E665-4083-864B-78589C654C0E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-20] (Google Inc -> Google Inc.)
Task: {D3A3DE02-3E8C-4FA8-96BC-C9044F817374} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
Task: {DC1E8BBE-CACA-4773-B5E1-B456B6D1807D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {DCC9B246-5ECC-4852-876C-B2BC9EF5B69F} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-03-07] (CyberLink Corp. -> CyberLink Corp.)
Task: {E1D14C60-9865-4379-9710-EA248E288927} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008 2014-01-13] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {E78EEBDB-7E94-4256-B73D-ADDE9BB45902} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {E96CFD85-3DF8-4FDD-A34F-DE24A0FC7C03} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-05-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {ED218458-A557-47FE-AAB0-D40FB8BACEC4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2281944 2019-06-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {FFAE4807-7565-4B83-94A2-85F111C362DD} - System32\Tasks\Avast SecureLine Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe [1398208 2019-05-24] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{39487A7D-9E4F-40BE-A565-0D457B9D8633}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E58A1CCD-A04A-4804-A96D-CEA4CBE43774}: [DhcpNameServer] 172.16.0.1
HKLM\System\...\Parameters\PersistentRoutes: [100.100.0.10,255.255.255.255,0.0.0.0,1]

Internet Explorer:
==================
SearchScopes: HKLM -> {D451AF2A-C3FF-4A85-8AE5-234189038854} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {D451AF2A-C3FF-4A85-8AE5-234189038854} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-4070732696-2307962366-2096404084-1002 -> {D451AF2A-C3FF-4A85-8AE5-234189038854} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514 -> {D451AF2A-C3FF-4A85-8AE5-234189038854} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218 -> {D451AF2A-C3FF-4A85-8AE5-234189038854} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-28] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-28] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2019-01-14] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2019-01-15] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2016-12-15] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL [2016-12-15] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2019-01-15] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2019-01-15] (DITEC, a.s. -> Ditec,a.s.)

