Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o preventivku

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
kcobain
Návštěvník
Návštěvník
Příspěvky: 145
Registrován: 20 dub 2008 08:47

Prosím o preventivku

#1 Příspěvek od kcobain »

Zdravím,

sice to nic neznamená ale v poslední době se začíná PC nějak sekat, byl vyčištěn Ccleanerem, projet avastem a vše v poho, prosím jen někoho o kontrolu logu, předem děkuji:



Logfile of random's system information tool 1.10 (written by random/random)
Run by User007 at 2019-06-13 20:29:09
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 168 GB (69%) free of 244 GB
Total RAM: 8142 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:29:10, on 13.6.2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19130)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\User007.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKCU\..\Run: [f.lux] "C:\Users\User007\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Windscribe] "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.131\elevation_service.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Common Connectivity Framework (STCServ) - Intel Corporation - C:\Program Files\Intel\STCServ\STCServ.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8538 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8d2e7870-39bd-4819-bd22-b9da4798d3dd -SystemEventPortName:HostProcess-589f9b8a-5b83-492b-9088-b52b9f43768e -IoCancelEventPortName:HostProcess-02acc078-0ecd-42f2-b41f-7313f94b39f7 -NonStateChangingEventPortName:HostProcess-423d2ccb-802e-4f8d-9a50-2e882b7e28df -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:68bece36-8691-4f26-b0ca-0c38af338ab9 -DeviceGroupId:WpdFsGroup
taskeng.exe {4EBA4227-EE1A-42B9-8266-99A8B9D35663}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\SpeedFan\speedfan.exe"
taskeng.exe {E134A2FC-9504-4B02-AD96-8827B9DB580C}
"taskhost.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
"C:\Program Files\Core Temp\Core Temp.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
AvastUI.exe /nogui
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
/tasktrayonly
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Intel\STCServ\STCServ.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
\??\C:\Windows\system32\conhost.exe "1765022209-170714145713088805151887754648457555623-7300520512643650212101070224
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\msiexec.exe /V
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6772.0.1865216805\802519364" -parentBuildID 20190607204818 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 6772 "\\.\pipe\gecko-crash-server-pipe.6772" 1304 gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6772.3.185292543\1455864690" -childID 1 -isForBrowser -prefsHandle 988 -prefMapHandle 952 -prefsLen 1 -prefMapSize 202377 -parentBuildID 20190607204818 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 6772 "\\.\pipe\gecko-crash-server-pipe.6772" 1768 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6772.13.1243029673\476228911" -childID 2 -isForBrowser -prefsHandle 3336 -prefMapHandle 3340 -prefsLen 5875 -prefMapSize 202377 -parentBuildID 20190607204818 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 6772 "\\.\pipe\gecko-crash-server-pipe.6772" 3096 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6772.20.694684501\1449623305" -childID 3 -isForBrowser -prefsHandle 3100 -prefMapHandle 3748 -prefsLen 5875 -prefMapSize 202377 -parentBuildID 20190607204818 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 6772 "\\.\pipe\gecko-crash-server-pipe.6772" 3760 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6772.34.1575016973\800994120" -childID 5 -isForBrowser -prefsHandle 4112 -prefMapHandle 4124 -prefsLen 6607 -prefMapSize 202377 -parentBuildID 20190607204818 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 6772 "\\.\pipe\gecko-crash-server-pipe.6772" 3536 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6772.48.2122047229\1016975080" -childID 7 -isForBrowser -prefsHandle 4752 -prefMapHandle 4764 -prefsLen 6654 -prefMapSize 202377 -parentBuildID 20190607204818 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 6772 "\\.\pipe\gecko-crash-server-pipe.6772" 4836 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6772.62.1557169322\1521212321" -childID 9 -isForBrowser -prefsHandle 5832 -prefMapHandle 8860 -prefsLen 6654 -prefMapSize 202377 -parentBuildID 20190607204818 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 6772 "\\.\pipe\gecko-crash-server-pipe.6772" 8792 tab
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\DOWNLOAD\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

=========Mozilla firefox=========

ProfilePath - C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\rhh5tgg4.default-1493407408845

prefs.js - "browser.startup.homepage" - "www.centrum.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.192 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Web Components]
"Description"=
"Path"=C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.192 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll


C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\rhh5tgg4.default-1493407408845\extensions\
staged

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-05-28 36352]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-07-15 7637208]
"IntelConnectCenter"=C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [2015-03-16 90112]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-05-22 262024]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2019-05-04 2849872]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"=C:\Users\User007\AppData\Local\FluxSoftware\Flux\flux.exe [2019-05-07 1378824]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]
"Windscribe"=C:\Program Files (x86)\Windscribe\Windscribe.exe -os_restart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2014-06-10 1065024]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-06-27 292848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PAexec]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw64.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-06-13 20:29:09 ----D---- C:\rsit
2019-06-13 19:45:51 ----A---- C:\Windows\system32\drivers\tapwindscribe0901.sys
2019-06-09 15:56:42 ----D---- C:\Users\User007\AppData\Roaming\Opera Software
2019-05-22 21:27:26 ----A---- C:\Windows\system32\aswBoot.exe

======List of files/folders modified in the last 1 month======

2019-06-13 20:29:10 ----D---- C:\Program Files\trend micro
2019-06-13 20:27:57 ----D---- C:\Windows\inf
2019-06-13 20:27:32 ----D---- C:\Windows\Temp
2019-06-13 20:27:01 ----D---- C:\Users\User007\AppData\Roaming\MPC-HC
2019-06-13 20:26:04 ----SHD---- C:\System Volume Information
2019-06-13 20:26:03 ----D---- C:\Windows
2019-06-13 20:25:01 ----RD---- C:\Program Files (x86)
2019-06-13 20:24:37 ----D---- C:\Windows\system32\drivers\etc
2019-06-13 20:23:23 ----SHD---- C:\Windows\Installer
2019-06-13 19:47:54 ----D---- C:\ProgramData\NVIDIA
2019-06-13 19:46:03 ----D---- C:\Windows\system32\DriverStore
2019-06-13 19:46:03 ----D---- C:\Windows\system32\drivers
2019-06-13 19:44:12 ----D---- C:\Windows\System32
2019-06-13 19:44:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-06-13 19:37:48 ----D---- C:\Windows\system32\Tasks
2019-06-13 19:37:45 ----D---- C:\Program Files (x86)\SpeedFan
2019-06-12 21:03:29 ----D---- C:\Wswin
2019-06-12 16:26:02 ----D---- C:\Program Files\Mozilla Firefox
2019-06-09 23:12:26 ----D---- C:\Windows\system32\config
2019-05-26 10:56:12 ----D---- C:\Program Files\Core Temp
2019-05-26 09:17:17 ----RD---- C:\Program Files
2019-05-18 13:00:54 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2019-05-18 13:00:52 ----D---- C:\Windows\system32\Macromed
2019-05-18 13:00:51 ----D---- C:\Windows\SYSWOW64\Macromed
2019-05-18 08:08:03 ----D---- C:\Windows\SoftwareDistribution
2019-05-16 20:28:23 ----D---- C:\Program Files (x86)\Google
2019-05-14 19:32:46 ----D---- C:\Windows\SysWOW64

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2019-05-22 205848]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2019-05-22 61472]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2019-05-22 87944]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2019-05-30 385880]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2014-05-28 672104]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2014-05-28 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-06-27 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2019-05-22 207448]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2019-05-22 262496]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2019-05-22 42288]
R1 aswNetSec;aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [2019-05-22 549200]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2019-05-22 112312]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2019-05-22 1030784]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2019-05-22 477584]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2019-06-06 167872]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2019-06-03 225608]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-21 146432]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 ALSysIO;ALSysIO; \??\C:\Users\User007\AppData\Local\Temp\ALSysIO64.sys []
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2013-08-16 140032]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2013-08-16 424192]
R3 aswNetNd6;Avast Firewall NDIS6 Helper; C:\Windows\system32\DRIVERS\aswNetNd6.sys [2017-06-29 38152]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-09-28 30264]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-07-15 4012632]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2013-07-18 129224]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-09-30 129312]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2018-12-14 227896]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2018-10-01 70024]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2018-04-24 65792]
R3 XtuAcpiDriver;Intel(R) Extreme Tuning Utility Device Service; C:\Windows\system32\DRIVERS\XtuAcpiDriver.sys [2017-04-18 54168]
S3 Afc;PPdus ASPI Shell; c:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
S3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2015-09-24 44640]
S3 cpuz137;cpuz137; \??\C:\Users\User007\AppData\Local\Temp\cpuz137\cpuz137_x64.sys []
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2016-08-01 165504]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-06-27 383472]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-06-27 795120]
S3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr28ux.sys [2015-09-28 2253112]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-10-25 30336]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-11-26 888536]
S3 tapwindscribe0901;Windscribe VPN; C:\Windows\system32\DRIVERS\tapwindscribe0901.sys [2018-07-06 45560]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-12-16 83984]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2019-05-04 3117648]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2019-05-04 2888272]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-05-22 409224]
R2 avast! Firewall;Avast Firewall Service; C:\Program Files\AVAST Software\Avast\afwServ.exe [2019-05-22 416512]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-05-28 16232]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-04-03 154584]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-04-03 398296]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06 787440]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-12-11 767016]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-12-11 649712]
R2 STCServ;Intel(R) Common Connectivity Framework; C:\Program Files\Intel\STCServ\STCServ.exe [2015-03-16 8095456]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-05-28 6844776]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-05-24 164984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-05-24 164984]
S3 AvastSecureBrowserElevationService;Avast Secure Browser Elevation Service; C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.131\elevation_service.exe [2019-05-14 1079424]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-08-24 116224]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-01-31 887232]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06 787440]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-09-22 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]

-----------------EOF-----------------
Smějte se mě že sem jinej a já se vám budu smát že ste každej stejnej ;-)

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivku

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kcobain
Návštěvník
Návštěvník
Příspěvky: 145
Registrován: 20 dub 2008 08:47

Re: Prosím o preventivku

#3 Příspěvek od kcobain »

Ahoj, vše provedeno, zde je log co mě to hodilo:


# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-13-2019
# Duration: 00:00:01
# OS: Windows 7 Home Premium
# Cleaned: 12
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\User007\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\{1B84EC81-2B3B-464C-A33E-7CC1AF39CDCF}

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E421D22-F235-4261-A1B3-C84A90238BC5}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E421D22-F235-4261-A1B3-C84A90238BC5}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1B84EC81-2B3B-464C-A33E-7CC1AF39CDCF}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2442 octets] - [13/06/2019 22:13:28]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Smějte se mě že sem jinej a já se vám budu smát že ste každej stejnej ;-)

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivku

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kcobain
Návštěvník
Návštěvník
Příspěvky: 145
Registrován: 20 dub 2008 08:47

Re: Prosím o preventivku

#5 Příspěvek od kcobain »

Scan uvedeným programem jsem provedl a níže příkládám logy :
***************




Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-06-2019 01
Ran by User007 (administrator) on USER007-PC (MSI MS-7919) (14-06-2019 19:15:35)
Running from C:\Users\User007\Desktop
Loaded Profiles: User007 (Available Profiles: User007)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel(R) iCDG WINS WSS CCF -> Intel Corporation) C:\Program Files\Intel\STCServ\STCServ.exe
(Intel® Corporation) [File not signed] C:\Program Files\Intel\ConnectCenter\bin\CCFManager.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SOKNO S.R.L. -> Almico Software (almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-15] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IntelConnectCenter] => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [90112 2015-03-16] (Intel® Corporation) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-27] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1792867000-701808982-2087714082-1000\...\Run: [f.lux] => C:\Users\User007\AppData\Local\FluxSoftware\Flux\flux.exe [1378824 2019-05-07] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-1792867000-701808982-2087714082-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1792867000-701808982-2087714082-1000\...\Run: [Windscribe] => "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart
HKU\S-1-5-21-1792867000-701808982-2087714082-1000\...\MountPoints2: {0e95de25-1aa2-11e6-adab-d8cb8a536b99} - I:\Setup.exe
HKU\S-1-5-21-1792867000-701808982-2087714082-1000\...\MountPoints2: {1713147a-904a-11e5-86b2-d8cb8a536b99} - I:\setup_simcity4_deluxe_2.1.0.9.exe
HKU\S-1-5-21-1792867000-701808982-2087714082-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.LAGS] => c:\windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => c:\windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => c:\windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => c:\windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => c:\windows\system32\ff_vfw.dll [126976 2015-08-03] () [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => c:\windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => c:\windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => c:\windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => c:\windows\SysWOW64\ff_vfw.dll [112128 2015-08-03] () [File not signed]
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.131\Installer\chrmstp.exe [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0556DF21-A569-452C-B2A5-95C2B9341F45} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1844488 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {0B4833B1-78A4-45BF-8304-5EBB3DC01ECF} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [563184 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1375FFD9-4CCC-4E0C-A935-177E8AD40264} - System32\Tasks\Core Temp Autostart User007 => C:\Program Files\Core Temp\Core Temp.exe [1010064 2019-05-18] (ALCPU -> ALCPU)
Task: {24533357-2AEF-4508-B821-0F360010441F} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2497800 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {2DA251A9-289F-4788-B437-E6A5D2704112} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [1004528 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {32D71FB3-DBCA-481D-A6F5-C2BF6CAE9A56} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1958568 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {371A38A7-322B-44EE-A90C-465A855E2B3C} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887792 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3C994A6E-BEB0-40A7-8C2D-35927B9D41B8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {44FB0ACC-3D0A-4D19-83EF-87D9BFDA6D25} - System32\Tasks\KiN_SF => C:\Program Files (x86)\SpeedFan\speedfan.exe [4841120 2015-02-20] (SOKNO S.R.L. -> Almico Software (almico.com))
Task: {4C7797AF-EE00-43DD-AA71-E71EB9B65E17} - System32\Tasks\HP Officejet Pro 8100.exe_{5FCF9ACD-299A-44AE-A2C5-80D7339CEA1F} => C:\Program Files\HP\HP Officejet Pro 8100\Bin\HP Officejet Pro 8100.exe [5420136 2012-11-01] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {4E694AE1-785B-4845-850B-2A2B45E829BE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {58CB75A1-13B4-4BEB-B61B-92684EF8118C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1844488 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {600F3E3C-B4EE-4991-9926-397A6EC29DF0} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1958568 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {7F85F417-94BE-4F1D-8329-B2D147D537D9} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2018-05-31] () [File not signed]
Task: {8095E0F3-1D96-45F0-8B5B-296F18198B5B} - System32\Tasks\HP AR Program Upload - 4c76b336127d4572a92ab86de9ca138ebcc12bf5a7744a1a8bcbe64bba7c3556 => C:\Program Files\HP\HP Officejet Pro 8100\bin\HPRewards.exe [3513960 2012-11-01] (Hewlett Packard -> TODO: <Company name>)
Task: {8D702780-3502-4846-AE86-E56B2FAE3E00} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39176 2017-10-11] (Microsoft Corporation -> Microsoft)
Task: {8EA573EA-46BE-4927-AB19-50272EF4B813} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887792 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8F2B9F96-FC0C-40B7-9FD0-30268B5A145A} - System32\Tasks\IntelBootstrapCCDashExe => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [90112 2015-03-16] (Intel® Corporation) [File not signed]
Task: {90DFF4D8-C208-4DD4-BDEB-861E601DDC10} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe [1457208 2019-06-14] (Adobe Inc. -> Adobe)
Task: {9476D8C0-E5CF-4749-B075-62D44F06EB0D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3560944 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {95CD5555-6C4B-4EEE-8D9A-595369F8D810} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-24] (AVAST Software s.r.o. -> AVAST Software)
Task: {9AF8C495-588C-4E93-9641-D27F275BE4B8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-06-14] (Adobe Inc. -> Adobe)
Task: {A69E4BF8-4271-4648-B978-07A52B7CD3FE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC9AA653-A759-4BB0-962A-2C24011C9414} - System32\Tasks\HP AR Program Upload - 8850f8493a284bbda94cec11f0f085da9dfaa2a41a6444139e3e47ee94f9ca4b => C:\Program Files\HP\HP Officejet Pro 8100\bin\HPRewards.exe [3513960 2012-11-01] (Hewlett Packard -> TODO: <Company name>)
Task: {B108AFE0-287A-4392-BCEE-D40F296D29C2} - System32\Tasks\Opera scheduled Autoupdate 1560088629 => C:\Users\User007\AppData\Local\Programs\Opera\launcher.exe
Task: {B261BD97-61E9-4020-97A7-9E7C580943CB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BB3F2BE5-AF37-4337-99AD-D038B18E0BAB} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-24] (AVAST Software s.r.o. -> AVAST Software)
Task: {D69FBB94-12DD-41BD-AF73-E775A4A07E9F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D6E987A0-17AF-43EE-9C40-FD66C679B841} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D7D1ACE9-A32B-4F05-B6B1-A48872BD3A97} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {D9AE6303-CF14-46F7-A08A-F2C6E7B6AAC9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [856048 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DA4827CF-8D5D-4DBC-8875-1D6EC7C10DCB} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887792 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DCC4D1EA-40AC-4645-8EB1-093C1ACB3586} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2497800 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {E006419B-2C16-41E5-9F9F-A30F9BCB8728} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {E35FF706-E563-4C5E-9136-E0BCBD6B30B6} - System32\Tasks\AdobeGCInvoker-1.0-User007-PC-User007 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E423AB50-ED51-44C7-BDAD-0F13ADC084E7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [856048 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E59D86E2-44DE-486F-B225-710A391C7C60} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [1967880 2017-10-11] (Microsoft Corporation -> Microsoft)
Task: {E69574F0-CFB3-4BC7-9E97-C10039401E6A} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [578272 2015-05-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {F3321DFE-6C9A-4965-A948-84A56371A11E} - System32\Tasks\SafeZone scheduled Autoupdate 1514398511 => C:\Program Files (x86)\Avast SafeZone\launcher.exe [1057824 2017-08-04] (AVAST Software s.r.o. -> Avast Software)
Task: {FA6E5988-9DFD-4E22-9352-2DA2848C2102} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887792 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3FD3E101-1881-471F-9AB6-FD34632289C0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ED6C4B30-192F-4F33-A4EA-7E3EA8EC2E6D}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================

FireFox:
========
FF DefaultProfile: rhh5tgg4.default-1493407408845
FF ProfilePath: C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\rhh5tgg4.default-1493407408845 [2019-06-14]
FF Homepage: Mozilla\Firefox\Profiles\rhh5tgg4.default-1493407408845 -> www.centrum.cz/
FF Extension: (Disconnect) - C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\rhh5tgg4.default-1493407408845\Extensions\2.0@disconnect.me.xpi [2019-04-02]
FF Extension: (Seznam doplněk - Esko) - C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\rhh5tgg4.default-1493407408845\Extensions\sko-extension@firma.seznam.cz.xpi [2018-12-05]
FF Extension: (Feedbro) - C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\rhh5tgg4.default-1493407408845\Extensions\{a9c2ad37-e940-4892-8dce-cd73c6cbbc0c}.xpi [2019-06-06]
FF Extension: (No Name) - C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\rhh5tgg4.default-1493407408845\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-20]
FF Extension: (Seznam doplněk - Email) - C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\rhh5tgg4.default-1493407408845\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2018-12-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_207.dll [2019-06-14] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_207.dll [2019-06-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-12-11] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-12-11] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2014-07-11] (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-24] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [416512 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-24] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.131\elevation_service.exe [1079424 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
R2 STCServ; C:\Program Files\Intel\STCServ\STCServ.exe [8095456 2015-03-16] (Intel(R) iCDG WINS WSS CCF -> Intel Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Co., Ltd. -> AnvSoft Inc.)
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [140032 2013-08-16] (MCCI Corporation -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [424192 2013-08-16] (MCCI Corporation -> ASMedia Technology Inc)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [207448 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [262496 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [205848 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61472 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [167872 2019-06-06] (AVAST Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2017-06-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [549200 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477584 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225608 2019-06-03] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2015-09-24] (AVAST Software a.s. -> The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385880 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-09-28] (Disc Soft Ltd -> Disc Soft Ltd)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2016-08-01] (Microsoft Windows Hardware Compatibility Publisher -> ITE )
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2253112 2015-09-28] (MEDIATEK INC. -> MediaTek Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation -> NVIDIA Corporation)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [45560 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
R3 XtuAcpiDriver; C:\Windows\System32\DRIVERS\XtuAcpiDriver.sys [54168 2017-04-18] (Intel Corporation -> Intel Corporation)
R3 ALSysIO; \??\C:\Users\User007\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 cpuz137; \??\C:\Users\User007\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-14 19:15 - 2019-06-14 19:15 - 000028074 _____ C:\Users\User007\Desktop\FRST.txt
2019-06-14 19:14 - 2019-06-14 19:15 - 000000000 ____D C:\FRST
2019-06-14 18:56 - 2019-06-14 18:56 - 002418688 _____ (Farbar) C:\Users\User007\Desktop\FRST64.exe
2019-06-14 18:52 - 2019-06-14 19:13 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-06-14 18:49 - 2019-06-14 18:49 - 000004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-06-13 22:13 - 2019-06-13 22:13 - 000000000 ____D C:\AdwCleaner
2019-06-13 21:51 - 2019-06-13 21:51 - 000000000 ____D C:\Program Files\Malwarebytes
2019-06-13 20:29 - 2019-06-13 20:29 - 000000000 ____D C:\rsit
2019-06-13 19:46 - 2019-06-13 19:46 - 000000000 ____D C:\Users\User007\AppData\Local\Windscribe
2019-06-13 19:45 - 2018-07-06 17:22 - 000045560 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tapwindscribe0901.sys
2019-06-09 15:57 - 2019-06-09 18:11 - 000000000 ____D C:\Users\User007\AppData\Local\Opera Software
2019-06-09 15:57 - 2019-06-09 15:57 - 000004086 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1560088629
2019-06-09 15:56 - 2019-06-09 18:11 - 000000000 ____D C:\Users\User007\AppData\Roaming\Opera Software
2019-05-22 21:27 - 2019-05-22 21:27 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-14 19:15 - 2017-04-28 21:23 - 000000000 ____D C:\Users\User007\AppData\LocalLow\Mozilla
2019-06-14 19:14 - 2019-04-05 20:26 - 000003030 _____ C:\Windows\System32\Tasks\MSIAfterburner
2019-06-14 19:14 - 2016-07-02 09:21 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-14 19:14 - 2015-09-22 08:59 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2019-06-14 19:13 - 2018-09-08 11:08 - 000000085 _____ C:\Windows\wininit.ini
2019-06-14 19:13 - 2018-06-10 18:13 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2019-06-14 19:13 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-14 18:52 - 2018-09-08 10:35 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-06-14 18:49 - 2018-04-23 19:33 - 000004536 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-06-14 18:49 - 2015-09-27 18:58 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-06-14 18:49 - 2015-09-27 18:58 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-06-14 18:49 - 2015-09-27 18:58 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-06-14 18:49 - 2015-09-27 18:57 - 000000000 ____D C:\Windows\system32\Macromed
2019-06-14 18:41 - 2009-07-14 06:45 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-06-14 18:41 - 2009-07-14 06:45 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-06-14 18:36 - 2015-09-22 09:02 - 000003986 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{E004C03C-9FAC-4DC1-A338-24309FF7CBEA}
2019-06-14 18:32 - 2010-11-21 11:27 - 000672834 _____ C:\Windows\system32\perfh005.dat
2019-06-14 18:32 - 2010-11-21 11:27 - 000142928 _____ C:\Windows\system32\perfc005.dat
2019-06-14 18:32 - 2009-07-14 07:13 - 001595172 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-14 18:32 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-06-13 21:55 - 2015-09-27 18:59 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-13 21:34 - 2016-05-21 23:00 - 000000574 _____ C:\Users\Public\Desktop\PC-Wetterstation.lnk
2019-06-13 21:34 - 2016-05-21 23:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC-Wetterstation
2019-06-13 21:34 - 2016-05-21 13:05 - 000000000 ____D C:\Wswin
2019-06-13 20:54 - 2016-07-11 16:28 - 000000000 ____D C:\Users\User007\Counter-Strike 1.6
2019-06-13 20:53 - 2015-11-21 14:51 - 000000000 ____D C:\Program Files (x86)\Return To Castle Wolfenstein - Extended Edition
2019-06-13 20:53 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-06-13 20:29 - 2016-04-24 19:16 - 000000000 ____D C:\Program Files\trend micro
2019-06-13 20:27 - 2015-09-24 20:14 - 000000000 ____D C:\Users\User007\AppData\Roaming\MPC-HC
2019-06-12 16:26 - 2017-04-28 21:22 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-06-07 22:07 - 2017-10-27 06:16 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-06-07 22:07 - 2016-08-05 11:54 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-06-06 19:50 - 2015-09-24 19:57 - 000167872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-06-03 18:00 - 2015-09-24 19:57 - 000225608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-05-30 19:00 - 2015-09-24 19:57 - 000385880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-05-28 16:51 - 2019-04-17 18:56 - 000003732 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-05-28 16:51 - 2019-04-17 18:56 - 000003150 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-05-28 16:51 - 2018-05-24 06:18 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-05-26 10:56 - 2016-02-22 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2019-05-26 10:56 - 2015-09-22 08:58 - 000000000 ____D C:\Program Files\Core Temp
2019-05-22 21:27 - 2019-02-13 10:45 - 000549200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2019-05-22 21:27 - 2019-01-14 17:41 - 000262496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-05-22 21:27 - 2019-01-07 07:39 - 000205848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-05-22 21:27 - 2019-01-07 07:39 - 000061472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-05-22 21:27 - 2018-10-13 18:16 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-05-22 21:27 - 2017-11-09 19:26 - 000207448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-05-22 21:27 - 2017-02-07 19:28 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-05-22 21:27 - 2015-09-24 19:57 - 001030784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-05-22 21:27 - 2015-09-24 19:57 - 000477584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-05-22 21:27 - 2015-09-24 19:57 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-05-22 21:27 - 2015-09-24 19:57 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-05-18 13:01 - 2015-09-27 18:57 - 000000000 ____D C:\Users\User007\AppData\Local\Adobe
2019-05-16 20:28 - 2017-01-24 10:17 - 000000000 ____D C:\Users\User007\AppData\Local\Google
2019-05-16 20:28 - 2017-01-24 10:17 - 000000000 ____D C:\Program Files (x86)\Google

==================== Files in the root of some directories ================

2016-06-20 18:48 - 2016-06-21 07:10 - 000000119 _____ () C:\Users\User007\AppData\Roaming\Camdata.ini
2016-06-20 18:48 - 2016-06-21 07:10 - 000000408 _____ () C:\Users\User007\AppData\Roaming\CamLayout.ini
2016-06-20 18:48 - 2016-06-21 07:10 - 000000408 _____ () C:\Users\User007\AppData\Roaming\CamShapes.ini
2016-06-20 18:47 - 2016-06-21 07:10 - 000004550 _____ () C:\Users\User007\AppData\Roaming\CamStudio.cfg
2016-05-27 19:35 - 2016-09-11 07:58 - 000000000 _____ () C:\Users\User007\AppData\Roaming\Logs
2015-09-22 16:12 - 2015-09-25 06:36 - 001065984 _____ () C:\Users\User007\AppData\Local\file__0.localstorage
2015-12-13 19:32 - 2015-12-13 19:32 - 000000000 ___SH () C:\Users\User007\AppData\Local\LumaEmu
2016-09-10 13:02 - 2016-09-10 13:05 - 000029696 _____ () C:\Users\User007\AppData\Local\MSGBOX.EXE
2018-09-29 08:30 - 2018-09-29 08:30 - 000000000 _____ () C:\Users\User007\AppData\Local\oobelibMkey.log
2018-10-20 12:03 - 2018-10-20 12:03 - 000007604 _____ () C:\Users\User007\AppData\Local\Resmon.ResmonCfg

==================== FLock ================

2019-06-13 20:26 C:\System Volume Information

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-06-12 18:35
==================== End of FRST.txt ============================
Smějte se mě že sem jinej a já se vám budu smát že ste každej stejnej ;-)

kcobain
Návštěvník
Návštěvník
Příspěvky: 145
Registrován: 20 dub 2008 08:47

Re: Prosím o preventivku

#6 Příspěvek od kcobain »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2019 01
Ran by User007 (14-06-2019 19:16:02)
Running from C:\Users\User007\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-09-22 06:56:28)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1792867000-701808982-2087714082-500 - Administrator - Disabled)
Guest (S-1-5-21-1792867000-701808982-2087714082-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1792867000-701808982-2087714082-1004 - Limited - Enabled)
User007 (S-1-5-21-1792867000-701808982-2087714082-1000 - Administrator - Enabled) => C:\Users\User007

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.207 - Adobe)
Aktualizace NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
AusLogics Registry Defrag (HKLM-x32\...\{D627784F-B3EE-44E8-96B1-9509B991EA34}_is1) (Version: version 4.1 - AusLogics, Inc.)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 74.0.1376.131 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
Core Temp 1.14 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.14 - ALCPU)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.35 - NVIDIA Corporation) Hidden
Document Capture Pro (HKLM-x32\...\{C75B4983-D3A7-4D0A-8B1A-7BC4F2044F37}) (Version: 1.06.0012 - Seiko Epson Corporation)
Document Capture Pro OneNote Connector (HKLM-x32\...\{65FC2F65-FCD4-495C-B250-1F7C049E4A39}) (Version: 1.00.0000 - Seiko Epson Corporation)
Epson Copy Utility 4 (HKLM-x32\...\{06A7E8AB-2856-4490-BAA9-F338ABE7695A}) (Version: 4.01.0001 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{4B22C430-7EA8-4534-8358-376FD900B953}) (Version: 3.10.0042 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
f.lux (HKU\S-1-5-21-1792867000-701808982-2087714082-1000\...\Flux) (Version: - f.lux Software LLC)
Farming Simulator 19 (HKLM-x32\...\Farming Simulator 19_is1) (Version: - )
FastStone Image Viewer 7.0 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.0 - FastStone Soft)
FOTOLAB CEWE fotosvet (HKLM-x32\...\FOTOLAB CEWE fotosvet) (Version: 6.1.5 - CEWE Stiftung u Co. KGaA)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.3 - Google Inc.) Hidden
Grand Theft Auto V Update (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8100 Nápověda (HKLM-x32\...\{F7635BFA-96BB-426D-91ED-1DB0E09585A9}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation)
Intel® CCF Manager (HKLM-x32\...\{0f3d8dd5-54af-4404-a01c-4967e485a065}) (Version: 3.0.13.2211 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{d370215a-d003-43ae-a3b6-1028af64d5a1}) (Version: 10.0.20 - Intel(R) Corporation) Hidden
K-Lite Mega Codec Pack 14.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.9.0 - KLCP)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 3.2.116.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 67.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 67.0.2 (x64 cs)) (Version: 67.0.2 - Mozilla)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 417.35 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Ovládací panel NVIDIA 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 417.35 - NVIDIA Corporation) Hidden
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.9091) (Version: 4.58.2552.909 - Avast Software) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
STCServ (HKLM\...\{A954D353-9DAF-4916-8E71-F1E959EBCD1E}) (Version: 3.0.0.1783 - Intel Corporation) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Web Components (HKLM-x32\...\{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version: - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-1792867000-701808982-2087714082-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
WsWin V2.99.7 - 2019-05-25 (HKLM-x32\...\PC-Wetterstation_is1) (Version: 2.99.7 - Werner Krenn)
Základní software zařízení HP Officejet Pro 8100 (HKLM\...\{6F19CF85-371F-439C-A97B-35269F9A882B}) (Version: 28.0.1321.0 - Hewlett-Packard Co.)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1809.2.93 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-12-11] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2016-09-10 17:11 - 2019-06-14 19:14 - 000192512 _____ () [File not signed] C:\Users\User007\AppData\Local\Temp\sfamcc00001.dll
2019-06-13 22:25 - 2019-06-14 19:14 - 000158720 _____ () [File not signed] C:\Users\User007\AppData\Local\Temp\sfareca00001.dll
2015-09-22 09:06 - 2014-06-27 05:30 - 000074240 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2014-05-28 10:10 - 2014-05-28 10:10 - 000526336 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2014-05-28 10:10 - 2014-05-28 10:10 - 000296960 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-03-16 13:19 - 2015-03-16 13:19 - 000068096 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\ConnectCenter\bin\CCFManager.exe
2014-01-31 15:16 - 2014-01-31 15:16 - 001199104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] c:\program files (x86)\intel\icls client\LIBEAY32.dll
2014-01-31 15:16 - 2014-01-31 15:16 - 000302592 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] c:\program files (x86)\intel\icls client\ssleay32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-06-13 20:24 - 2019-06-13 20:24 - 000000135 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 http://www.langsoft.cz
127.0.0.1 http://www.pctranslator.cz
0.0.0.0 account.zoner.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\program files (x86)\intel\icls client\;c:\program files\intel\icls client\;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\program files\intel\intel(r) management engine components\dal;c:\program files (x86)\intel\intel(r) management engine components\dal;c:\program files\intel\intel(r) management engine components\ipt;c:\program files (x86)\intel\intel(r) management engine components\ipt;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-1792867000-701808982-2087714082-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{23628B39-DC41-4BA7-886D-99FDFFCF738B}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{871F5D72-FC70-4A9E-8B93-7633B92829BD}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{98A0C909-01AA-432F-BB02-401224425D29}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{76B25A44-F90C-45E5-B5F2-5E5D9466F910}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{62C31B6A-31BD-479A-BF25-AA2DD51FE453}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe (Intel(R) iCDG WINS WSS CCF -> Intel Corporation)
FirewallRules: [{512AD00A-E821-426A-B093-DC979B701372}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe (Intel(R) iCDG WINS WSS CCF -> Intel Corporation)
FirewallRules: [{77185F73-2BA3-4E82-AA67-1A3B8D4E00B4}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe (Intel(R) iCDG WINS WSS CCF -> Intel Corporation)
FirewallRules: [{F695587B-C98F-4101-8EA7-429112F4036A}] => (Allow) D:\HRY\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{6F8D355D-BED6-448C-BEE2-D0C20FFEE74C}] => (Allow) D:\HRY\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{11F5FBAE-43B6-4137-832B-338215A6FD7C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B939E7C6-0482-4398-8E67-71764F8B2E5A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4F3133B0-C48C-4576-90EB-B778B842C8F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A98FD253-19D8-4CAA-9F0F-F23C80E72F6B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{851864F6-2D63-4995-8D9D-DCFF24ADD4E2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7FB0DF3C-E92B-4151-9405-CB514BF14FAF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0CAB9065-438F-49B8-8F09-649B5887B9F3}] => (Allow) C:\Program Files (x86)\Avast SafeZone\4.58.2552.909\SZBrowser.exe (AVAST Software s.r.o. -> Avast Software)
FirewallRules: [{3F607218-6F16-4218-ADA2-367AAEF5783C}] => (Allow) D:\HRY\WoT\WoTLauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{C8C0E6A1-3637-4569-96EC-34F21D613E0C}] => (Allow) D:\HRY\WoT\WoTLauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{28D64C2C-5E2D-4678-B209-373BA099A60D}] => (Allow) D:\HRY\WoT\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{247C1A1C-75C3-449D-A47B-219EAEA9DA29}] => (Allow) D:\HRY\WoT\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{B28D1723-0048-4F3A-B952-288C91E6927A}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{4EC9722F-6424-4163-94F6-2665C9286296}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{8804C5CA-2B69-49C3-B6BC-4B2D70FC5535}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{04E6E5AF-C11D-43A3-8955-12EADCBD85AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2E92D6CE-F403-466B-B389-C9361459AE02}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5DC2DDFF-1617-4CB8-BF6C-63DFC2D500FB}] => (Allow) D:\HRY\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{D1DEC8F7-4DA4-4471-95B4-6211BDBBCCEC}] => (Allow) D:\HRY\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{C930462C-CDAF-4087-A2EE-E09E396DF918}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{55BC89C2-E3F1-4D01-B4A4-FA760782297D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{5BFDBA79-7844-4693-B2D5-11EB7556CC02}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AE4E06C6-56B4-44C0-AA43-6B215113A403}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B2875705-4CA1-40AE-99D0-9C457D79ACBD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E863344-FA8E-4716-ACB7-3B2B5A8099CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{99AF5348-DCD4-4018-8DC9-D4879CBA28B9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F4A54B20-6F7E-4976-ABF3-7EC27290276D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{E3BD473A-DC32-4331-8DB7-57A0DCF7D832}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{2F3CC0C0-D078-4077-B066-48FCA791E3A2}] => (Allow) C:\Users\User007\AppData\Local\Programs\Opera\60.0.3255.151\opera.exe No File

==================== Restore Points =========================

09-06-2019 19:45:13 Naplánovaný kontrolní bod
13-06-2019 19:45:59 Instalace balíčku ovladače zařízení: Windscribe.com Síťové adaptéry

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/14/2019 07:13:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/14/2019 06:49:39 PM) (Source: Firefox) (EventID: 5) (User: )
Description: Event-ID 5

Error: (06/14/2019 06:36:51 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (06/14/2019 06:26:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/13/2019 10:25:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/13/2019 10:23:24 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (06/13/2019 10:14:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (06/14/2019 07:16:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/14/2019 07:16:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/14/2019 07:14:22 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (06/14/2019 07:14:22 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (06/14/2019 07:14:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/14/2019 07:14:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/14/2019 07:14:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (06/14/2019 06:57:04 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.


CodeIntegrity:
===================================

Date: 2016-07-29 18:19:53.070
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-29 18:19:43.084
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-29 18:19:42.866
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-26 14:14:37.294
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-26 14:13:53.147
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-26 14:13:52.960
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-25 22:49:41.137
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-25 22:49:22.209
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.6 12/23/2014
Motherboard: MSI Z97M GAMING (MS-7919)
Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 44%
Total physical RAM: 8142.47 MB
Available physical RAM: 4486.18 MB
Total Virtual: 16332.62 MB
Available Virtual: 12240.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.47 GB) (Free:163.33 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:931.51 GB) (Free:529.67 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 46DA0BFB)
Partition 1: (Active) - (Size=238.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 4D1629CF)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Smějte se mě že sem jinej a já se vám budu smát že ste každej stejnej ;-)

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivku

#7 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    HKU\S-1-5-21-1792867000-701808982-2087714082-1000\...\MountPoints2: {0e95de25-1aa2-11e6-adab-d8cb8a536b99} - I:\Setup.exe
    HKU\S-1-5-21-1792867000-701808982-2087714082-1000\...\MountPoints2: {1713147a-904a-11e5-86b2-d8cb8a536b99} - I:\setup_simcity4_deluxe_2.1.0.9.exe
    BootExecute: autocheck autochk * sdnclean64.exe
    R3 ALSysIO; \??\C:\Users\User007\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
    S3 cpuz137; \??\C:\Users\User007\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X] <==== ATTENTION
    2019-06-14 18:52 - 2019-06-14 19:13 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
    2019-06-14 18:52 - 2018-09-08 10:35 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
    2019-06-13 20:29 - 2016-04-24 19:16 - 000000000 ____D C:\Program Files\trend micro
    2016-05-27 19:35 - 2016-09-11 07:58 - 000000000 _____ () C:\Users\User007\AppData\Roaming\Logs
    2015-12-13 19:32 - 2015-12-13 19:32 - 000000000 ___SH () C:\Users\User007\AppData\Local\LumaEmu
    2016-09-10 13:02 - 2016-09-10 13:05 - 000029696 _____ () C:\Users\User007\AppData\Local\MSGBOX.EXE
    2018-09-29 08:30 - 2018-09-29 08:30 - 000000000 _____ () C:\Users\User007\AppData\Local\oobelibMkey.log
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kcobain
Návštěvník
Návštěvník
Příspěvky: 145
Registrován: 20 dub 2008 08:47

Re: Prosím o preventivku

#8 Příspěvek od kcobain »

Snad sem to provedl správně vše ani se to v tom horku nezavařilo :) a zde je log :



Fix result of Farbar Recovery Scan Tool (x64) Version: 15-06-2019
Ran by User007 (15-06-2019 18:54:08) Run:1
Running from C:\Users\User007\Desktop
Loaded Profiles: User007 (Available Profiles: User007)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
HKU\S-1-5-21-1792867000-701808982-2087714082-1000\...\MountPoints2: {0e95de25-1aa2-11e6-adab-d8cb8a536b99} - I:\Setup.exe
HKU\S-1-5-21-1792867000-701808982-2087714082-1000\...\MountPoints2: {1713147a-904a-11e5-86b2-d8cb8a536b99} - I:\setup_simcity4_deluxe_2.1.0.9.exe
BootExecute: autocheck autochk * sdnclean64.exe
R3 ALSysIO; \??\C:\Users\User007\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 cpuz137; \??\C:\Users\User007\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X] <==== ATTENTION
2019-06-14 18:52 - 2019-06-14 19:13 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-06-14 18:52 - 2018-09-08 10:35 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-06-13 20:29 - 2016-04-24 19:16 - 000000000 ____D C:\Program Files\trend micro
2016-05-27 19:35 - 2016-09-11 07:58 - 000000000 _____ () C:\Users\User007\AppData\Roaming\Logs
2015-12-13 19:32 - 2015-12-13 19:32 - 000000000 ___SH () C:\Users\User007\AppData\Local\LumaEmu
2016-09-10 13:02 - 2016-09-10 13:05 - 000029696 _____ () C:\Users\User007\AppData\Local\MSGBOX.EXE
2018-09-29 08:30 - 2018-09-29 08:30 - 000000000 _____ () C:\Users\User007\AppData\Local\oobelibMkey.log

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 23
Average :
Sum : 5259826
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========

HKU\S-1-5-21-1792867000-701808982-2087714082-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0e95de25-1aa2-11e6-adab-d8cb8a536b99} => removed successfully
HKLM\Software\Classes\CLSID\{0e95de25-1aa2-11e6-adab-d8cb8a536b99} => not found
HKU\S-1-5-21-1792867000-701808982-2087714082-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1713147a-904a-11e5-86b2-d8cb8a536b99} => removed successfully
HKLM\Software\Classes\CLSID\{1713147a-904a-11e5-86b2-d8cb8a536b99} => not found
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
ALSysIO => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\ALSysIO => removed successfully
ALSysIO => service removed successfully
HKLM\System\CurrentControlSet\Services\cpuz137 => removed successfully
cpuz137 => service removed successfully
C:\Program Files (x86)\Spybot - Search & Destroy 2 => moved successfully
C:\ProgramData\Spybot - Search & Destroy => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\User007\AppData\Roaming\Logs => moved successfully
C:\Users\User007\AppData\Local\LumaEmu => moved successfully
C:\Users\User007\AppData\Local\MSGBOX.EXE => moved successfully
C:\Users\User007\AppData\Local\oobelibMkey.log => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19207580 B
Java, Flash, Steam htmlcache => 1169 B
Windows/system/drivers => 40178969 B
Edge => 0 B
Chrome => 0 B
Firefox => 1106291033 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
User007 => 100213449 B

RecycleBin => 0 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:54:23 ====
Smějte se mě že sem jinej a já se vám budu smát že ste každej stejnej ;-)

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivku

#9 Příspěvek od Conder »

:arrow: Odporucam doinstalovat vsetky dolezite aktualizacie cez Windows Update.

:arrow: Inak to vyzera OK. Su nejake problemy s PC?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kcobain
Návštěvník
Návštěvník
Příspěvky: 145
Registrován: 20 dub 2008 08:47

Re: Prosím o preventivku

#10 Příspěvek od kcobain »

Updaty windows mám vyplé na automatiku, něco mě to ještě našlo tak sem to nainstaloval, jinak přehrávání videa se znatelně zlepšilo. a celkově to vypadá OK.

Ještě sem to projel Avastem a vše OK.

Snad jen bych měl dotaz, jestli používat Ccleaner na údržbu, nebo si zaplatit od Avastu jejich Cleaner ale službu to asi udělá stejnou že?
Smějte se mě že sem jinej a já se vám budu smát že ste každej stejnej ;-)

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivku

#11 Příspěvek od Conder »

:arrow: Podla mna je CCleaner viac nez dostatocny (mimochodom, CCleaner vyvija firma Piriform, ktoru odkupil Avast).

:arrow: Ak uz nie su ziadne problemy, tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kcobain
Návštěvník
Návštěvník
Příspěvky: 145
Registrován: 20 dub 2008 08:47

Re: Prosím o preventivku

#12 Příspěvek od kcobain »

Ok, rozumím, tak to sem nevěděl že to zchlamstnul Avast. Zůstanu u něj i nadále.

Jinak delfix spuštěn, soubory z plochy to smazalo, tak sem hlavně rád že komp je čistej a jestli je to vše děkuju moc za pomoc a za tvůj čas ;)))

Měj se a fajn den :fez:
Smějte se mě že sem jinej a já se vám budu smát že ste každej stejnej ;-)

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivku

#13 Příspěvek od Conder »

Nie je zaco, rad som pomohol :)
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět