exinariuminix.info

Zpráva

Echo · #1 Příspěvek od **Echo** » 04 bře 2021 17:29

Dobrý deň
Po zapnutí PC sa mi svojvoľne otvorí okno prehliadača Firefox a spusti stránka "exinariuminix.info" ktorá ma presmeruje na nejakú reklamu.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by ivan (administrator) on DESKTOP-E4OH46O (Micro-Star International Co., Ltd. MS-7B24) (04-03-2021 17:02:47)
Running from C:\Users\ivanj\Desktop
Loaded Profiles: ivan
Platform: Windows 10 Home Version 20H2 19042.804 (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Alcohol Soft -> Alcohol Soft Development Team) C:\Users\Public\Documents\AxPortable\AxSCSIServiceEx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2101.15643.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Prolific Technology Inc.) [File not signed] C:\Windows\SysWOW64\IoctlSvc.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d87c47469b47c3f9\RtkAudUService64.exe <2>
(Seznam.cz, a.s. -> ) [File not signed] C:\Program Files (x86)\Seznam.cz\postak.exe
(SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(SoftPerfect Pty. Ltd. -> SoftPerfect) C:\Program Files\SoftPerfect WiFi Guard\WiFiGuard.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d87c47469b47c3f9\RtkAudUService64.exe [1201448 2020-10-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117352 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5886264 2020-05-30] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\Run: [WiFi Guard] => C:\Program Files\SoftPerfect WiFi Guard\WiFiGuard.exe [5853144 2021-01-13] (SoftPerfect Pty. Ltd. -> SoftPerfect)
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG -> Nero AG)
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\Run: [Seznam Postak] => C:\Program Files (x86)\Seznam.cz\postak.exe [462104 2010-05-05] (Seznam.cz, a.s. -> ) [File not signed]
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\Run: [ivan] => explorer.exe hxxp://exinariuminix.info <==== ATTENTION
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2020-05-13] (pdfforge GmbH) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2020-05-30]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1D0F104C-6F75-4C91-A335-ED0D814DB46D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {46D3D70B-F15B-4F76-96E4-D6E34BD854D8} - System32\Tasks\ivan => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v ivan /t REG_SZ /d "explorer.exe http://exinariuminix.info" <==== ATTENTION
Task: {60F50EFD-C857-4FA4-BC27-37C79113BE61} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {710A365B-AF6C-4473-ADCE-DF63502E2E24} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {73BB5F86-4354-4A79-AD8F-D76E06BD7173} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {83ACCA9F-6A57-4389-AD5A-B0FEED223B66} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {92B1038D-F711-4523-ADD3-9EC4E1B201B3} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3051675322-3551737400-481905787-500 => C:\Users\ivanj\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {9390C3F0-EAD1-4903-8558-96BECBB1FE02} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4682976 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
Task: {F0FFDC28-CF72-412A-BE94-B58219DF7579} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 217.23.254.124 217.23.254.125
Tcpip\..\Interfaces\{7d8813ae-5733-4ba6-a753-8e6534c08419}: [DhcpNameServer] 217.23.254.124 217.23.254.125

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ivanj\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-04]
Edge HomePage: Default -> hxxps://www.google.sk/
Edge StartupUrls: Default -> "hxxps://www.google.sk/"

FireFox:
========
FF DefaultProfile: tsk9d0pt.default
FF DefaultProfile: z86k4i4j.default
FF ProfilePath: C:\Users\ivanj\AppData\Roaming\Mozilla\Firefox\Profiles\tsk9d0pt.default [2021-03-03]
FF NewTab: Mozilla\Firefox\Profiles\tsk9d0pt.default -> hxxps://securesearch.org/homepage?hp=2&pId=PF170501&iDate=2020-11-14 03:50:00&bName=
FF ProfilePath: C:\Users\ivanj\AppData\Roaming\Mozilla\Firefox\Profiles\ntzimsgo.default-release-1589618467651 [2021-03-04]
FF Homepage: Mozilla\Firefox\Profiles\ntzimsgo.default-release-1589618467651 -> hxxps://www.google.sk/
FF Extension: (WebRTC Leak Shield) - C:\Users\ivanj\AppData\Roaming\Mozilla\Firefox\Profiles\ntzimsgo.default-release-1589618467651\Extensions\@webrtc-leak-shield.xpi [2021-03-03]
FF Extension: (HTTPS Everywhere) - C:\Users\ivanj\AppData\Roaming\Mozilla\Firefox\Profiles\ntzimsgo.default-release-1589618467651\Extensions\https-everywhere@eff.org.xpi [2021-03-03]
FF Extension: (uBlock Origin) - C:\Users\ivanj\AppData\Roaming\Mozilla\Firefox\Profiles\ntzimsgo.default-release-1589618467651\Extensions\uBlock0@raymondhill.net.xpi [2021-03-03]
FF Extension: (MyIP - Host IP, ISP and DNS) - C:\Users\ivanj\AppData\Roaming\Mozilla\Firefox\Profiles\ntzimsgo.default-release-1589618467651\Extensions\{2472aa5a-d3b5-4415-ba63-db98427d4a01}.xpi [2021-03-03]
FF Extension: (ImTranslator: Prekladač, Slovník, Služba prevodu textu na reč) - C:\Users\ivanj\AppData\Roaming\Mozilla\Firefox\Profiles\ntzimsgo.default-release-1589618467651\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2021-03-03]
FF ProfilePath: C:\Users\ivanj\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\z86k4i4j.default [2020-05-13]
FF ProfilePath: C:\Users\ivanj\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\jpk8y0qa.default-default [2020-06-21]
FF Homepage: FlashPeak\SlimBrowser\Profiles\jpk8y0qa.default-default -> about:blank
FF NetworkProxy: FlashPeak\SlimBrowser\Profiles\jpk8y0qa.default-default -> backup.ftp", "62.213.14.166"
FF Extension: (WebRTC Leak Shield) - C:\Users\ivanj\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\jpk8y0qa.default-default\Extensions\@webrtc-leak-shield.xpi [2020-05-13]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\ivanj\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\jpk8y0qa.default-default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2020-05-13]
FF Extension: (HTTPS Everywhere) - C:\Users\ivanj\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\jpk8y0qa.default-default\Extensions\https-everywhere@eff.org.xpi [2020-05-22]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\ivanj\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\jpk8y0qa.default-default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2020-05-13]
FF Extension: (uBlock Origin) - C:\Users\ivanj\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\jpk8y0qa.default-default\Extensions\uBlock0@raymondhill.net.xpi [2020-05-28]
FF Extension: (MyIP - Host IP, ISP and DNS) - C:\Users\ivanj\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\jpk8y0qa.default-default\Extensions\{2472aa5a-d3b5-4415-ba63-db98427d4a01}.xpi [2020-05-13]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\ivanj\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\jpk8y0qa.default-default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2020-06-06]
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-25] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8477080 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [621728 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R2 AxVirtualSCSISrv; C:\Users\Public\Documents\AxPortable\AxSCSIServiceEx.exe [294864 2015-04-01] (Alcohol Soft -> Alcohol Soft Development Team)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG -> Nero AG)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 RtkAudioUniversalService; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d87c47469b47c3f9\RtkAudUService64.exe [1201448 2020-10-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5886264 2020-05-30] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
S3 VBoxSDS; D:\Programove subory (instalovane)\VirtualBox\VBoxSDS.exe [746944 2021-01-07] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35648 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175248 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465656 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215328 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R3 axscsibus; C:\WINDOWS\System32\drivers\axscsibus.sys [30352 2021-02-14] (Disc Soft Ltd -> Alcohol Soft Development Team)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2020-05-14] (SoftEther Corporation -> SoftEther Corporation)
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [50624 2020-05-30] (SoftEther Corporation -> SoftEther Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [239872 2021-01-07] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249776 2021-01-07] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174024 2020-07-11] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-04 17:02 - 2021-03-04 17:03 - 000017916 _____ C:\Users\ivanj\Desktop\FRST.txt
2021-03-04 17:02 - 2021-03-04 17:03 - 000000000 ____D C:\FRST
2021-03-04 17:02 - 2021-03-04 17:02 - 002301440 _____ (Farbar) C:\Users\ivanj\Desktop\FRST64.exe
2021-03-03 18:00 - 2021-03-03 18:00 - 000000000 ____D C:\Users\ivanj\AppData\Roaming\Subtitle Edit
2021-03-03 17:57 - 2021-02-23 16:31 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-02-23 17:30 - 2021-03-03 17:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-23 16:31 - 2021-02-23 16:31 - 000215328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-02-22 17:24 - 2021-02-22 17:24 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-14 11:00 - 2021-02-14 11:00 - 000030352 _____ (Alcohol Soft Development Team) C:\WINDOWS\system32\Drivers\axscsibus.sys
2021-02-14 11:00 - 2021-02-14 11:00 - 000000000 ____D C:\ProgramData\Documents\AxPortable
2021-02-13 08:45 - 2021-02-13 08:45 - 000003558 _____ C:\WINDOWS\system32\Tasks\ivan
2021-02-13 08:10 - 2021-02-13 08:23 - 000000000 ____D C:\Users\ivanj\AppData\Local\ArmA 2
2021-02-12 18:39 - 2021-02-12 18:40 - 000000000 ____D C:\Users\ivanj\AppData\Local\ArmA 2 OA
2021-02-12 18:34 - 2021-02-12 18:34 - 000000000 ____D C:\Users\ivanj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2021-02-10 07:17 - 2021-02-10 07:17 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-10 07:17 - 2021-02-10 07:17 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-06 12:14 - 2021-02-06 12:14 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-06 12:14 - 2021-02-06 12:14 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-06 12:14 - 2021-02-06 12:14 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-04 17:02 - 2020-05-12 18:28 - 000000000 ____D C:\Users\ivanj\AppData\LocalLow\Mozilla
2021-03-04 17:02 - 2020-05-12 18:28 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-04 16:58 - 2020-05-29 17:33 - 000000000 ____D C:\Program Files\CCleaner
2021-03-04 16:56 - 2020-08-29 07:37 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-04 16:56 - 2020-08-29 07:37 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-03 20:04 - 2019-12-10 19:55 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-03 20:03 - 2020-05-31 08:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-03 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-03 18:37 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-03 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-03 18:02 - 2020-07-27 18:36 - 000000000 ____D C:\Users\ivanj\.VirtualBox
2021-03-03 18:02 - 2020-07-27 18:36 - 000000000 ____D C:\ProgramData\VirtualBox
2021-03-03 18:02 - 2020-05-31 08:14 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-03 18:02 - 2020-05-14 16:09 - 000000000 ____D C:\Users\ivanj\AppData\Roaming\CodeBlocks
2021-03-03 18:02 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-03 18:01 - 2020-05-14 18:49 - 000000000 ____D C:\Users\ivanj\AppData\Roaming\HandBrake
2021-03-03 17:59 - 2020-05-12 18:31 - 000000000 ____D C:\ProgramData\Avast Software
2021-03-03 17:59 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-03-03 17:57 - 2020-05-31 08:15 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-03-03 17:57 - 2020-05-31 08:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-03 17:57 - 2020-05-31 07:42 - 000000000 ____D C:\Users\ivanj
2021-03-03 17:57 - 2020-05-14 16:02 - 000000000 ____D C:\Program Files\SoftEther VPN Client
2021-03-03 17:57 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-03 17:57 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-03 17:56 - 2020-05-31 08:09 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-03 17:54 - 2020-05-23 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2021-03-03 17:54 - 2020-05-23 17:13 - 000000000 ____D C:\Program Files\CPUID
2021-03-03 17:54 - 2020-05-22 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\evlr
2021-03-03 17:54 - 2020-05-22 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Video Logo Remover
2021-03-03 17:54 - 2020-05-22 16:19 - 000000000 ____D C:\Program Files (x86)\Easy Video Logo Remover
2021-03-03 17:54 - 2020-05-16 09:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-03 17:54 - 2020-05-13 16:48 - 000000000 ____D C:\Users\ivanj\AppData\Roaming\GHISLER
2021-03-03 17:54 - 2020-05-13 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit
2021-03-03 17:54 - 2020-05-13 16:14 - 000000000 ____D C:\Program Files\Subtitle Edit
2021-03-03 17:54 - 2020-05-12 18:33 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2021-03-03 17:54 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files\Windows Portable Devices
2021-03-03 17:54 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-03-03 17:54 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2021-03-03 17:54 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2021-03-03 17:54 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-03-03 17:54 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2021-03-03 17:54 - 2019-12-07 15:37 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-03-03 17:54 - 2019-12-07 15:36 - 000000000 ____D C:\WINDOWS\system32\sk
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\downlevel
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Containers
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-03-03 17:54 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-03-03 17:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2021-03-03 17:36 - 2020-05-12 18:28 - 000000000 ____D C:\Users\ivanj\AppData\Roaming\Mozilla
2021-03-01 17:32 - 2020-05-30 17:01 - 000000000 ____D C:\Users\ivanj\AppData\Roaming\MPC-HC
2021-02-28 05:50 - 2020-05-13 16:26 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-27 05:15 - 2020-08-29 07:37 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-26 18:01 - 2020-05-30 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2021-02-26 18:01 - 2020-05-30 17:00 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2021-02-24 16:44 - 2020-06-20 15:27 - 000000000 ____D C:\Users\ivanj\AppData\Local\ElevatedDiagnostics
2021-02-23 17:30 - 2020-05-16 09:41 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-23 16:32 - 2020-10-24 06:17 - 000175248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-02-23 16:32 - 2020-05-12 18:33 - 000465656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-02-23 16:31 - 2020-05-12 18:33 - 000850112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-02-23 16:31 - 2020-05-12 18:33 - 000357320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-02-23 16:31 - 2020-05-12 18:33 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-02-23 16:31 - 2020-05-12 18:33 - 000249304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-02-23 16:31 - 2020-05-12 18:33 - 000208024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-02-23 16:31 - 2020-05-12 18:33 - 000107784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-02-23 16:31 - 2020-05-12 18:33 - 000098760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-02-23 16:31 - 2020-05-12 18:33 - 000083360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-02-23 16:31 - 2020-05-12 18:33 - 000041272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-02-23 16:31 - 2020-05-12 18:33 - 000035648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-02-21 19:09 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-21 14:47 - 2020-06-08 17:10 - 000001714 _____ C:\Users\ivanj\Desktop\CMD.lnk
2021-02-21 08:17 - 2020-05-14 18:32 - 000000000 ____D C:\Users\ivanj\AppData\Local\D3DSCache
2021-02-20 19:19 - 2019-12-10 19:56 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-02-19 16:35 - 2020-06-27 06:29 - 000001062 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-02-19 16:34 - 2020-05-31 08:15 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-13 18:18 - 2020-05-14 15:56 - 000000000 ____D C:\Users\ivanj\AppData\Local\CrashDumps
2021-02-12 04:37 - 2019-07-18 23:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-10 17:41 - 2020-05-31 08:15 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-10 07:25 - 2020-05-31 08:09 - 000449984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-10 07:02 - 2020-05-13 15:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-10 07:00 - 2020-05-13 15:56 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-08 15:58 - 2020-05-16 07:35 - 000000000 ____D C:\Users\ivanj\AppData\Roaming\vlc
2021-02-06 12:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-03 17:32 - 2020-05-30 16:55 - 000000000 ____D C:\Program Files\MKVToolNix

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

................................................................................................................................................

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by ivan (04-03-2021 17:04:41)
Running from C:\Users\ivanj\Desktop
Windows 10 Home Version 20H2 19042.804 (X64) (2020-05-31 07:15:10)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3051675322-3551737400-481905787-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3051675322-3551737400-481905787-503 - Limited - Disabled)
Guest (S-1-5-21-3051675322-3551737400-481905787-501 - Limited - Disabled)
ivan (S-1-5-21-3051675322-3551737400-481905787-1002 - Administrator - Enabled) => C:\Users\ivanj
WDAGUtilityAccount (S-1-5-21-3051675322-3551737400-481905787-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 21.001.20142 - Adobe Systems Incorporated)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_HOMESTUDENTR_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_HOMESTUDENTR_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_HOMESTUDENTR_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.1.2449 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
CodeBlocks (HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\CodeBlocks) (Version: 20.03 - The Code::Blocks Team)
CPUID CPU-Z 1.95 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.95 - CPUID, Inc.)
Easy Video Logo Remover version Easy Video Logo Remover (HKLM-x32\...\Easy Video Logo Remover_is1) (Version: Easy Video Logo Remover - dandans)
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
Inpaint 7.2 (HKLM\...\{5808866F-D115-46B2-8123-BB6801968101}_is1) (Version: - Teorex)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1805.12.0.1097 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{ffddf9dd-c47f-453a-92f5-ac6c98af8b5b}) (Version: 10.1.17968.8131 - Intel(R) Corporation)
Java 8 Update 281 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180281F0}) (Version: 8.0.2810.9 - Oracle Corporation)
K-Lite Codec Pack 16.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.0.5 - KLCP)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.81 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
MKVToolNix 54.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 54.0.0 - Moritz Bunkus)
Mozilla Firefox 86.0 (x64 sk) (HKLM\...\Mozilla Firefox 86.0 (x64 sk)) (Version: 86.0 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 sk) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 sk)) (Version: 45.8.0 - Mozilla)
Nero 7 Premium (HKLM-x32\...\{98EFD8F0-08DE-48DB-B922-A2EBAB711051}) (Version: 7.03.1151 - Nero AG)
NVIDIA Grafický ovládač 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.45.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.45.831.832 - NVIDIA Corporation)
Oracle VM VirtualBox 6.1.18 (HKLM\...\{A8F42E56-8D1F-4080-BD79-8375D3AD18BE}) (Version: 6.1.18 - Oracle Corporation)
Ovládací panel NVIDIA 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 456.71 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{00010FEF-82A2-497E-983A-7105A0364FA7}) (Version: 4.2.0 - pdfforge GmbH)
PhotoFiltre 7 (HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\PhotoFiltre 7) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8302 - Realtek Semiconductor Corp.)
Seznam Pošťák 2 (Všichni uživatelé tohoto počítače.) (HKLM-x32\...\szn-software-postak) (Version: - )
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.34.9745 - SoftEther VPN Project)
SoftPerfect WiFi Guard version 2.1.4 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 2.1.4 - SoftPerfect)
Subtitle Edit 3.6.0 (HKLM\...\SubtitleEdit_is1) (Version: 3.6.0.0 - Nikse)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WinDjView 2.1 (HKLM\...\WinDjView) (Version: 2.1 - Andrew Zhezherun)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.2.36.0_x86__kgqvnymyfvs32 [2021-03-03] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.53.5.0_x86__kgqvnymyfvs32 [2021-03-03] (king.com)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-03] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-03-03] (Microsoft Studios) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.19.234.0_x64__dt26b99r8h8gj [2021-03-03] (Realtek Semiconductor Corp)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2021-03-03] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0 [2021-03-03] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-19] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Cover Designer] -> [CC]{73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2020-07-10] (Dev Code-Sign -> pdfforge GmbH) [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2003-03-19 06:14 - 2003-03-19 06:14 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Ahead\Lib\MSVCP71.dll
2003-02-21 14:42 - 2003-02-21 14:42 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Ahead\Lib\MSVCR71.dll
2020-05-13 16:21 - 2020-05-13 16:21 - 000116736 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2020-05-13 18:24 - 2010-05-05 10:33 - 001117464 _____ (Seznam.cz, a.s. -> ) [File not signed] C:\Program Files (x86)\Seznam.cz\core.2.dll
2020-05-13 18:24 - 2010-05-05 10:33 - 000824600 _____ (Seznam.cz, a.s. -> ) [File not signed] C:\Program Files (x86)\Seznam.cz\email.2.dll
2020-11-21 14:42 - 2019-05-31 17:23 - 002287616 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\SoftPerfect WiFi Guard\libeay32.dll
2020-11-21 14:42 - 2019-05-31 17:23 - 000386560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\SoftPerfect WiFi Guard\ssleay32.dll
2020-05-30 16:57 - 2020-05-30 16:57 - 005833216 _____ (University of Tsukuba) [File not signed] C:\Program Files\SoftEther VPN Client\VpnGatePlugin_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.hal3000.cz
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.sk/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_281\bin\ssv.dll [2021-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Ukazatel S-Rank -> {EA837F48-5AD1-443E-AE34-FFE03CBF3099} -> C:\Program Files (x86)\Seznam.cz\core.2.dll [2010-05-05] (Seznam.cz, a.s. -> ) [File not signed]

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 217.23.254.124 - 217.23.254.125
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
VPN - VPN Client: SoftEther Lightweight Network Protocol -> SeLow (enabled)
VPN - VPN Client: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: SoftEther Lightweight Network Protocol -> SeLow (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
VirtualBox Host-Only Network: SoftEther Lightweight Network Protocol -> SeLow (enabled)
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{19F8160B-90D7-4120-806F-364E9B4AF616}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{65D0E801-C7AD-42FC-9FF9-717CCB4A51DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{09302C2E-6D6F-4DA3-8106-0683E46BEC6C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5EB566B9-0755-4E20-AC02-8FE3B9F505CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C30CD23-B1E4-469F-BF17-919FCB833D24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{00DB229B-2F9E-45AC-8288-EE3AC8AF3174}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E152799B-405E-4E96-BEC4-0E5639181F35}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{79CD80F4-A288-48BC-AECF-D8761CB08191}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0EFDF74F-FB96-4B44-BCCE-3ABAF0B5436F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B92F6F1C-6F96-4803-B331-784AD541A7FE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

==================== Restore Points =========================

03-03-2021 18:52:54 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name: VPN Client Adapter - VPN
Description: VPN Client Adapter - VPN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SoftEther Corporation
Service: Neo_VPN
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: ========================

Application errors:
==================
Error: (03/03/2021 06:26:22 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (03/03/2021 05:57:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Službe Cryptographic Services sa nepodarilo inicializovať databázu katalógu. Chyba ESENT: -550.

Error: (03/03/2021 05:57:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3488,R,98) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\WINDOWS\system32\SRU\SRU02C04.log.

Error: (03/02/2021 07:03:33 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (03/02/2021 06:34:26 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (03/01/2021 06:14:38 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (02/22/2021 05:42:44 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (02/15/2021 04:45:22 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

System errors:
=============
Error: (03/03/2021 06:46:40 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (03/03/2021 05:59:20 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba aswbIDSAgent bola ukončená s nasledujúcou chybou služby:
%%3758213661

Error: (03/03/2021 05:59:08 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba aswbIDSAgent bola ukončená s nasledujúcou chybou služby:
%%3758213661

Error: (03/03/2021 05:57:00 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:53:03 on ‎28. ‎2. ‎2021 was unexpected.

Error: (03/03/2021 05:26:00 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (03/03/2021 05:26:00 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (03/03/2021 05:26:00 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (03/03/2021 05:25:09 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-E4OH46O)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Windows Defender:
================
Date: 2021-03-02 18:34:22
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-03-01 18:14:27
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-28 06:43:55
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-27 05:50:02
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-26 16:39:27
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-03-03 17:57:06
Description:
Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Security intelligence version: 0.0.0.0;0.0.0.0
Engine version: 0.0.0.0

CodeIntegrity:
===============
Date: 2021-03-03 17:59:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-03-03 17:56:02
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\dfsc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-03-03 17:56:02
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cimfs.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-03-03 17:27:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-03-03 17:26:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. A.60 03/25/2019
Motherboard: Micro-Star International Co., Ltd. B360M PRO-VDH (MS-7B24)
Processor: Intel(R) Core(TM) i5-9400F CPU @ 2.90GHz
Percentage of memory in use: 19%
Total physical RAM: 16318.52 MB
Available physical RAM: 13209.42 MB
Total Virtual: 18750.52 MB
Available Virtual: 14279.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.58 GB) (Free:149.06 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:893.14 GB) NTFS

\\?\Volume{881bf1b5-0000-0000-0000-100000000000}\ (system) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{881bf1b5-0000-0000-0000-60c437000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 881BF1B5)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=512 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: ED8944E0)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

#2 Příspěvek od **Rudy** » 04 bře 2021 17:50

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Echo · #3 Příspěvek od **Echo** » 04 bře 2021 18:15

# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-03-03.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-04-2021
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 6
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\AppDataLow\Software\Seznam.cz
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Classes\TypeLib\{DF2BBE39-40A8-433B-A279-073F48DA94B6}
Deleted HKLM\Software\Wow6432Node\Seznam.cz
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{DF2BBE39-40A8-433B-A279-073F48DA94B6}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1824 octets] - [04/03/2021 18:12:24]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#4 Příspěvek od **Rudy** » 04 bře 2021 18:50

Dejte nové logy FRST+Addition.

Echo · #5 Příspěvek od **Echo** » 04 bře 2021 19:06

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by ivan (administrator) on DESKTOP-E4OH46O (Micro-Star International Co., Ltd. MS-7B24) (04-03-2021 18:52:39)
Running from C:\Users\ivanj\Desktop
Loaded Profiles: ivan
Platform: Windows 10 Home Version 20H2 19042.804 (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d87c47469b47c3f9\RtkAudUService64.exe
(SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d87c47469b47c3f9\RtkAudUService64.exe [1201448 2020-10-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117352 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5886264 2020-05-30] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\Run: [WiFi Guard] => C:\Program Files\SoftPerfect WiFi Guard\WiFiGuard.exe [5853144 2021-01-13] (SoftPerfect Pty. Ltd. -> SoftPerfect)
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG -> Nero AG)
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\Run: [Seznam Postak] => "C:\Program Files (x86)\Seznam.cz\postak.exe" -s
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\Run: [ivan] => explorer.exe hxxp://exinariuminix.info <==== ATTENTION
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2020-05-13] (pdfforge GmbH) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2020-05-30]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1D0F104C-6F75-4C91-A335-ED0D814DB46D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {46D3D70B-F15B-4F76-96E4-D6E34BD854D8} - System32\Tasks\ivan => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v ivan /t REG_SZ /d "explorer.exe http://exinariuminix.info" <==== ATTENTION
Task: {60F50EFD-C857-4FA4-BC27-37C79113BE61} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {710A365B-AF6C-4473-ADCE-DF63502E2E24} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {73BB5F86-4354-4A79-AD8F-D76E06BD7173} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {83ACCA9F-6A57-4389-AD5A-B0FEED223B66} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {92B1038D-F711-4523-ADD3-9EC4E1B201B3} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3051675322-3551737400-481905787-500 => C:\Users\ivanj\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {9390C3F0-EAD1-4903-8558-96BECBB1FE02} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4682976 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
Task: {F0FFDC28-CF72-412A-BE94-B58219DF7579} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 217.23.254.124 217.23.254.125
Tcpip\..\Interfaces\{7d8813ae-5733-4ba6-a753-8e6534c08419}: [DhcpNameServer] 217.23.254.124 217.23.254.125

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ivanj\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-04]
Edge HomePage: Default -> hxxps://www.google.sk/
Edge StartupUrls: Default -> "hxxps://www.google.sk/"

FireFox:
========
FF DefaultProfile: tsk9d0pt.default
FF DefaultProfile: z86k4i4j.default
FF ProfilePath: C:\Users\ivanj\AppData\Roaming\Mozilla\Firefox\Profiles\tsk9d0pt.default [2021-03-03]
FF NewTab: Mozilla\Firefox\Profiles\tsk9d0pt.default -> hxxps://securesearch.org/homepage?hp=2&pId=PF170501&iDate=2020-11-14 03:50:00&bName=
FF ProfilePath: C:\Users\ivanj\AppData\Roaming\Mozilla\Firefox\Profiles\ntzimsgo.default-release-1589618467651 [2021-03-04]
FF Homepage: Mozilla\Firefox\Profiles\ntzimsgo.default-release-1589618467651 -> hxxps://www.google.sk/
FF Extension: (WebRTC Leak Shield) - C:\Users\ivanj\AppData\Roaming\Mozilla\Firefox\Profiles\ntzimsgo.default-release-1589618467651\Extensions\@webrtc-leak-shield.xpi [2021-03-03]
FF Extension: (HTTPS Everywhere) - C:\Users\ivanj\AppData\Roaming\Mozilla\Firefox\Profiles\ntzimsgo.default-release-1589618467651\Extensions\https-everywhere@eff.org.xpi [2021-03-03]
FF Extension: (uBlock Origin) - C:\Users\ivanj\AppData\Roaming\Mozilla\Firefox\Profiles\ntzimsgo.default-release-1589618467651\Extensions\uBlock0@raymondhill.net.xpi [2021-03-03]
FF Extension: (MyIP - Host IP, ISP and DNS) - C:\Users\ivanj\AppData\Roaming\Mozilla\Firefox\Profiles\ntzimsgo.default-release-1589618467651\Extensions\{2472aa5a-d3b5-4415-ba63-db98427d4a01}.xpi [2021-03-03]
FF Extension: (ImTranslator: Prekladač, Slovník, Služba prevodu textu na reč) - C:\Users\ivanj\AppData\Roaming\Mozilla\Firefox\Profiles\ntzimsgo.default-release-1589618467651\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2021-03-03]
FF ProfilePath: C:\Users\ivanj\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\z86k4i4j.default [2020-05-13]
FF ProfilePath: C:\Users\ivanj\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\jpk8y0qa.default-default [2020-06-21]
FF Homepage: FlashPeak\SlimBrowser\Profiles\jpk8y0qa.default-default -> about:blank
FF NetworkProxy: FlashPeak\SlimBrowser\Profiles\jpk8y0qa.default-default -> backup.ftp", "62.213.14.166"
FF Extension: (WebRTC Leak Shield) - C:\Users\ivanj\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\jpk8y0qa.default-default\Extensions\@webrtc-leak-shield.xpi [2020-05-13]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\ivanj\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\jpk8y0qa.default-default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2020-05-13]
FF Extension: (HTTPS Everywhere) - C:\Users\ivanj\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\jpk8y0qa.default-default\Extensions\https-everywhere@eff.org.xpi [2020-05-22]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\ivanj\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\jpk8y0qa.default-default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2020-05-13]
FF Extension: (uBlock Origin) - C:\Users\ivanj\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\jpk8y0qa.default-default\Extensions\uBlock0@raymondhill.net.xpi [2020-05-28]
FF Extension: (MyIP - Host IP, ISP and DNS) - C:\Users\ivanj\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\jpk8y0qa.default-default\Extensions\{2472aa5a-d3b5-4415-ba63-db98427d4a01}.xpi [2020-05-13]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\ivanj\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\jpk8y0qa.default-default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2020-06-06]
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-25] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8477080 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [621728 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
S2 AxVirtualSCSISrv; C:\Users\Public\Documents\AxPortable\AxSCSIServiceEx.exe [294864 2015-04-01] (Alcohol Soft -> Alcohol Soft Development Team)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG -> Nero AG)
S2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 RtkAudioUniversalService; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d87c47469b47c3f9\RtkAudUService64.exe [1201448 2020-10-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5886264 2020-05-30] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
S3 VBoxSDS; D:\Programove subory (instalovane)\VirtualBox\VBoxSDS.exe [746944 2021-01-07] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35648 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175248 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465656 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215328 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R3 axscsibus; C:\WINDOWS\System32\drivers\axscsibus.sys [30352 2021-02-14] (Disc Soft Ltd -> Alcohol Soft Development Team)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2020-05-14] (SoftEther Corporation -> SoftEther Corporation)
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [50624 2020-05-30] (SoftEther Corporation -> SoftEther Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [239872 2021-01-07] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249776 2021-01-07] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174024 2020-07-11] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-04 18:52 - 2021-03-04 18:52 - 000016912 _____ C:\Users\ivanj\Desktop\FRST.txt
2021-03-04 18:51 - 2021-03-04 17:02 - 002301440 _____ (Farbar) C:\Users\ivanj\Desktop\FRST64.exe
2021-03-04 18:12 - 2021-03-04 18:12 - 000000000 ____D C:\AdwCleaner
2021-03-04 18:11 - 2021-03-04 18:11 - 008463216 _____ (Malwarebytes) C:\Users\ivanj\Desktop\AdwCleaner.exe
2021-03-04 17:18 - 2021-03-04 17:18 - 000031801 _____ C:\Users\ivanj\Desktop\FRST2.txt
2021-03-04 17:13 - 2021-03-04 17:13 - 000028104 _____ C:\Users\ivanj\Desktop\Addition2.txt
2021-03-04 17:04 - 2021-03-04 17:05 - 000029005 _____ C:\Users\ivanj\Desktop\Addition1.txt
2021-03-04 17:02 - 2021-03-04 18:52 - 000000000 ____D C:\FRST
2021-03-04 17:02 - 2021-03-04 17:05 - 000031801 _____ C:\Users\ivanj\Desktop\FRST1.txt
2021-03-03 18:00 - 2021-03-03 18:00 - 000000000 ____D C:\Users\ivanj\AppData\Roaming\Subtitle Edit
2021-03-03 17:57 - 2021-02-23 16:31 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-02-23 17:30 - 2021-03-03 17:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-23 16:31 - 2021-02-23 16:31 - 000215328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-02-22 17:24 - 2021-02-22 17:24 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-14 11:00 - 2021-02-14 11:00 - 000030352 _____ (Alcohol Soft Development Team) C:\WINDOWS\system32\Drivers\axscsibus.sys
2021-02-14 11:00 - 2021-02-14 11:00 - 000000000 ____D C:\ProgramData\Documents\AxPortable
2021-02-13 08:45 - 2021-02-13 08:45 - 000003558 _____ C:\WINDOWS\system32\Tasks\ivan
2021-02-13 08:10 - 2021-02-13 08:23 - 000000000 ____D C:\Users\ivanj\AppData\Local\ArmA 2
2021-02-12 18:39 - 2021-02-12 18:40 - 000000000 ____D C:\Users\ivanj\AppData\Local\ArmA 2 OA
2021-02-12 18:34 - 2021-02-12 18:34 - 000000000 ____D C:\Users\ivanj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2021-02-10 07:17 - 2021-02-10 07:17 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-10 07:17 - 2021-02-10 07:17 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-06 12:14 - 2021-02-06 12:14 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-06 12:14 - 2021-02-06 12:14 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-06 12:14 - 2021-02-06 12:14 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-04 18:52 - 2020-05-12 18:28 - 000000000 ____D C:\Users\ivanj\AppData\LocalLow\Mozilla
2021-03-04 18:52 - 2020-05-12 18:28 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-04 18:20 - 2020-05-31 08:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-04 18:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-04 18:20 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-04 18:13 - 2020-05-14 16:02 - 000000000 ____D C:\Program Files\SoftEther VPN Client
2021-03-04 18:13 - 2019-12-10 19:55 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-04 18:04 - 2020-05-29 17:33 - 000000000 ____D C:\Program Files\CCleaner
2021-03-04 17:05 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-04 16:56 - 2020-08-29 07:37 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-04 16:56 - 2020-08-29 07:37 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-03 18:37 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-03 18:02 - 2020-07-27 18:36 - 000000000 ____D C:\Users\ivanj\.VirtualBox
2021-03-03 18:02 - 2020-07-27 18:36 - 000000000 ____D C:\ProgramData\VirtualBox
2021-03-03 18:02 - 2020-05-31 08:14 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-03 18:02 - 2020-05-14 16:09 - 000000000 ____D C:\Users\ivanj\AppData\Roaming\CodeBlocks
2021-03-03 18:01 - 2020-05-14 18:49 - 000000000 ____D C:\Users\ivanj\AppData\Roaming\HandBrake
2021-03-03 17:59 - 2020-05-12 18:31 - 000000000 ____D C:\ProgramData\Avast Software
2021-03-03 17:59 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-03-03 17:57 - 2020-05-31 08:15 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-03-03 17:57 - 2020-05-31 08:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-03 17:57 - 2020-05-31 07:42 - 000000000 ____D C:\Users\ivanj
2021-03-03 17:57 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-03 17:57 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-03 17:56 - 2020-05-31 08:09 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-03 17:54 - 2020-05-23 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2021-03-03 17:54 - 2020-05-23 17:13 - 000000000 ____D C:\Program Files\CPUID
2021-03-03 17:54 - 2020-05-22 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\evlr
2021-03-03 17:54 - 2020-05-22 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Video Logo Remover
2021-03-03 17:54 - 2020-05-22 16:19 - 000000000 ____D C:\Program Files (x86)\Easy Video Logo Remover
2021-03-03 17:54 - 2020-05-16 09:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-03 17:54 - 2020-05-13 16:48 - 000000000 ____D C:\Users\ivanj\AppData\Roaming\GHISLER
2021-03-03 17:54 - 2020-05-13 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit
2021-03-03 17:54 - 2020-05-13 16:14 - 000000000 ____D C:\Program Files\Subtitle Edit
2021-03-03 17:54 - 2020-05-12 18:33 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2021-03-03 17:54 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files\Windows Portable Devices
2021-03-03 17:54 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-03-03 17:54 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2021-03-03 17:54 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2021-03-03 17:54 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-03-03 17:54 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2021-03-03 17:54 - 2019-12-07 15:37 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-03-03 17:54 - 2019-12-07 15:36 - 000000000 ____D C:\WINDOWS\system32\sk
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\downlevel
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Containers
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-03 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-03-03 17:54 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-03-03 17:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2021-03-03 17:36 - 2020-05-12 18:28 - 000000000 ____D C:\Users\ivanj\AppData\Roaming\Mozilla
2021-03-01 17:32 - 2020-05-30 17:01 - 000000000 ____D C:\Users\ivanj\AppData\Roaming\MPC-HC
2021-02-28 05:50 - 2020-05-13 16:26 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-27 05:15 - 2020-08-29 07:37 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-26 18:01 - 2020-05-30 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2021-02-26 18:01 - 2020-05-30 17:00 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2021-02-24 16:44 - 2020-06-20 15:27 - 000000000 ____D C:\Users\ivanj\AppData\Local\ElevatedDiagnostics
2021-02-23 17:30 - 2020-05-16 09:41 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-23 16:32 - 2020-10-24 06:17 - 000175248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-02-23 16:32 - 2020-05-12 18:33 - 000465656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-02-23 16:31 - 2020-05-12 18:33 - 000850112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-02-23 16:31 - 2020-05-12 18:33 - 000357320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-02-23 16:31 - 2020-05-12 18:33 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-02-23 16:31 - 2020-05-12 18:33 - 000249304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-02-23 16:31 - 2020-05-12 18:33 - 000208024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-02-23 16:31 - 2020-05-12 18:33 - 000107784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-02-23 16:31 - 2020-05-12 18:33 - 000098760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-02-23 16:31 - 2020-05-12 18:33 - 000083360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-02-23 16:31 - 2020-05-12 18:33 - 000041272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-02-23 16:31 - 2020-05-12 18:33 - 000035648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-02-21 19:09 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-21 14:47 - 2020-06-08 17:10 - 000001714 _____ C:\Users\ivanj\Desktop\CMD.lnk
2021-02-21 08:17 - 2020-05-14 18:32 - 000000000 ____D C:\Users\ivanj\AppData\Local\D3DSCache
2021-02-20 19:19 - 2019-12-10 19:56 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-02-19 16:35 - 2020-06-27 06:29 - 000001062 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-02-19 16:34 - 2020-05-31 08:15 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-13 18:18 - 2020-05-14 15:56 - 000000000 ____D C:\Users\ivanj\AppData\Local\CrashDumps
2021-02-12 04:37 - 2019-07-18 23:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-10 17:41 - 2020-05-31 08:15 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-10 07:25 - 2020-05-31 08:09 - 000449984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-10 07:02 - 2020-05-13 15:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-10 07:00 - 2020-05-13 15:56 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-08 15:58 - 2020-05-16 07:35 - 000000000 ____D C:\Users\ivanj\AppData\Roaming\vlc
2021-02-06 12:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-03 17:32 - 2020-05-30 16:55 - 000000000 ____D C:\Program Files\MKVToolNix

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

..............................................................................................................................................................................

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by ivan (04-03-2021 18:53:25)
Running from C:\Users\ivanj\Desktop
Windows 10 Home Version 20H2 19042.804 (X64) (2020-05-31 07:15:10)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3051675322-3551737400-481905787-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3051675322-3551737400-481905787-503 - Limited - Disabled)
Guest (S-1-5-21-3051675322-3551737400-481905787-501 - Limited - Disabled)
ivan (S-1-5-21-3051675322-3551737400-481905787-1002 - Administrator - Enabled) => C:\Users\ivanj
WDAGUtilityAccount (S-1-5-21-3051675322-3551737400-481905787-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 21.001.20142 - Adobe Systems Incorporated)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_HOMESTUDENTR_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_HOMESTUDENTR_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_HOMESTUDENTR_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.1.2449 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
CodeBlocks (HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\CodeBlocks) (Version: 20.03 - The Code::Blocks Team)
CPUID CPU-Z 1.95 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.95 - CPUID, Inc.)
Easy Video Logo Remover version Easy Video Logo Remover (HKLM-x32\...\Easy Video Logo Remover_is1) (Version: Easy Video Logo Remover - dandans)
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
Inpaint 7.2 (HKLM\...\{5808866F-D115-46B2-8123-BB6801968101}_is1) (Version: - Teorex)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1805.12.0.1097 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{ffddf9dd-c47f-453a-92f5-ac6c98af8b5b}) (Version: 10.1.17968.8131 - Intel(R) Corporation)
Java 8 Update 281 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180281F0}) (Version: 8.0.2810.9 - Oracle Corporation)
K-Lite Codec Pack 16.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.0.5 - KLCP)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.81 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
MKVToolNix 54.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 54.0.0 - Moritz Bunkus)
Mozilla Firefox 86.0 (x64 sk) (HKLM\...\Mozilla Firefox 86.0 (x64 sk)) (Version: 86.0 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 sk) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 sk)) (Version: 45.8.0 - Mozilla)
Nero 7 Premium (HKLM-x32\...\{98EFD8F0-08DE-48DB-B922-A2EBAB711051}) (Version: 7.03.1151 - Nero AG)
NVIDIA Grafický ovládač 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.45.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.45.831.832 - NVIDIA Corporation)
Oracle VM VirtualBox 6.1.18 (HKLM\...\{A8F42E56-8D1F-4080-BD79-8375D3AD18BE}) (Version: 6.1.18 - Oracle Corporation)
Ovládací panel NVIDIA 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 456.71 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{00010FEF-82A2-497E-983A-7105A0364FA7}) (Version: 4.2.0 - pdfforge GmbH)
PhotoFiltre 7 (HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\PhotoFiltre 7) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8302 - Realtek Semiconductor Corp.)
Seznam Pošťák 2 (Všichni uživatelé tohoto počítače.) (HKLM-x32\...\szn-software-postak) (Version: - )
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.34.9745 - SoftEther VPN Project)
SoftPerfect WiFi Guard version 2.1.4 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 2.1.4 - SoftPerfect)
Subtitle Edit 3.6.0 (HKLM\...\SubtitleEdit_is1) (Version: 3.6.0.0 - Nikse)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WinDjView 2.1 (HKLM\...\WinDjView) (Version: 2.1 - Andrew Zhezherun)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.2.36.0_x86__kgqvnymyfvs32 [2021-03-03] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.53.5.0_x86__kgqvnymyfvs32 [2021-03-03] (king.com)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-03] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-03-03] (Microsoft Studios) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.19.234.0_x64__dt26b99r8h8gj [2021-03-03] (Realtek Semiconductor Corp)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2021-03-03] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0 [2021-03-03] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-19] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Cover Designer] -> [CC]{73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2020-07-10] (Dev Code-Sign -> pdfforge GmbH) [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-05-13 16:21 - 2020-05-13 16:21 - 000116736 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2020-05-30 16:57 - 2020-05-30 16:57 - 005833216 _____ (University of Tsukuba) [File not signed] C:\Program Files\SoftEther VPN Client\VpnGatePlugin_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.hal3000.cz
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.sk/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_281\bin\ssv.dll [2021-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Ukazatel S-Rank -> {EA837F48-5AD1-443E-AE34-FFE03CBF3099} -> C:\Program Files (x86)\Seznam.cz\core.2.dll => No File

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 217.23.254.124 - 217.23.254.125
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
VPN - VPN Client: SoftEther Lightweight Network Protocol -> SeLow (enabled)
VPN - VPN Client: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: SoftEther Lightweight Network Protocol -> SeLow (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
VirtualBox Host-Only Network: SoftEther Lightweight Network Protocol -> SeLow (enabled)
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{19F8160B-90D7-4120-806F-364E9B4AF616}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{65D0E801-C7AD-42FC-9FF9-717CCB4A51DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{09302C2E-6D6F-4DA3-8106-0683E46BEC6C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5EB566B9-0755-4E20-AC02-8FE3B9F505CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C30CD23-B1E4-469F-BF17-919FCB833D24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{00DB229B-2F9E-45AC-8288-EE3AC8AF3174}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E152799B-405E-4E96-BEC4-0E5639181F35}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{79CD80F4-A288-48BC-AECF-D8761CB08191}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0EFDF74F-FB96-4B44-BCCE-3ABAF0B5436F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B92F6F1C-6F96-4803-B331-784AD541A7FE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

==================== Restore Points =========================

03-03-2021 18:52:54 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name: VPN Client Adapter - VPN
Description: VPN Client Adapter - VPN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SoftEther Corporation
Service: Neo_VPN
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: ========================

Application errors:
==================
Error: (03/03/2021 06:26:22 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (03/03/2021 05:57:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Službe Cryptographic Services sa nepodarilo inicializovať databázu katalógu. Chyba ESENT: -550.

Error: (03/03/2021 05:57:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3488,R,98) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\WINDOWS\system32\SRU\SRU02C04.log.

Error: (03/02/2021 07:03:33 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (03/02/2021 06:34:26 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (03/01/2021 06:14:38 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (02/22/2021 05:42:44 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (02/15/2021 04:45:22 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

System errors:
=============
Error: (03/04/2021 06:12:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba SoftEther VPN Client sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 10000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (03/04/2021 06:12:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PLFlash DeviceIoControl Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (03/04/2021 06:12:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NMIndexingService sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (03/04/2021 06:12:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Alcohol Virtual SCSI Controller Management Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (03/04/2021 06:12:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (03/04/2021 06:12:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (03/04/2021 06:12:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (03/04/2021 06:12:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 6000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Windows Defender:
================
Date: 2021-03-02 18:34:22
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-03-01 18:14:27
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-28 06:43:55
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-27 05:50:02
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-26 16:39:27
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-03-03 17:57:06
Description:
Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Security intelligence version: 0.0.0.0;0.0.0.0
Engine version: 0.0.0.0

CodeIntegrity:
===============
Date: 2021-03-03 17:59:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-03-03 17:56:02
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\dfsc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-03-03 17:56:02
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cimfs.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-03-03 17:27:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-03-03 17:26:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. A.60 03/25/2019
Motherboard: Micro-Star International Co., Ltd. B360M PRO-VDH (MS-7B24)
Processor: Intel(R) Core(TM) i5-9400F CPU @ 2.90GHz
Percentage of memory in use: 19%
Total physical RAM: 16318.52 MB
Available physical RAM: 13203.49 MB
Total Virtual: 18750.52 MB
Available Virtual: 14227.18 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.58 GB) (Free:148.23 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:893.13 GB) NTFS

\\?\Volume{881bf1b5-0000-0000-0000-100000000000}\ (system) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{881bf1b5-0000-0000-0000-60c437000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 881BF1B5)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=512 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: ED8944E0)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

#6 Příspěvek od **Rudy** » 04 bře 2021 20:03

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\Run: [ivan] => explorer.exe hxxp://exinariuminix.info <==== ATTENTION
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
Task: {46D3D70B-F15B-4F76-96E4-D6E34BD854D8} - System32\Tasks\ivan => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v ivan /t REG_SZ /d "explorer.exe http://exinariuminix.info" <==== ATTENTION
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [Cover Designer] -> [CC]{73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => -> No File
BHO-x32: Ukazatel S-Rank -> {EA837F48-5AD1-443E-AE34-FFE03CBF3099} -> C:\Program Files (x86)\Seznam.cz\core.2.dll => No File
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Echo · #7 Příspěvek od **Echo** » 04 bře 2021 20:15

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by ivan (04-03-2021 20:09:55) Run:1
Running from C:\Users\ivanj\Desktop
Loaded Profiles: ivan
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-3051675322-3551737400-481905787-1002\...\Run: [ivan] => explorer.exe hxxp://exinariuminix.info <==== ATTENTION
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
Task: {46D3D70B-F15B-4F76-96E4-D6E34BD854D8} - System32\Tasks\ivan => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v ivan /t REG_SZ /d "explorer.exe http://exinariuminix.info" <==== ATTENTION
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [Cover Designer] -> [CC]{73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => -> No File
BHO-x32: Ukazatel S-Rank -> {EA837F48-5AD1-443E-AE34-FFE03CBF3099} -> C:\Program Files (x86)\Seznam.cz\core.2.dll => No File
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-3051675322-3551737400-481905787-1002\Software\Microsoft\Windows\CurrentVersion\Run\\ivan" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{46D3D70B-F15B-4F76-96E4-D6E34BD854D8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46D3D70B-F15B-4F76-96E4-D6E34BD854D8}" => removed successfully
C:\WINDOWS\System32\Tasks\ivan => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ivan" => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Cover Designer => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{EA837F48-5AD1-443E-AE34-FFE03CBF3099} => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12847606 B
Java, Flash, Steam htmlcache => 1198 B
Windows/system/drivers => 8020773 B
Edge => 8192 B
Firefox => 1123360374 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
ivanj => 14506759 B

RecycleBin => 1222144 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 20:10:03 ====

#8 Příspěvek od **Rudy** » 04 bře 2021 21:07

Smazáno. Nastala nějaká změna?

Echo · #9 Příspěvek od **Echo** » 05 bře 2021 16:33

Už pri štarte PC sa Firefox nespúšťa.
Moc ste mi pomohol, Ďakujem.

#10 Příspěvek od **Rudy** » 05 bře 2021 16:52

Nemáte zač!

VIRY.CZ

exinariuminix.info

exinariuminix.info

Re: exinariuminix.info

Re: exinariuminix.info

Re: exinariuminix.info

Re: exinariuminix.info

Re: exinariuminix.info

Re: exinariuminix.info

Re: exinariuminix.info

Re: exinariuminix.info

Re: exinariuminix.info