Chrome:
=======
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default [2019-06-06]
CHR Extension: (Prezentácie) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-20]
CHR Extension: (Dokumenty) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-20]
CHR Extension: (Disk Google) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-20]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-20]
CHR Extension: (Tabuľky) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-20]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (AdBlock) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-06-02]
CHR Extension: (Avast Online Security) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-05-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-20]
CHR Extension: (Disig Web Signer 1.0.7) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbdbcaekkgabdfaabepfjgiooilmaoe [2019-01-29]
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-06]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [odbdbcaekkgabdfaabepfjgiooilmaoe] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [140288 2014-04-17] () [File not signed]
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [240128 2014-04-18] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-19] (AVAST Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-08-07] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-19] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.132\elevation_service.exe [1079424 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10267576 2019-05-23] (AVAST Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3730024 2018-10-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [3500552 2018-07-18] (SafeNet Canada, Inc. -> SafeNet, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-02-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [6688232 2019-03-28] (AVAST Software s.r.o. -> AVAST Software)
R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [51712 2014-02-25] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2014-05-15] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-05-15] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 akshasp; C:\WINDOWS\system32\DRIVERS\akshasp.sys [87832 2018-07-18] (SafeNet, Inc. -> SafeNet, Inc.)
S3 akshhl; C:\WINDOWS\system32\DRIVERS\akshhl.sys [69640 2018-07-18] (SafeNet Canada, Inc. -> SafeNet, Inc.)
S3 aksusb; C:\WINDOWS\system32\DRIVERS\aksusb.sys [323600 2018-07-18] (SafeNet Canada, Inc. -> SafeNet, Inc.)
R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [17640 2013-10-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [85704 2014-02-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [13939712 2014-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [628224 2014-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [230088 2014-02-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
S0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-06-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [207448 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [262496 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [205848 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61472 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
S1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279120 2019-06-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167872 2019-06-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477584 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225608 2019-06-03] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\system32\DRIVERS\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385880 2019-05-31] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [3858944 2013-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWB6.sys [222720 2014-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-10-06] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-10-06] (Disc Soft Ltd -> Disc Soft Ltd)
S3 GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [137712 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [1971208 2018-07-18] (SafeNet Canada, Inc. -> SafeNet, Inc.)
S2 Haspnt; C:\WINDOWS\SysWOW64\drivers\Haspnt.sys [132608 2007-05-22] () [File not signed]
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-05-13] (Malwarebytes Corporation -> Malwarebytes)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [35856 2014-05-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [237400 2014-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [124760 2014-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 WinDivert1.1; C:\WINDOWS\files\bin\x64WDV\WinDivert.sys [35376 2013-12-03] (Nemea Mjukvaruutveckling AB -> Basil Projects)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-06 20:54 - 2019-06-06 20:55 - 000039486 _____ C:\Users\Richard\Desktop\FRST.txt
2019-06-06 20:53 - 2019-06-06 20:53 - 000000000 ____D C:\Users\Richard\Desktop\FRST-OlderVersion
2019-06-06 20:50 - 2019-06-06 20:50 - 007025360 _____ (Malwarebytes) C:\Users\Richard\Downloads\adwcleaner_7.3.exe
2019-06-03 13:36 - 2019-06-03 13:36 - 000235075 _____ C:\Users\Richard\Downloads\SAM1_OKRUH_OTAZOK_NA_SKUSKU.pdf
2019-06-02 20:26 - 2019-06-02 20:26 - 000002026 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-06-02 20:24 - 2019-06-02 20:23 - 000279120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-06-02 20:24 - 2019-06-02 20:23 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-06-02 20:24 - 2019-05-21 20:54 - 000363400 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-05-28 15:54 - 2019-05-28 15:54 - 003338786 _____ C:\Users\Richard\Downloads\SAM_Skúška.pdf
2019-05-28 15:54 - 2019-05-28 15:54 - 002080185 _____ C:\Users\Richard\Downloads\Geodézia_2_Ústna-skúška.pdf
2019-05-26 13:57 - 2019-05-26 13:57 - 000770317 _____ C:\Users\Richard\Downloads\TESTY-Geodézia.pdf
2019-05-26 11:17 - 2019-05-26 11:17 - 020017719 _____ C:\Users\Richard\Downloads\všetko-v-kope.pdf
2019-05-23 11:12 - 2019-05-23 11:12 - 003011295 _____ C:\Users\Richard\Downloads\GEODEZIA_2_8_prednáška_8.pptx
2019-05-23 11:12 - 2019-05-23 11:12 - 000928768 _____ C:\Users\Richard\Downloads\GEODEZIA_2_9_prednáška_9.ppt
2019-05-19 16:39 - 2019-05-19 16:39 - 004941096 _____ C:\Users\Richard\Downloads\190516 (1).zip
2019-05-19 16:39 - 2019-05-19 16:39 - 004768202 _____ C:\Users\Richard\Downloads\190520 (1).zip
2019-05-19 16:19 - 2019-05-19 16:19 - 000179685 _____ C:\Users\Richard\Downloads\Pracovne_listy_15_16 (1).pdf
2019-05-19 11:28 - 2019-05-19 11:28 - 000101743 _____ C:\Users\Richard\Downloads\Pracovne_listy_19_22_2019 (3).ppsx
2019-05-19 11:27 - 2019-05-19 11:27 - 000101743 _____ C:\Users\Richard\Downloads\Pracovne_listy_19_22_2019 (2).ppsx
2019-05-18 23:06 - 2019-05-18 23:06 - 002505227 _____ C:\Users\Richard\Downloads\cylindricka_priklady_2019 (1).ppsx
2019-05-18 23:05 - 2019-05-18 23:05 - 002505227 _____ C:\Users\Richard\Downloads\cylindricka_priklady_2019.ppsx
2019-05-18 20:58 - 2019-05-18 20:59 - 086363912 _____ (OCAD AG) C:\Users\Richard\Downloads\OCAD_2019_TRIAL_Setup (1).exe
2019-05-18 16:58 - 2019-05-18 16:58 - 000409944 _____ C:\Users\Richard\Downloads\Linearna_sikma_stud_2019 (1).ppsx
2019-05-18 16:58 - 2019-05-18 16:58 - 000074778 _____ C:\Users\Richard\Downloads\Pracovne_listy_3_4_2019 (1).pptx
2019-05-18 16:50 - 2019-05-18 16:58 - 000111410 _____ C:\Users\Richard\Downloads\Pracovne_listy_3_4_2019.pptx
2019-05-18 15:44 - 2019-06-05 20:41 - 000000000 ____D C:\Users\Richard\Desktop\2. semester
2019-05-18 11:18 - 2019-05-18 11:18 - 000086718 _____ C:\Users\Richard\Downloads\SkuskovaPisomka.pdf
2019-05-18 10:53 - 2019-05-18 10:54 - 004768202 _____ C:\Users\Richard\Downloads\190520.zip
2019-05-18 10:53 - 2019-05-18 10:53 - 004941096 _____ C:\Users\Richard\Downloads\190516.zip
2019-05-15 16:50 - 2019-05-15 16:50 - 000284192 _____ C:\Users\Richard\Downloads\Sfericka_trigonometria.pdf
2019-05-15 16:27 - 2019-06-05 22:48 - 000003370 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-15 16:27 - 2019-06-05 22:48 - 000003242 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-13 08:36 - 2019-05-13 08:36 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-06 20:56 - 2018-10-06 20:12 - 000000000 ____D C:\Users\Richard\Desktop\stahovanie
2019-06-06 20:54 - 2019-04-06 20:30 - 000000000 ____D C:\FRST
2019-06-06 20:53 - 2019-04-06 20:29 - 002417664 _____ (Farbar) C:\Users\Richard\Desktop\FRST64.exe
2019-06-06 20:51 - 2018-10-06 20:12 - 000000000 ____D C:\Users\Richard\AppData\Roaming\uTorrent
2019-06-06 20:51 - 2018-10-06 20:07 - 000000000 ____D C:\Users\Richard\AppData\Roaming\DAEMON Tools Lite
2019-06-06 20:50 - 2019-03-15 21:46 - 000167872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-06-06 20:46 - 2017-08-29 14:42 - 000000000 ____D C:\Users\Richard\Documents\Youcam
2019-06-05 22:48 - 2019-04-07 18:33 - 000003406 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2019-06-05 22:48 - 2018-10-27 17:52 - 000004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-06-05 22:48 - 2018-10-07 09:20 - 000003174 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4070732696-2307962366-2096404084-1002
2019-06-05 22:48 - 2018-10-06 20:49 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-06-05 22:48 - 2018-10-06 20:27 - 000004128 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-06-05 22:48 - 2018-10-06 20:27 - 000002790 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-06-05 22:48 - 2014-05-14 21:14 - 000003160 _____ C:\WINDOWS\System32\Tasks\CLVDLauncher
2019-06-05 22:48 - 2014-05-14 21:14 - 000003160 _____ C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2019-06-05 22:48 - 2014-05-14 21:11 - 000003156 _____ C:\WINDOWS\System32\Tasks\YCMServiceAgent
2019-06-05 22:48 - 2014-05-14 20:56 - 000002990 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2019-06-05 22:39 - 2018-03-24 13:06 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4070732696-2307962366-2096404084-1002
2019-06-05 20:54 - 2018-05-20 10:06 - 000002263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-05 20:54 - 2018-05-20 10:06 - 000002222 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-05 20:46 - 2019-03-31 09:15 - 000002313 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2019-06-05 20:42 - 2018-10-06 20:07 - 000000000 ____D C:\Users\Richard\Desktop\Škola (dokumenty)
2019-06-03 15:35 - 2019-03-15 21:46 - 000225608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-06-02 20:26 - 2019-03-15 21:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-06-02 20:25 - 2019-03-15 21:50 - 000003910 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-05-31 19:04 - 2019-03-15 21:46 - 000385880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-05-31 19:04 - 2019-03-15 21:46 - 000385880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw38f8eb559c6b269e.tmp
2019-05-31 19:03 - 2019-04-18 22:45 - 000003732 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-05-31 19:03 - 2019-04-18 22:45 - 000003150 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-05-31 19:03 - 2019-03-15 21:50 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-05-31 19:03 - 2019-03-15 21:50 - 000002413 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-05-28 01:10 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2019-05-21 20:54 - 2019-03-15 21:46 - 000477584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-05-21 20:54 - 2019-03-15 21:46 - 000477584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswf319517202728972.tmp
2019-05-21 20:54 - 2019-03-15 21:46 - 000225096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1c034353491babb8.tmp
2019-05-21 20:54 - 2019-03-15 21:46 - 000167872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswcdc8082fa91ece5d.tmp
2019-05-21 20:54 - 2019-03-15 21:46 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-05-21 20:54 - 2019-03-15 21:46 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswdd509737def58aee.tmp
2019-05-21 20:54 - 2019-03-15 21:46 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-05-21 20:54 - 2019-03-15 21:46 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw5a1be023989ccd77.tmp
2019-05-21 20:54 - 2019-03-15 21:46 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-05-21 20:54 - 2019-03-15 21:46 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw31a0a7a3fa05ca0b.tmp
2019-05-21 20:53 - 2019-03-15 21:46 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-05-21 20:53 - 2019-03-15 21:46 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswb7b3a71491d69984.tmp
2019-05-21 20:53 - 2019-03-15 21:46 - 000549200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9578a0bf216275e1.tmp
2019-05-21 20:53 - 2019-03-15 21:46 - 000262496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc8bfd097237d0551.tmp
2019-05-21 20:53 - 2019-03-15 21:46 - 000262496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-05-21 20:53 - 2019-03-15 21:46 - 000207448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-05-21 20:53 - 2019-03-15 21:46 - 000207448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8bc76523d34bdd10.tmp
2019-05-21 20:53 - 2019-03-15 21:46 - 000205848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-05-21 20:53 - 2019-03-15 21:46 - 000205848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbc126bdf396c3087.tmp
2019-05-21 20:53 - 2019-03-15 21:46 - 000061472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswcd1a6d8af8df81a6.tmp
2019-05-21 20:53 - 2019-03-15 21:46 - 000061472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-05-21 10:12 - 2019-03-15 22:11 - 000004180 _____ C:\WINDOWS\System32\Tasks\Avast SecureLine Update
2019-05-21 10:04 - 2019-03-15 22:03 - 000004194 _____ C:\WINDOWS\System32\Tasks\Avast Cleanup Update
2019-05-19 16:21 - 2014-05-15 04:05 - 000753788 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-19 16:21 - 2014-05-15 04:05 - 000163570 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-19 16:21 - 2014-03-18 11:53 - 001876212 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-18 12:17 - 2018-10-27 17:52 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-13 08:36 - 2014-05-14 21:03 - 001662205 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2019-05-13 08:36 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-13 00:50 - 2014-05-14 20:53 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-05-12 23:25 - 2014-04-02 11:29 - 000000000 ____D C:\Users\Administrator
2019-05-12 23:16 - 2019-04-06 20:19 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-05-07 11:38 - 2019-04-07 11:04 - 000000000 ____D C:\Users\Richard\AppData\Local\Microsoft Help

==================== Files in the root of some directories =======

2019-02-24 16:15 - 2019-02-24 16:15 - 000143360 _____ (Gepro s.r.o.) C:\Program Files (x86)\kokundo.exe

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-06-02 20:29
==================== End of FRST.txt ============================
PC: Intel Core i5-11600k (3,9GHz)
16GB DDR4 Ram
120GB SSD Kingston + 1TB WD Blue
MSI GeForce RTX 2060 VENTUS 12G OC
Windows 10 Pro

Som jednoduchý človek ktorý má rád techniku a prírodu :)

Uživatelský avatar
Sudoku33
Návštěvník
Návštěvník
Příspěvky: 198
Registrován: 24 bře 2019 20:36
Bydliště: Slovensko

Re: PC mojej priatelky

#3 Příspěvek od Sudoku33 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2019
Ran by Richard (06-06-2019 20:56:36)
Running from C:\Users\Richard\Desktop
Windows 8.1 (Update) (X64) (2018-03-24 10:55:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4070732696-2307962366-2096404084-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-4070732696-2307962366-2096404084-501 - Limited - Disabled)
Richard (S-1-5-21-4070732696-2307962366-2096404084-1002 - Administrator - Enabled) => C:\Users\Richard

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{7536C341-2F7D-EFE6-F521-DEBE68B025C5}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7308 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 74.0.1376.132 - Autoři prohlížeče Avast Secure Browser)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 5.2.429 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Balík softvéru eID (HKLM-x32\...\{ea81dcd3-f9f3-4959-8bee-0349fc294ae5}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Bit4id - miniLector (HKLM-x32\...\Bit4id - miniLector) (Version: 3.7 - Bit4id)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.71.1081 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3303 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3416 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
D.Launcher (x86) (HKLM-x32\...\{130A1B8A-2C4A-405D-90F3-3CBA000A8800}) (Version: 1.1.0.0 - DITEC, a.s.)
D.Signer/XAdES .NET Tools (x86) (HKLM-x32\...\{B3377E91-E400-4579-B5ED-5544098B7D47}) (Version: 4.0.9 - DITEC, a.s.)
D.Signer/XAdES .NET with plugins (x86) (HKLM-x32\...\{60E7A096-CD91-4AD1-9E9C-34414DA78CFD}) (Version: 4.0.13 - DITEC, a.s.)
D.Suite/eIDAS (x86) (HKLM-x32\...\{1d028b37-36ce-4e1b-ae0f-a0beb6cc3537}) (Version: 1.0.15 - DITEC, a.s.)
D.Suite/eIDAS (x86) (HKLM-x32\...\{f6fbc4ed-b1f8-4f4c-9b23-5b8e64af50b4}) (Version: 1.0.15 - DITEC, a.s.)
D.Viewer .NET (x86) (HKLM-x32\...\{4ACA51B0-AD85-4EF1-AADA-81887BC2E85C}) (Version: 4.0.2025 - DITEC, a.s.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0637 - Disc Soft Ltd)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Disig Web Signer 1.0.7 (HKLM-x32\...\{21859B7E-5E38-4892-A480-FA8B180ADE72}) (Version: 1.1.8 - Disig)
EAC MW klient (HKLM-x32\...\{3C1EB559-A939-4569-8EDE-006675312B46}) (Version: 3.1.3 - Ministerstvo vnútra Slovenskej republiky)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Fotogaléria (HKLM-x32\...\{08466673-3905-4437-93E8-34A221B7CA4E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GemPcCCID (HKLM\...\{C2C14C20-A217-4FCA-B668-89B6C70B6EFF}) (Version: 2.0.7 - Gemalto)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.80 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.10) (Version: 9.10 - Artifex Software Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Documentation (HKLM-x32\...\{F29E3AA8-CF19-4452-92B7-F1FE31CD11C5}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7372.4698 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{891A1782-8B20-4403-8383-458962525926}) (Version: 2.3.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.11 - Softex Inc.) Hidden
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Mathcad 15 M020 (HKLM-x32\...\{1FABCC0D-6190-4FA9-8C25-1AFC2A5F1E74}) (Version: 15.0.2.0 - PTC)
Mathcad PDSi viewable support (HKLM-x32\...\{AC76D478-1033-0000-3478-000000000004}) (Version: 9.0.0 - Adobe Systems) Hidden
Mathcad PDSi viewable support (HKLM-x32\...\Mathcad PDSi viewable support) (Version: 9.0.0 - Adobe Systems)
Microsoft Office 2016 Professional Plus (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4070732696-2307962366-2096404084-1002\...\OneDriveSetup.exe) (Version: 19.070.0410.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\...\OneDriveSetup.exe) (Version: 19.062.0331.0006 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\...\OneDriveSetup.exe) (Version: 19.062.0331.0006 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{379A0618-EF50-423C-9637-EEB2D25A4BB4}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{CFBFE244-6269-41DC-85B6-86F99C88ED02}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Název společnosti:)
pdfFactory Pro (HKLM\...\pdfFactory Pro) (Version: 6.19 - FinePrint Software, LLC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.232 - Qualcomm Atheros)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7164 - Realtek Semiconductor Corp.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.4.0 - Synaptics Incorporated)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-012B-041B-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version: - Microsoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
Box -> C:\Program Files\WindowsApps\134D4F5B.Box_1.6.3.1920_neutral__2qk4zy5s3qmee [2014-05-14] (Box, Inc.)
Cestovanie Bing -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.2.233_x64__8wekyb3d8bbwe [2014-05-14] (Microsoft Corporation) [MS Ad]
Financie Bing -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.2.234_x64__8wekyb3d8bbwe [2014-05-14] (Microsoft Corporation) [MS Ad]
Getting Started with Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.2.4.35_neutral__v10z8vjag6ke6 [2014-05-14] (Hewlett-Packard Company)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.141_neutral__v10z8vjag6ke6 [2014-05-14] (Hewlett-Packard Company)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-05-14] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.2.705.0_x64__8wekyb3d8bbwe [2014-05-14] (Microsoft Corporation) [MS Ad]
Jedlá a nápoje Bing -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.2.236_x64__8wekyb3d8bbwe [2014-05-14] (Microsoft Corporation) [MS Ad]
Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.2.233_x64__8wekyb3d8bbwe [2014-05-14] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_2.5.0.1005_x86__kzf8qxf38zg5c [2014-05-14] (Skype) [MS Ad]
Správy Bing -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.2.233_x64__8wekyb3d8bbwe [2014-05-14] (Microsoft Corporation) [MS Ad]
Šport Bing -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.2.233_x64__8wekyb3d8bbwe [2014-05-14] (Microsoft Corporation) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.2.705.0_x64__8wekyb3d8bbwe [2014-05-14] (Microsoft Corporation) [MS Ad]
YouCam for HP -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.YouCamforHP_1.0.2.27571_x86__06qsbagp91rvg [2014-05-14] (CYBERLINKCOM CORP)
Zdravie a fitnes Bing -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.2.233_x64__8wekyb3d8bbwe [2014-05-14] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4070732696-2307962366-2096404084-1002_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-19] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2008-10-06] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-10-17] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-10-17] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2008-10-06] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-03-15 22:03 - 2016-09-12 15:53 - 048936448 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
2019-01-17 10:19 - 2019-01-17 10:19 - 000038912 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_date_time-vc90-mt-1_49.dll
2019-01-17 10:19 - 2019-01-17 10:19 - 000135680 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_filesystem-vc90-mt-1_49.dll
2019-01-17 10:19 - 2019-01-17 10:19 - 000567808 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_log-vc90-mt-1_49.dll
2019-01-17 10:19 - 2019-01-17 10:19 - 000227840 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_serialization-vc90-mt-1_49.dll
2019-01-17 10:19 - 2019-01-17 10:19 - 000012800 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_system-vc90-mt-1_49.dll
2019-01-17 10:19 - 2019-01-17 10:19 - 000046592 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_thread-vc90-mt-1_49.dll
2019-01-17 10:20 - 2019-01-17 10:20 - 000533504 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\eIDCertPropagator.exe
2014-04-17 15:38 - 2014-04-17 15:38 - 000140288 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2014-04-17 15:37 - 2014-04-17 15:37 - 000127488 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-03-28 13:31 - 2014-03-28 13:31 - 002110464 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 000021504 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 13:36 - 2014-03-28 13:36 - 000065024 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2014-03-28 13:27 - 2014-03-28 13:27 - 000055296 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 000035328 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2019-02-12 22:48 - 2019-02-12 22:48 - 003083264 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DotNetCommon\62ff080ad01a950d1576d95c6ff5aed4\DotNetCommon.ni.dll
2014-04-17 15:28 - 2014-04-17 15:28 - 000898048 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2014-04-17 15:27 - 2014-04-17 15:27 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2014-04-17 15:37 - 2014-04-17 15:37 - 000344064 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
2019-01-17 10:20 - 2019-01-17 10:20 - 001888256 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EAC MW klient\xerces-c_3_1.dll
2013-12-02 11:05 - 2013-12-02 11:05 - 002558464 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\EAC MW klient\QtCore_mw_x86_4.dll
2013-12-02 12:25 - 2013-12-02 12:25 - 002543104 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\EAC MW klient\QtDeclarative_mw_x86_4.dll
2013-12-02 11:29 - 2013-12-02 11:29 - 008353280 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\EAC MW klient\QtGui_mw_x86_4.dll
2013-12-02 11:08 - 2013-12-02 11:08 - 001023488 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\EAC MW klient\QtNetwork_mw_x86_4.dll
2013-12-02 12:07 - 2013-12-02 12:07 - 001298432 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\EAC MW klient\QtScript_mw_x86_4.dll
2013-12-02 11:08 - 2013-12-02 11:08 - 000195072 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\EAC MW klient\QtSql_mw_x86_4.dll
2013-12-02 11:06 - 2013-12-02 11:06 - 000341504 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\EAC MW klient\QtXml_mw_x86_4.dll
2013-12-02 11:47 - 2013-12-02 11:47 - 002568704 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\EAC MW klient\QtXmlPatterns_mw_x86_4.dll
2019-02-10 15:03 - 2019-02-10 15:03 - 004715520 _____ (Disc Soft Ltd) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\a9a6d50bf504df3daf576c3dac1d6832\DiscSoft.NET.Common.ni.dll
2019-02-10 15:03 - 2019-02-10 15:03 - 005184512 _____ (Disc Soft Ltd) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DTLite\2250bb7c0271f32e8b180883fbcf450a\DTLite.ni.exe
2019-02-10 15:03 - 2019-02-10 15:03 - 000139264 _____ (Disc Soft Ltd) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DTLiteHelper\8d2e2b2a7e36be9f2ee6a439e8055224\DTLiteHelper.ni.exe
2014-01-13 08:02 - 2014-01-13 08:02 - 000092160 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
2014-03-28 13:47 - 2014-03-28 13:47 - 000646656 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OpBHO64.dll
2014-03-28 13:29 - 2014-03-28 13:29 - 000692224 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\storeng.dll
2014-03-28 13:32 - 2014-03-28 13:32 - 001107968 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\userdata.dll
2014-05-14 21:07 - 2014-05-14 21:07 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2013-08-07 01:34 - 2013-08-07 01:34 - 000312448 _____ (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
2014-03-28 13:39 - 2014-03-28 13:39 - 000088064 _____ (Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
2014-03-28 13:48 - 2014-03-28 13:48 - 000712080 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 000367504 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 000759184 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\hdddrv.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 001204112 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\Wbf.dll
2019-01-17 10:20 - 2019-01-17 10:20 - 000456192 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files (x86)\EAC MW klient\libcurl.dll
2019-01-17 10:20 - 2019-01-17 10:20 - 001212928 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\EAC MW klient\LIBEAY32.dll
2019-01-17 10:20 - 2019-01-17 10:20 - 000276480 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\EAC MW klient\SSLEAY32.dll
2019-03-15 22:11 - 2018-09-05 22:32 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\SecureLine\libcrypto-1_1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2019-04-06 21:09 - 000000035 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Hewlett-Packard\SimplePass\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\EAC MW klient\
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img1.jpg
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084022514\Control Panel\Desktop\\Wallpaper -> C:\Users\Richard\Desktop\thailand-rocks-sea-islands-tropical-islands.jpg
HKU\S-1-5-21-4070732696-2307962366-2096404084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084026218\Control Panel\Desktop\\Wallpaper -> C:\Users\Richard\Desktop\thailand-rocks-sea-islands-tropical-islands.jpg
HKU\S-1-5-21-4070732696-2307962366-2096404084-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132019084023999\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F67644CA-875C-41FD-B753-E60102FEEC1B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4B88B347-C45C-4913-950C-4EEB5CDF8483}] => (Allow) LPort=2869
FirewallRules: [{C2F6A5D3-30BC-491C-841E-C84952038C16}] => (Allow) LPort=1900
FirewallRules: [{DE37F22C-1F1F-4BFE-B536-E0757363EE8B}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe (Meridian Audio Ltd -> Meridian Audio Ltd)
FirewallRules: [{3EF1A830-F1E2-47B7-8EA5-48D60E423858}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe (Meridian Audio Ltd -> Meridian Audio Ltd)
FirewallRules: [{9E090B11-A18D-4F85-8CD8-0D85BFAC2EBA}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe (Meridian Audio Ltd -> Meridian Audio Ltd)
FirewallRules: [{6177F9F7-DE33-4C1F-8527-EEC4CCFBF352}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe (Meridian Audio Ltd -> Meridian Audio Ltd)
FirewallRules: [{5DEFEF1B-B37B-462F-ADE0-8A34FA02ADF6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D0387780-2DE4-49E1-9CBF-3D2414830580}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D431329B-D09A-4282-8631-06D816A00277}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{57C42B9C-7FE4-4ED6-8BD6-B651A7611899}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{12402D8B-0384-4734-9351-111DAA018747}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{F9791160-D0CE-4DC3-8425-377AFCE38151}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{C8D351A2-DBCD-4ECA-BD46-AE8BF5B2C93E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{B0EBEF5B-3430-47C8-96EA-4D4667C4A327}C:\users\richard\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\richard\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{37BEBA28-F63A-4EC9-B5C4-D778821B5347}C:\users\richard\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\richard\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{4F042218-15C4-4884-B216-74741DE633F0}C:\users\richard\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\richard\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{C7B7A15C-058E-4B26-9B63-2576B7CE5F41}C:\users\richard\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\richard\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{1DBBB65B-A7D6-4DB2-B39F-D14FD7DB1570}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [UDP Query User{253A5442-E3EB-4A96-95DA-E8FFB2C9F240}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [{093DB0A9-5CE6-49DF-B117-4B5B48878E35}] => (Allow) C:\WINDOWS\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.)
FirewallRules: [{90B1690E-830C-46EB-A7D4-83C1A648DE35}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{AAA73C8E-CA2D-4DFE-99BB-65DB147190B4}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{8E99C710-097E-4206-BFC8-E771BC7ECD2C}] => (Allow) C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{54071ADC-31C0-45AA-96AB-67B4B747E51D}] => (Allow) C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{27F87BCC-CC04-4F0F-8DCE-5F85D95D7342}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A9E4C76B-3ABC-48E7-9640-488AFB95A371}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BA6B2B49-2D75-4E07-A50B-64041064266A}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DDD065F2-DDE2-4951-AD48-8388BCF34A98}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{395CFDA6-88EB-439D-9112-28EB75451008}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{9B3228EE-8325-46C6-A6FF-06F2112E8331}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

18-05-2019 20:59:10 Removed OCAD 2019.
23-05-2019 11:40:58 Removed OCAD 2019.
29-05-2019 17:56:47 Removed OCAD 2019.

==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Windows Defender:
===================================
Date: 2019-03-15 20:52:54.957
Description:
Windows Defender Funkce ochrany v reálném čase zjistila chybu a nezdařila se.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2019-03-15 14:15:21.660
Description:
Windows Defender Funkce ochrany v reálném čase zjistila chybu a nezdařila se.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému pro kontrolu sítě. Nainstalujte požadované aktualizace a restartujte počítač.

Date: 2019-03-15 13:56:14.540
Description:
Windows Defender Funkce ochrany v reálném čase zjistila chybu a nezdařila se.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému pro kontrolu sítě. Nainstalujte požadované aktualizace a restartujte počítač.

Date: 2018-10-06 20:06:47.625
Description:
Windows Defender Funkce ochrany v reálném čase zjistila chybu a nezdařila se.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2018-10-06 20:06:36.351
Description:
Windows Defender Funkce ochrany v reálném čase zjistila chybu a nezdařila se.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému pro kontrolu sítě. Nainstalujte požadované aktualizace a restartujte počítač.

CodeIntegrity:
===================================

Date: 2018-12-26 21:22:24.447
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: Insyde F.32 11/12/2014
Motherboard: Hewlett-Packard 22CE
Processor: AMD A4-6210 APU with AMD Radeon R3 Graphics
Percentage of memory in use: 42%
Total physical RAM: 7112.98 MB
Available physical RAM: 4083.96 MB
Total Virtual: 8264.98 MB
Available Virtual: 5464.04 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:916.75 GB) (Free:861 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:13.74 GB) (Free:1.32 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{e7f3f21a-5a19-4fd9-9571-75debd2a7c54}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.35 GB) NTFS

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================
PC: Intel Core i5-11600k (3,9GHz)
16GB DDR4 Ram
120GB SSD Kingston + 1TB WD Blue
MSI GeForce RTX 2060 VENTUS 12G OC
Windows 10 Pro

Som jednoduchý človek ktorý má rád techniku a prírodu :)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: PC mojej priatelky

#4 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
Sudoku33
Návštěvník
Návštěvník
Příspěvky: 198
Registrován: 24 bře 2019 20:36
Bydliště: Slovensko

Re: PC mojej priatelky

#5 Příspěvek od Sudoku33 »

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-06-2019
# Duration: 00:00:02
# OS: Windows 8.1
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1279 octets] - [31/03/2019 08:55:20]
AdwCleaner[C00].txt - [1445 octets] - [31/03/2019 08:56:39]
AdwCleaner[S01].txt - [1368 octets] - [31/03/2019 09:05:23]
AdwCleaner[S02].txt - [1429 octets] - [31/03/2019 09:06:32]
AdwCleaner[S03].txt - [1523 octets] - [07/04/2019 18:45:06]
AdwCleaner[C03].txt - [1689 octets] - [07/04/2019 18:45:22]
AdwCleaner[S04].txt - [1612 octets] - [06/06/2019 20:51:01]
AdwCleaner[S05].txt - [1673 octets] - [06/06/2019 22:07:47]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C05].txt ##########
PC: Intel Core i5-11600k (3,9GHz)
16GB DDR4 Ram
120GB SSD Kingston + 1TB WD Blue
MSI GeForce RTX 2060 VENTUS 12G OC
Windows 10 Pro

Som jednoduchý človek ktorý má rád techniku a prírodu :)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: PC mojej priatelky

#6 Příspěvek od Rudy »

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {41AFE415-DC62-4281-AAB8-6DF09AD42D31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-20] (Google Inc -> Google Inc.)
Task: {8CF64658-B606-498F-B226-1893F00B5C85} - System32\Tasks\AutoPico Daily Restart => F:\ALL [Argument = MS OFFICE WINDOWS PERNAMEN ACTIVATOR!\AutoPico.exe /silent]
F:\ALL [Argument = MS OFFICE WINDOWS PERNAMEN ACTIVATOR!\AutoPico.exe
Task: {D2DD6048-E665-4083-864B-78589C654C0E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-20] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\Drivers\asw38f8eb559c6b269e.tmp
C:\WINDOWS\system32\Drivers\aswf319517202728972.tmp
C:\WINDOWS\system32\Drivers\asw1c034353491babb8.tmp
C:\WINDOWS\system32\Drivers\aswcdc8082fa91ece5d.tmp
C:\WINDOWS\system32\Drivers\aswdd509737def58aee.tmp
C:\WINDOWS\system32\Drivers\asw5a1be023989ccd77.tmp
C:\WINDOWS\system32\Drivers\asw31a0a7a3fa05ca0b.tmp
C:\WINDOWS\system32\Drivers\aswb7b3a71491d69984.tmp
C:\WINDOWS\system32\Drivers\asw9578a0bf216275e1.tmp
C:\WINDOWS\system32\Drivers\aswc8bfd097237d0551.tmp
C:\WINDOWS\system32\Drivers\asw8bc76523d34bdd10.tmp
C:\WINDOWS\system32\Drivers\aswbc126bdf396c3087.tmp
C:\WINDOWS\system32\Drivers\aswcd1a6d8af8df81a6.tmp

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
Sudoku33
Návštěvník
Návštěvník
Příspěvky: 198
Registrován: 24 bře 2019 20:36
Bydliště: Slovensko

Re: PC mojej priatelky

#7 Příspěvek od Sudoku33 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-06-2019
Ran by Richard (07-06-2019 17:06:33) Run:2
Running from C:\Users\Richard\Desktop
Loaded Profiles: Richard (Available Profiles: Richard & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {41AFE415-DC62-4281-AAB8-6DF09AD42D31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-20] (Google Inc -> Google Inc.)
Task: {8CF64658-B606-498F-B226-1893F00B5C85} - System32\Tasks\AutoPico Daily Restart => F:\ALL [Argument = MS OFFICE WINDOWS PERNAMEN ACTIVATOR!\AutoPico.exe /silent]
F:\ALL [Argument = MS OFFICE WINDOWS PERNAMEN ACTIVATOR!\AutoPico.exe
Task: {D2DD6048-E665-4083-864B-78589C654C0E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-20] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\Drivers\asw38f8eb559c6b269e.tmp
C:\WINDOWS\system32\Drivers\aswf319517202728972.tmp
C:\WINDOWS\system32\Drivers\asw1c034353491babb8.tmp
C:\WINDOWS\system32\Drivers\aswcdc8082fa91ece5d.tmp
C:\WINDOWS\system32\Drivers\aswdd509737def58aee.tmp
C:\WINDOWS\system32\Drivers\asw5a1be023989ccd77.tmp
C:\WINDOWS\system32\Drivers\asw31a0a7a3fa05ca0b.tmp
C:\WINDOWS\system32\Drivers\aswb7b3a71491d69984.tmp
C:\WINDOWS\system32\Drivers\asw9578a0bf216275e1.tmp
C:\WINDOWS\system32\Drivers\aswc8bfd097237d0551.tmp
C:\WINDOWS\system32\Drivers\asw8bc76523d34bdd10.tmp
C:\WINDOWS\system32\Drivers\aswbc126bdf396c3087.tmp
C:\WINDOWS\system32\Drivers\aswcd1a6d8af8df81a6.tmp

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{41AFE415-DC62-4281-AAB8-6DF09AD42D31}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41AFE415-DC62-4281-AAB8-6DF09AD42D31}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8CF64658-B606-498F-B226-1893F00B5C85}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CF64658-B606-498F-B226-1893F00B5C85}" => removed successfully
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => removed successfully
"F:\ALL [Argument = MS OFFICE WINDOWS PERNAMEN ACTIVATOR!\AutoPico.exe" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D2DD6048-E665-4083-864B-78589C654C0E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2DD6048-E665-4083-864B-78589C654C0E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\WINDOWS\system32\Drivers\asw38f8eb559c6b269e.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswf319517202728972.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw1c034353491babb8.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswcdc8082fa91ece5d.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswdd509737def58aee.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw5a1be023989ccd77.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw31a0a7a3fa05ca0b.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswb7b3a71491d69984.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw9578a0bf216275e1.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswc8bfd097237d0551.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw8bc76523d34bdd10.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswbc126bdf396c3087.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswcd1a6d8af8df81a6.tmp" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13900019 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 207792 B
Edge => 0 B
Chrome => 9105647 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Richard => 357036 B
Administrator => 0 B

RecycleBin => 0 B
EmptyTemp: => 30.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:07:02 ====
PC: Intel Core i5-11600k (3,9GHz)
16GB DDR4 Ram
120GB SSD Kingston + 1TB WD Blue
MSI GeForce RTX 2060 VENTUS 12G OC
Windows 10 Pro

Som jednoduchý človek ktorý má rád techniku a prírodu :)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: PC mojej priatelky

#8 Příspěvek od Rudy »

OK. Reklamy již nevyskakují?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
Sudoku33
Návštěvník
Návštěvník
Příspěvky: 198
Registrován: 24 bře 2019 20:36
Bydliště: Slovensko

Re: PC mojej priatelky

#9 Příspěvek od Sudoku33 »

Prepáčťe, bol som Inactive. Reklamy prestali vyskakovať. Ďakujem, môžťe lock :closed: :|
PC: Intel Core i5-11600k (3,9GHz)
16GB DDR4 Ram
120GB SSD Kingston + 1TB WD Blue
MSI GeForce RTX 2060 VENTUS 12G OC
Windows 10 Pro

Som jednoduchý človek ktorý má rád techniku a prírodu :)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: PC mojej priatelky

#10 Příspěvek od Rudy »

To jsem rád a nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno