VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu, děkuji

https://forum.viry.cz:443/viewtopic.php?t=155069

Stránka 1 z 1

Prosím o kontrolu, děkuji

Napsal: 02 lis 2018 20:56
od muss45
Logfile of random's system information tool 1.10 (written by random/random)
Run by Martin at 2018-11-02 20:54:31
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 203 GB (59%) free of 343 GB
Total RAM: 4095 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:54:35, on 2.11.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18838)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files\trend micro\Martin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8434 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2548
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
ATKOSD.exe
KBFiltr.exe
WDC.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\iTunes\iTunesHelper.exe"
AvastUI.exe /nogui
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR /uac
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\svchost.exe -k SDRSVC
Explorer.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f3106bf2-2799-4ca8-8f69-704b53b607f2 -SystemEventPortName:HostProcess-8e9b758f-7b50-4d36-8edb-ccf61edd2406 -IoCancelEventPortName:HostProcess-7cf2a188-1b0e-404d-b32e-bd4e29d1623c -NonStateChangingEventPortName:HostProcess-fa5c8f06-e731-49a0-85e2-33f6037fe008 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:22deaaf3-f3ad-46fc-accb-d4eafcaa0a5e -DeviceGroupId:WpdFsGroup
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5084.0.755096216\793745172" -parentBuildID 20181030165643 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - "C:\Users\Martin\AppData\LocalLow\Mozilla\Temp-{62756e60-205f-4170-bf31-62f7116cb1f7}" 5084 "\\.\pipe\gecko-crash-server-pipe.5084" 1212 gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5084.3.1611005458\2056571363" -childID 1 -isForBrowser -prefsHandle 1860 -prefMapHandle 1856 -prefsLen 1 -prefMapSize 181143 -schedulerPrefs 0001,2 -parentBuildID 20181030165643 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5084 "\\.\pipe\gecko-crash-server-pipe.5084" 1880 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5084.13.807382000\330253327" -childID 2 -isForBrowser -prefsHandle 2516 -prefMapHandle 2620 -prefsLen 150 -prefMapSize 181143 -schedulerPrefs 0001,2 -parentBuildID 20181030165643 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5084 "\\.\pipe\gecko-crash-server-pipe.5084" 2632 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5084.27.407298680\211252968" -childID 4 -isForBrowser -prefsHandle 7540 -prefMapHandle 7700 -prefsLen 5572 -prefMapSize 181143 -schedulerPrefs 0001,2 -parentBuildID 20181030165643 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5084 "\\.\pipe\gecko-crash-server-pipe.5084" 7648 tab

C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Martin\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

=========Mozilla firefox=========

ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\gbywkb37.default-1443874292075-1538953842943

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.154 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2321]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\PROGRA~2\fenglei\Mozilla\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1483]
"Description"=6.0.12.1483
"Path"=C:\PROGRA~2\fenglei\Mozilla\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@virtools.com/3DviaPlayer]
"Description"=3Dvia Player For Mozilla Based Broswer
"Path"=C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.154 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-10-23 242392]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2018-07-06 298296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-04-26 17074688]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2012-02-20 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-09-29 8123936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk]
C:\Windows\INSTAL~1\{E5CF6~1\NEWSHO~4.EXE [2012-02-20 156952]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-10-09 6937216]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]

[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2018-10-23 07:28:21 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2018-10-23 07:27:43 ----A---- C:\Windows\system32\aswBoot.exe

======List of files/folders modified in the last 1 month======

2018-11-02 20:54:35 ----D---- C:\Windows\Prefetch
2018-11-02 20:54:34 ----D---- C:\Program Files\Trend Micro
2018-11-02 20:53:11 ----D---- C:\Windows\temp
2018-11-02 20:37:18 ----SHD---- C:\Windows\Installer
2018-11-02 20:36:25 ----D---- C:\Windows\inf
2018-11-02 20:36:24 ----D---- C:\Windows\Minidump
2018-11-02 20:36:24 ----AD---- C:\Windows
2018-11-02 19:37:40 ----D---- C:\ProgramData\NVIDIA
2018-11-02 19:11:22 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-02 19:11:22 ----D---- C:\Program Files (x86)\Mozilla Firefox
2018-11-01 17:43:53 ----D---- C:\Windows\System32
2018-11-01 17:43:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-10-24 18:33:49 ----D---- C:\Windows\system32\drivers
2018-10-23 09:17:11 ----D---- C:\Windows\system32\Tasks
2018-10-23 09:17:11 ----D---- C:\Config.Msi
2018-10-23 09:16:01 ----D---- C:\Windows\SysWOW64
2018-10-03 18:22:43 ----SHD---- C:\System Volume Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2012-02-20 35384]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-10-23 201928]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-10-23 346760]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-10-23 59664]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-10-23 88112]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-10-23 381144]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-10-23 201408]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-10-23 230512]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-10-23 185240]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2018-10-23 42456]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-10-23 111968]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-10-23 1028840]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-10-23 467904]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-05 283200]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-16 40816]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-10-23 163376]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-10-23 208640]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-02-11 35344]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-09-29 2005024]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-09-04 62464]
R3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2009-05-15 956416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-10-05 6952960]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-06-22 868848]
S2 Ca1528av;SPCA1528 Video Camera Service; C:\Windows\System32\Drivers\Ca1528av.sys []
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-10-23 47064]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 Bulk1528;SPCA1528 Still Camera Service; C:\Windows\System32\Drivers\Bulk1528.sys []
S3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-09 140800]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 OlyCamComm;OLYMPUS USB Communication Device; C:\Windows\system32\DRIVERS\OlyCamComm.sys [2009-09-09 24208]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2017-10-11 54784]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-08-13 83984]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-07-05 83768]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-10-23 325024]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 891240]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-10-23 8188768]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2018-07-06 674104]
S2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-08 164984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-02 1258856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-14 335872]
S3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-08 164984]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-10-14 116224]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-11-02 216528]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-11-10 836176]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-22 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

Re: Prosím o kontrolu, děkuji

Napsal: 03 lis 2018 15:36
od Conder
Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj

Re: Prosím o kontrolu, děkuji

Napsal: 04 lis 2018 19:51
od muss45
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-31.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-04-2018
# Duration: 00:00:04
# OS: Windows 7 Home Premium
# Cleaned: 50
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Martin\AppData\Roaming\moters

***** [ Files ] *****

Deleted C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Deleted HKLM\Software\Wow6432Node\e3b73d6e-1fb6-419e-84c6-263f7f02bb67
Deleted HKU\S-1-5-18\SOFTWARE\5208ad8bd34ee48
Deleted HKU\.DEFAULT\SOFTWARE\5208ad8bd34ee48
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6889259-B831-4EAD-A660-C1DE1EA235C}
Deleted HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
Deleted HKU\S-1-5-18\Software\IBUpdaterService
Deleted HKU\.DEFAULT\Software\IBUpdaterService
Deleted HKCU\Software\csastats
Deleted HKCU\Software\GotClip Downloader
Deleted HKCU\Software\ICSW1.23
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WorldofTanks
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost.exe
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|BackgroundHost.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|BackgroundHost.exe
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{66D59105-FE06-43A4-B292-EB0097E9EB74}
Deleted HKLM\Software\Classes\Interface\{66D59105-FE06-43A4-B292-EB0097E9EB74}
Deleted HKCU\Software\PRODUCTSETUP

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6695 octets] - [04/11/2018 19:45:22]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Prosím o kontrolu, děkuji

Napsal: 04 lis 2018 22:17
od Conder
:arrow: Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

Re: Prosím o kontrolu, děkuji

Napsal: 05 lis 2018 09:20
od muss45
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.10.2018
Ran by Martin (administrator) on MARTIN-PC (05-11-2018 09:16:33)
Running from C:\Users\Martin\Downloads
Loaded Profiles: Martin (Available Profiles: Martin & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-23] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6937216 2009-10-09] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624 2009-08-20] (ASUS)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-88772817-131360668-2424160999-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-04-26] (Piriform Ltd)
HKU\S-1-5-21-88772817-131360668-2424160999-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-03-04]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{AFB9C3CA-8913-481D-9463-8BAA0A5EE415}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{E0DD0618-C331-4E24-B280-908C13EC9066}: [DhcpNameServer] 89.187.192.121 77.95.42.102

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: gbywkb37.default-1443874292075-1538953842943
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\gbywkb37.default-1443874292075-1538953842943 [2018-11-05]
FF Homepage: Mozilla\Firefox\Profiles\gbywkb37.default-1443874292075-1538953842943 -> hxxps://www.seznam.cz/
FF Extension: (Avast Online Security) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\gbywkb37.default-1443874292075-1538953842943\Extensions\wrc@avast.com.xpi [2018-10-24]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-08-14] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-02-22] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-14] ()
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-02-22] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2321 -> C:\PROGRA~2\fenglei\Mozilla\nppl3260.dll [No File]
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1483 -> C:\PROGRA~2\fenglei\Mozilla\nprpjplug.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @virtools.com/3DviaPlayer -> C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll [2012-04-05] (Dassault Systèmes)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-10-19] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-88772817-131360668-2424160999-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Martin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-88772817-131360668-2424160999-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Martin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-88772817-131360668-2424160999-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ADSMService; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-23] (AVAST Software)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-08] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-23] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-08] (AVAST Software)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
U4 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201408 2018-10-23] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230512 2018-10-23] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201928 2018-10-23] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346760 2018-10-23] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59664 2018-10-23] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [185240 2018-10-23] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47064 2018-10-23] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42456 2018-10-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163376 2018-10-23] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111968 2018-10-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88112 2018-10-23] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028840 2018-10-23] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467904 2018-10-23] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208640 2018-10-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381144 2018-10-23] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-08-05] (DT Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2009-12-15] (Huawei Tech. Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-12-15] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 mod7700; C:\Windows\System32\Drivers\dvb7700all.sys [956416 2009-05-15] (DiBcom)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2013-06-22] (Duplex Secure Ltd.)
S3 Bulk1528; System32\Drivers\Bulk1528.sys [X]
S2 Ca1528av; System32\Drivers\Ca1528av.sys [X]
U3 tmlwf; no ImagePath
U3 tmwfp; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-05 09:16 - 2018-11-05 09:17 - 000013455 _____ C:\Users\Martin\Downloads\FRST.txt
2018-11-05 09:16 - 2018-11-05 09:16 - 000000000 ____D C:\FRST
2018-11-05 09:15 - 2018-11-05 09:16 - 002414592 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe
2018-11-04 19:43 - 2018-11-04 19:43 - 007592144 _____ (Malwarebytes) C:\Users\Martin\Downloads\adwcleaner_7.2.4.0.exe
2018-11-02 20:52 - 2018-11-02 20:52 - 001222144 _____ C:\Users\Martin\Downloads\RSITx64.exe
2018-11-01 18:19 - 2018-11-01 18:19 - 000459040 _____ C:\Users\Martin\Downloads\dárkový poukaz rogalo 190201.pdf
2018-11-01 18:19 - 2018-11-01 18:19 - 000456531 _____ C:\Users\Martin\Downloads\dárkový poukaz rogalo 190202.pdf
2018-10-23 09:07 - 2018-10-23 09:07 - 000269239 _____ C:\Users\Martin\Downloads\SFZP_ABC_5bced56c572e8.pdf
2018-10-23 07:28 - 2018-10-23 07:27 - 000042456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-10-23 07:27 - 2018-10-23 07:27 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-10-13 09:05 - 2018-10-13 09:05 - 000626046 _____ C:\Users\Martin\Downloads\02011706320001_20180925023831.pdf
2018-10-10 07:49 - 2018-10-10 07:52 - 000000000 ____D C:\Users\Martin\Downloads\Marťas

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-05 09:16 - 2016-11-16 13:56 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\Mozilla
2018-11-05 09:11 - 2018-06-08 13:32 - 000000000 ____D C:\Users\Martin\AppData\Local\AVAST Software
2018-11-05 09:09 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-05 09:08 - 2012-02-20 03:21 - 000000000 ____D C:\ProgramData\NVIDIA
2018-11-04 19:57 - 2009-07-14 05:45 - 000023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-04 19:57 - 2009-07-14 05:45 - 000023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-04 19:45 - 2014-09-10 21:59 - 000000000 ____D C:\AdwCleaner
2018-11-04 17:59 - 2009-07-14 06:08 - 000032578 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-11-02 20:54 - 2012-02-20 03:28 - 000000000 ____D C:\Program Files\Trend Micro
2018-11-02 20:36 - 2014-03-28 16:33 - 000000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2018-11-02 20:36 - 2012-04-09 16:41 - 000000000 ____D C:\Windows\Minidump
2018-11-02 20:36 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-11-02 19:11 - 2016-11-16 12:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-02 19:11 - 2013-05-28 17:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-02 17:23 - 2015-12-03 17:51 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-11-02 17:23 - 2015-05-17 09:56 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-11-02 15:53 - 2012-11-15 12:45 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\Adobe
2018-11-01 17:43 - 2009-08-03 21:00 - 010366524 _____ C:\Windows\system32\perfh005.dat
2018-11-01 17:43 - 2009-08-03 21:00 - 003571634 _____ C:\Windows\system32\perfc005.dat
2018-11-01 17:43 - 2009-07-14 06:13 - 000006268 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-29 16:22 - 2018-06-08 13:33 - 000002431 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-10-29 16:22 - 2018-06-08 13:33 - 000002388 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-10-23 09:16 - 2015-10-31 18:32 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-23 07:28 - 2017-04-22 13:30 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-10-23 07:27 - 2018-01-05 17:57 - 000185240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-10-23 07:27 - 2017-11-18 22:19 - 000201408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-10-23 07:27 - 2017-04-22 13:30 - 000346760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-10-23 07:27 - 2017-04-22 13:30 - 000230512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-10-23 07:27 - 2017-04-22 13:30 - 000201928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-10-23 07:27 - 2017-04-22 13:30 - 000059664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-10-23 07:27 - 2014-08-01 14:53 - 000208640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-10-23 07:27 - 2014-08-01 14:53 - 000047064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-10-23 07:27 - 2013-11-20 22:59 - 000381144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-10-23 07:27 - 2013-11-20 22:59 - 000088112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-10-23 07:27 - 2012-02-26 09:40 - 000111968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-10-23 07:27 - 2012-02-21 01:17 - 001028840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-10-23 07:27 - 2012-02-21 01:17 - 000467904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-10-23 07:27 - 2012-02-21 01:17 - 000163376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-10-20 16:08 - 2012-03-28 20:14 - 000000126 ___SH C:\ProgramData\.zreglib
2018-10-10 07:51 - 2015-05-07 21:34 - 000000000 ____D C:\Users\Martin\Downloads\Nová složka
2018-10-10 07:43 - 2016-08-24 22:10 - 000000000 ____D C:\Users\Martin\Desktop\Školka

==================== Files in the root of some directories =======

2017-04-28 18:34 - 2017-04-28 18:34 - 000332856 _____ (www.Slovenčiny.Com) C:\Users\Martin\Uninstall NFSPS_SK.exe
2008-05-22 17:35 - 2008-05-22 17:35 - 000051962 _____ () C:\Program Files (x86)\Common Files\banner.jpg
2009-04-08 19:31 - 2009-04-08 19:31 - 000106496 _____ () C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 06:45 - 2008-08-12 06:45 - 000155648 _____ (ASUS) C:\Program Files (x86)\Common Files\MSIactionall.dll
2013-08-05 13:53 - 2013-08-05 13:53 - 000081582 _____ () C:\Users\Martin\AppData\Roaming\zulagames.ico
2012-02-21 16:06 - 2014-04-21 11:45 - 000009216 _____ () C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-06 22:10 - 2016-03-07 11:48 - 000029696 _____ () C:\Users\Martin\AppData\Local\MSGBOX.EXE
2012-06-26 21:21 - 2013-11-03 01:22 - 000007598 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-04-22 15:01

==================== End of FRST.txt ============================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.10.2018
Ran by Martin (05-11-2018 09:17:39)
Running from C:\Users\Martin\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-02-19 17:43:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-88772817-131360668-2424160999-500 - Administrator - Disabled)
Guest (S-1-5-21-88772817-131360668-2424160999-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-88772817-131360668-2424160999-1002 - Limited - Enabled)
Martin (S-1-5-21-88772817-131360668-2424160999-1000 - Administrator - Enabled) => C:\Users\Martin
UpdatusUser (S-1-5-21-88772817-131360668-2424160999-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DVIA player 5.0.0.20 (HKLM-x32\...\{F06365EC-061E-48C3-B761-E1816658D618}) (Version: 5.0.20 - 3DVIA)
Acrobat.com (HKLM-x32\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Alcor Micro USB Card Reader (HKLM-x32\...\{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}) (Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}) (Version: 1.5.17.25482 - Alcor Micro Corp.)
AliExpress version 1.1.0.5019 (HKLM-x32\...\70652e10-a720-11e6-bfea-d33ec8ab8d4f_is1) (Version: 1.1.0.5019 - )
Apple Mobile Device Support (HKLM\...\{C29B636B-9015-4ED1-A12F-6375A337F23B}) (Version: 11.4.1.46 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.7 - ASUS)
ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS)
ASUS Data Security Manager (HKLM-x32\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0014 - ASUS)
ASUS FancyStart (HKLM-x32\...\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}) (Version: 1.0.6 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.24 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus)
ASUS_N_Series_Screensaver (HKLM-x32\...\ASUS_N_Series_Screensaver) (Version: - )
ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0053 - ASUS)
ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0006 - ASUS)
ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0007 - ASUS)
Audioactive MP3 Decoder (HKLM-x32\...\Audioactive MP3 Decoder) (Version: - )
Avast Pro Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 69.1.867.100 - AVAST Software)
Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.4 - ASUS)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.17 - Piriform)
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.1 - Dolphin Development Team)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Express Gate (HKLM-x32\...\{865CD808-6D31-4269-9D36-693CFE75D26A}) (Version: 1.2.13.16 - DeviceVM, Inc.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farming Simulator 15 (HKLM-x32\...\Farming Simulator 15_is1) (Version: 1.2.0.0 - Релиз от R.G. Steamgames)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.4 - ASUS)
FormatFactory 2.95 (HKLM-x32\...\FormatFactory) (Version: 2.95 - Free Time)
Free Mp3 Wma Converter V 1.81 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: - )
GameLoad 2.0.0 (HKLM-x32\...\{7FEA7AEB-C073-4687-B3E1-5282DFABAB56}_is1) (Version: 2.0.0 - Ant Media, s. r. o.)
Google Earth Pro (HKLM-x32\...\{BF354C72-AC4C-4A87-8D42-B089862BAE58}) (Version: 7.3.2.5491 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
iTunes (HKLM\...\{56E3752E-E2E6-4F7C-AC04-24BC03A78F09}) (Version: 12.8.0.150 - Apple Inc.)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.7 - PandoraTV)
MainConcept MCE Encoder 64bit (HKLM\...\{FE6B5787-597D-4618-A4AB-261AAED9B5FD}) (Version: 1.5.1.1 - MainConcept GmbH)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 63.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 63.0.1 (x64 cs)) (Version: 63.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
MP3 To WMA Converter 1.00 (HKLM-x32\...\MP3 To WMA Converter_is1) (Version: - )
MPEG2 Codec(libmpeg2/mad) (HKLM-x32\...\MPEG2 Codec(libmpeg2/mad)) (Version: - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA Ovladač 3D Vision 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
O2 (HKLM-x32\...\O2CZ) (Version: - O2)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}) (Version: 1.0.3 - OLYMPUS IMAGING CORP.)
OLYMPUS Viewer 2 (HKLM-x32\...\{797808CA-1563-4EA0-A280-1371AC2F2310}) (Version: 1.3.0 - OLYMPUS IMAGING CORP.)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 54.0.2952.64 (HKLM-x32\...\Opera 54.0.2952.64) (Version: 54.0.2952.64 - Opera Software)
Operation Flashpoint ®: Red River (HKLM-x32\...\{434D083E-7E9A-4D3A-914B-121000008100}) (Version: 1.0.0000.129 - Codemasters) Hidden
Operation Flashpoint ®: Red River (HKLM-x32\...\GFWL_{434D083E-7E9A-4D3A-914B-121000008100}) (Version: 1.0.0000.129 - Codemasters)
Ovládací panel NVIDIA 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 306.97 - NVIDIA Corporation) Hidden
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version: - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - )
PhotoFiltre 7 (HKU\S-1-5-21-88772817-131360668-2424160999-1000\...\PhotoFiltre 7) (Version: - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.)
PPSSPP version 1.4.2 (HKLM-x32\...\PPSSPP_is1) (Version: 1.4.2 - )
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )
rajče průvodce verze 1.59.45.260 (HKLM-x32\...\rajče.net_is1) (Version: - rajče.net)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5948 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Seznam Software (HKU\S-1-5-21-88772817-131360668-2424160999-1000\...\SeznamInstall) (Version: - Seznam.cz)
SPCA1528 PC Driver (HKLM-x32\...\{570C2A84-A145-4DF0-AE9D-012584DF09DC}) (Version: 2.2.2.0 - sunplus)
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.1500 - SRS Labs, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stellarium 0.11.2 (HKLM-x32\...\Stellarium_is1) (Version: - )
The Witcher 2 (HKLM-x32\...\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}) (Version: 1.00.0000 - CD Projekt Red)
Trend Micro Internet Security (HKLM\...\{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}) (Version: 17.50 - Trend Micro Inc.)
Trend Micro Internet Security (HKLM\...\{9D2B0322-44AE-460E-9283-4D2D7A9205AE}) (Version: 17.50 - Trend Micro Inc.) Hidden
Unity Web Player (HKU\S-1-5-21-88772817-131360668-2424160999-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - )
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.29.0 - ASUS)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.12 - ASUS)
Wolfenstein - Enemy Territory (HKLM-x32\...\Wolfenstein - Enemy Territory) (Version: - )
WorldofWarships (HKLM-x32\...\WorldofWarships) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-23] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-23] (AVAST Software)
ShellIconOverlayIdentifiers: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll [2007-06-15] ()
ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll [2007-06-02] ()
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll [2007-06-15] ()
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll [2007-06-02] ()
ContextMenuHandlers1: [ADSMEnDecExt] -> {8BB925EB-A385-4F4D-B463-D9CC4A4F98F5} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmendecExt.dll [2009-09-30] (ASUSTek Computer Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-23] (AVAST Software)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FreeTime\FormatFactory\ShellEx64_101.dll [2012-01-20] (Free Time)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2009-06-02] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2009-08-16] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-23] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4: [ADSMEnDecExt] -> {8BB925EB-A385-4F4D-B463-D9CC4A4F98F5} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmendecExt.dll [2009-09-30] (ASUSTek Computer Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FreeTime\FormatFactory\ShellEx64_101.dll [2012-01-20] (Free Time)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2009-06-02] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2009-08-16] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2012-10-02] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-23] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2009-06-02] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2009-08-16] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04E18B0D-0A2E-48DB-9139-5EF7CD477251} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {0C5A61E6-EA31-419F-89F8-4659290547AB} - System32\Tasks\GoogleUpdateTaskMachineUA1d2bf86f48783f1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {23BD3198-16EF-4375-AFE8-57982D359A59} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {49EB761C-0C71-4FF9-9DC0-A47CD640681E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-08] (AVAST Software)
Task: {6B3CC773-3724-468B-86C4-8E257D96B15F} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-08] (AVAST Software)
Task: {9069B584-2487-4762-87D6-80D7559D5433} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-10-29] (AVAST Software)
Task: {9517B6A8-9BA1-4F88-B49F-3A28D1315739} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {A2852F53-7EDB-4E7F-98EE-DD5EE8B466BE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-04-26] (Piriform Ltd)
Task: {A9A0FCCB-89AB-4D68-842A-6B6E1169EB53} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-10-23] (AVAST Software)
Task: {D1605E7D-DD66-4E4B-83F4-91E903091484} - System32\Tasks\SafeZone scheduled Autoupdate 1455452441 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {D961C52A-321D-48FB-9DCA-DAB5C5FE7613} - System32\Tasks\GoogleUpdateTaskMachineCore1d2bf86f2add21b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {E0253F49-FD56-4FE9-8002-1718830FF6C5} - System32\Tasks\Opera scheduled Autoupdate 1416086142 => c:\program files (x86)\opera\launcher.exe [2018-07-25] (Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Martin\Desktop\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&click_id=d0c0a288280c83b5ffcb124e48ed612745cce734
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WOW\WorldofWarships.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=772&aff_id=1034&aff_sub=100
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WorldofTanks\WorldofTanks.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=174&aff_id=1034
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&click_id=d0c0a288280c83b5ffcb124e48ed612745cce734
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&click_id=d0c0a288280c83b5ffcb124e48ed612745cce734
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WorldofTanks.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=174&aff_id=1034
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WorldofWarships.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=772&aff_id=1034&aff_sub=100

==================== Loaded Modules (Whitelisted) ==============

2012-09-27 22:05 - 2012-10-02 20:51 - 000086888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-02-20 03:25 - 2007-08-08 09:08 - 000094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2007-06-15 19:28 - 2007-06-15 19:28 - 000104960 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll
2007-06-02 01:52 - 2007-06-02 01:52 - 000159744 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
2018-06-23 05:56 - 2018-06-23 05:56 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-12-08 01:48 - 2017-12-08 01:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-10-23 07:27 - 2018-10-23 07:27 - 000730328 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-07-06 01:00 - 2018-07-06 01:00 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-07-06 01:00 - 2018-07-06 01:00 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2009-07-02 03:54 - 2009-07-02 03:54 - 000173344 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2016-02-12 22:13 - 2018-04-26 17:32 - 000083784 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-10-23 07:27 - 2018-10-23 07:27 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-10-23 07:27 - 2018-10-23 07:27 - 000598232 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-04 19:49 - 2018-11-04 19:49 - 005713040 _____ () C:\Program Files\AVAST Software\Avast\defs\18110406\algo.dll
2018-10-23 07:27 - 2018-10-23 07:27 - 000496856 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-10-23 07:27 - 2018-10-23 07:27 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-10-23 07:27 - 2018-10-23 07:27 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-11-05 09:10 - 2018-11-05 09:10 - 005713040 _____ () C:\Program Files\AVAST Software\Avast\defs\18110502\algo.dll
2018-03-13 12:24 - 2018-03-13 12:24 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2018-11-02 20:15 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-88772817-131360668-2424160999-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk => C:\Windows\pss\SRS Premium Sound.lnk.CommonStartup
MSCONFIG\startupreg: ADSMTray => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{0583A2D6-D741-4B6E-9228-C297B4D0710A}E:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) E:\easysetupassistant\wr841n\easysetupassistant.exe
FirewallRules: [UDP Query User{5C9FF138-06D0-4151-B44C-CB16C4C0E45F}E:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) E:\easysetupassistant\wr841n\easysetupassistant.exe
FirewallRules: [{F9C9A0FA-04A4-4C14-B1C0-9240A3A9AFF7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{DA855C0D-CE46-4158-B09C-EC1CA63EF8C1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{3205E319-8E8C-46C6-8A07-AD6E84ECF27E}] => (Allow) C:\Users\Martin\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{10E0C847-0E33-4C65-A530-463F6A0B4D0B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1C143D5F-04CF-4678-AD71-9D7D271F266F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6E1DC11A-07AE-43C8-86E9-559ACB8120A7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A73FD97D-DA1C-47C5-95CE-8ADC72B6B919}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{93D6640F-DA64-478A-B039-9E3CA9957897}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{71CFD676-E4AB-496E-B737-B525DB2A8CD9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{56BF8325-0660-4662-8938-E6B2BDCBC94C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FFE1D62B-8922-4520-9DB2-D7CDBC21555A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A1922374-BE06-44BE-A681-0AB9D17BE8E9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E3A5DB41-245B-442F-816B-F5DDF552BBB1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{3CCE1EB8-4B03-48C8-B945-CE20129300EF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7C50A7F8-47E5-434E-AB48-4F83CE22868A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9ADDF5A6-9DD1-41B3-A6AD-50706513AA42}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{26607A5C-7E1F-445B-9D25-BE41FD5B9C58}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AD726A20-4A66-45F1-AEF7-28FD59D6BDE5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C7C83769-7936-4A5E-8E9B-F701AAB15E52}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A6EACC62-2A95-4FD7-ADEC-177497CD6DAC}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [TCP Query User{B3404AD9-0688-4ADF-92AF-814E385FA343}C:\program files (x86)\wolfenstein - enemy territory\et.exe] => (Block) C:\program files (x86)\wolfenstein - enemy territory\et.exe
FirewallRules: [UDP Query User{26925DF4-74AC-4069-9821-703420CF7ABA}C:\program files (x86)\wolfenstein - enemy territory\et.exe] => (Block) C:\program files (x86)\wolfenstein - enemy territory\et.exe
FirewallRules: [{0D198F17-0552-4BBC-8B63-E82FCDA7799D}] => (Allow) C:\Program Files (x86)\Opera\54.0.2952.51\opera.exe
FirewallRules: [{7C45F07F-0ED1-4C52-AB28-715BE9FB3FEB}] => (Allow) c:\program files (x86)\opera\54.0.2952.64\opera.exe
FirewallRules: [{699400B5-15CF-4B60-8BFF-7CED36FF7B71}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{ED9C1B7D-67B3-4BCF-88DE-0EE6021C0264}] => (Allow) C:\Program Files (x86)\Remotr\RemotrServer.exe
FirewallRules: [{4BF22504-55E8-447A-A4C7-CBAC53B06E41}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{60D244E3-9741-410F-B0DF-B6F4BB39979B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{4358E798-D294-4C0F-A988-BC103A0FF711}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/05/2018 09:09:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FBAgent.exe, verze: 1.0.4.0, časové razítko: 0x4ab1aea2
Název chybujícího modulu: FBAgent.exe, verze: 1.0.4.0, časové razítko: 0x4ab1aea2
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002c9a2
ID chybujícího procesu: 0x4dc
Čas spuštění chybující aplikace: 0x01d474ded063f4ec
Cesta k chybující aplikaci: C:\Windows\system32\FBAgent.exe
Cesta k chybujícímu modulu: C:\Windows\system32\FBAgent.exe
ID zprávy: 289a653b-e0d2-11e8-ab70-e0cb4e362246

Error: (11/04/2018 08:37:18 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/04/2018 07:48:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FBAgent.exe, verze: 1.0.4.0, časové razítko: 0x4ab1aea2
Název chybujícího modulu: FBAgent.exe, verze: 1.0.4.0, časové razítko: 0x4ab1aea2
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002c9a2
ID chybujícího procesu: 0x514
Čas spuštění chybující aplikace: 0x01d4746eca722f2f
Cesta k chybující aplikaci: C:\Windows\system32\FBAgent.exe
Cesta k chybujícímu modulu: C:\Windows\system32\FBAgent.exe
ID zprávy: 34e2fbbe-e062-11e8-aaf8-e0cb4e362246

Error: (11/04/2018 07:37:17 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/04/2018 06:37:17 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/04/2018 06:09:37 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/04/2018 06:00:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FBAgent.exe, verze: 1.0.4.0, časové razítko: 0x4ab1aea2
Název chybujícího modulu: FBAgent.exe, verze: 1.0.4.0, časové razítko: 0x4ab1aea2
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002c9a2
ID chybujícího procesu: 0x504
Čas spuštění chybující aplikace: 0x01d4745fc1a17e51
Cesta k chybující aplikaci: C:\Windows\system32\FBAgent.exe
Cesta k chybujícímu modulu: C:\Windows\system32\FBAgent.exe
ID zprávy: 219ed768-e053-11e8-9c39-e0cb4e362246

Error: (11/04/2018 04:37:18 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.


System errors:
=============
Error: (11/05/2018 09:11:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (11/05/2018 09:11:41 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
Přihlašovací chyba: Platnost hesla pro tuto registraci vypršela.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (11/05/2018 09:10:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Protokol PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535

Error: (11/05/2018 09:10:09 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena s následující chybou:
%%-2140993535

Error: (11/05/2018 09:10:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Protokol PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535

Error: (11/05/2018 09:10:09 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena s následující chybou:
%%-2140993535

Error: (11/05/2018 09:10:09 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Protokol PNRP (Peer Name Resolution Protocol) nebylo možné spustit, protože se nezdařilo vytvoření nové identity. Kód chyby: 0x80630801.

Error: (11/05/2018 09:10:09 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Protokol PNRP (Peer Name Resolution Protocol) nebylo možné spustit, protože se nezdařilo vytvoření nové identity. Kód chyby: 0x80630801.


Windows Defender:
===================================
Date: 2015-05-25 05:39:24.205
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{AE795944-3210-4E80-816E-DEDE6CCC0836}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2015-05-13 05:31:49.969
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{B484E742-4F27-41B7-97E5-C36404C5E63D}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2015-05-10 02:34:49.497
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070003
Popis chyby:Systém nemůže nalézt uvedenou cestu.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2015-05-10 02:34:49.497
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.

Date: 2015-02-13 16:20:45.871
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace:Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby:0x8050a003
Popis chyby:Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

Date: 2015-02-13 16:04:47.019
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Zálohování
Kód chyby:0x80070714
Popis chyby:Zadaný soubor bitové kopie neobsahuje oddíl prostředků.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2015-02-13 16:01:33.609
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050800c
Popis chyby:Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze podpisu:1.191.4816.0
Verze modulu:1.1.11302.0

CodeIntegrity:
===================================

Date: 2015-12-23 23:57:28.968
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-23 21:47:30.970
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-23 21:47:00.567
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-23 21:46:30.184
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-23 21:45:56.897
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-23 21:45:26.451
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-23 21:44:53.099
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-23 21:44:22.662
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz
Percentage of memory in use: 37%
Total physical RAM: 4095.24 MB
Available physical RAM: 2572.57 MB
Total Virtual: 8188.66 MB
Available Virtual: 6797.57 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:334.6 GB) (Free:199.79 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Zaloha) (Fixed) (Total:131.16 GB) (Free:29.66 GB) NTFS
Drive h: () (Removable) (Total:1.84 GB) (Free:1.84 GB) FAT


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 232DB247)
Partition 1: (Active) - (Size=334.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=131.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Protective MBR) (Size: 1.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Re: Prosím o kontrolu, děkuji

Napsal: 05 lis 2018 20:56
od Conder
:arrow: Ak nepouzivas, odporucam odinstalovat Seznam Software (Seznam Listicka).

:arrow: Napis, ci to tam chces nechat alebo odinstalovat, podla toho napisem este fixlist na upratanie, ale inak to v podstate vyzera OK.

Re: Prosím o kontrolu, děkuji

Napsal: 06 lis 2018 22:52
od muss45
Odinstalovat, nepoužívám. Děkuji.

Re: Prosím o kontrolu, děkuji

Napsal: 06 lis 2018 23:17
od Conder
:arrow: OK, skus "Seznam Software" najprv odinstalovat normalne. Ak to nepojde tak iba pokracuj na dalsi krok.

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\Common Files\CPInstallAction.dll
File: C:\Program Files (x86)\Common Files\MSIactionall.dll
File: C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
File: :\Program Files\ATKGFNEX\GFNEXSrv.exe
Folder: C:\Windows\Minidump
ExportKey: HKEY_USERS\S-1-5-21-88772817-131360668-2424160999-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Homepage: Mozilla\Firefox\Profiles\gbywkb37.default-1443874292075-1538953842943 -> hxxps://www.seznam.cz/
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2321 -> C:\PROGRA~2\fenglei\Mozilla\nppl3260.dll [No File]
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1483 -> C:\PROGRA~2\fenglei\Mozilla\nprpjplug.dll [No File]
FF Plugin HKU\S-1-5-21-88772817-131360668-2424160999-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
U4 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 Bulk1528; System32\Drivers\Bulk1528.sys [X]
S2 Ca1528av; System32\Drivers\Ca1528av.sys [X]
U3 tmlwf; no ImagePath
U3 tmwfp; no ImagePath
2017-04-28 18:34 - 2017-04-28 18:34 - 000332856 _____ (http://www.Slovenčiny.Com) C:\Users\Martin\Uninstall NFSPS_SK.exe
2016-03-06 22:10 - 2016-03-07 11:48 - 000029696 _____ () C:\Users\Martin\AppData\Local\MSGBOX.EXE

C:\Program Files (x86)\Seznam.cz
C:\Users\Martin\AppData\Roaming\Seznam.cz
DeleteKey: HKEY_USERS\S-1-5-21-88772817-131360668-2424160999-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: Prosím o kontrolu, děkuji

Napsal: 08 lis 2018 23:34
od muss45
Fix result of Farbar Recovery Scan Tool (x64) Version: 24.10.2018
Ran by Martin (08-11-2018 23:16:25) Run:1
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin & UpdatusUser)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\Common Files\CPInstallAction.dll
File: C:\Program Files (x86)\Common Files\MSIactionall.dll
File: C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
File: :\Program Files\ATKGFNEX\GFNEXSrv.exe
Folder: C:\Windows\Minidump
ExportKey: HKEY_USERS\S-1-5-21-88772817-131360668-2424160999-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Homepage: Mozilla\Firefox\Profiles\gbywkb37.default-1443874292075-1538953842943 -> hxxps://www.seznam.cz/
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2321 -> C:\PROGRA~2\fenglei\Mozilla\nppl3260.dll [No File]
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1483 -> C:\PROGRA~2\fenglei\Mozilla\nprpjplug.dll [No File]
FF Plugin HKU\S-1-5-21-88772817-131360668-2424160999-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
U4 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 Bulk1528; System32\Drivers\Bulk1528.sys [X]
S2 Ca1528av; System32\Drivers\Ca1528av.sys [X]
U3 tmlwf; no ImagePath
U3 tmwfp; no ImagePath
2017-04-28 18:34 - 2017-04-28 18:34 - 000332856 _____ (http://www.Sloven�iny.Com) C:\Users\Martin\Uninstall NFSPS_SK.exe
2016-03-06 22:10 - 2016-03-07 11:48 - 000029696 _____ () C:\Users\Martin\AppData\Local\MSGBOX.EXE

C:\Program Files (x86)\Seznam.cz
C:\Users\Martin\AppData\Roaming\Seznam.cz
DeleteKey: HKEY_USERS\S-1-5-21-88772817-131360668-2424160999-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 715
Average :
Sum : 4614615903
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========


========================= File: C:\Program Files (x86)\Common Files\CPInstallAction.dll ========================

C:\Program Files (x86)\Common Files\CPInstallAction.dll
File not signed
MD5: 7AA777525EF1365A0C6921D1A9B6A384
Creation and modification date: 2009-04-08 19:31 - 2009-04-08 19:31
Size: 000106496
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/0fc14ab ... 441097815/

====== End of File: ======


========================= File: C:\Program Files (x86)\Common Files\MSIactionall.dll ========================

C:\Program Files (x86)\Common Files\MSIactionall.dll
File not signed
MD5: 75CB0BB7F02BC772BC8895913284867C
Creation and modification date: 2008-08-12 06:45 - 2008-08-12 06:45
Size: 000155648
Attributes: ----A
Company Name: ASUS
Internal Name: MSIactionall
Original Name: MSIactionall.DLL
Product: Custom Actions
Description: MSI Custom Actions
File Version: 1, 0, 0, 1
Product Version: 1, 0, 0, 0
Copyright: Copyright (C) 2008
VirusTotal: https://www.virustotal.com/file/5c0391d ... 472620930/

====== End of File: ======


========================= File: C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe ========================

C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
File not signed
MD5: C0BF554D2277F7A4C735D475ADE2E3B2
Creation and modification date: 2008-03-31 11:55 - 2008-03-31 11:55
Size: 000225280
Attributes: ----A
Company Name: ASUSTek Computer Inc.
Internal Name: ADSMSrv
Original Name: ADSMSrv.exe
Product: ADSMSrv
Description: ADSMSrv
File Version: 1, 3, 8, 106
Product Version: 1, 3, 8, 106
Copyright: All rights reserved.
VirusTotal: https://www.virustotal.com/file/58ed620 ... 494109630/

====== End of File: ======


========================= File: :\Program Files\ATKGFNEX\GFNEXSrv.exe ========================

":\Program Files\ATKGFNEX\GFNEXSrv.exe" => not found
====== End of File: ======


========================= Folder: C:\Windows\Minidump ========================


====== End of Folder: ======

================== ExportKey: ===================

[HKEY_USERS\S-1-5-21-88772817-131360668-2424160999-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall]
"InstallLocation"="C:\Users\Martin\AppData\Roaming\Seznam.cz"
"DisplayName"="Seznam Software"
"DisplayIcon"="C:\Users\Martin\AppData\Roaming\Seznam.cz\szninstall.exe,0"
"UninstallString"=""C:\Users\Martin\AppData\Roaming\Seznam.cz\szninstall.exe" -X"
"ModifyPath"="C:\Users\Martin\AppData\Roaming\Seznam.cz\szninstall.exe"
"Publisher"="Seznam.cz"
"URLInfoAbout"="http://software.seznam.cz"
"HelpLink"="http://napoveda.seznam.cz/cz/software.html"
"Comments"="Vsechny aplikace spolecnosti Seznam.cz a.s."
"NoRepair"="1"
"NoModify"="0"

=== End of ExportKey ===
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"Firefox homepage" => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2321 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1483 => removed successfully
HKU\S-1-5-21-88772817-131360668-2424160999-1000\Software\MozillaPlugins\ubisoft.com/uplaypc => removed successfully
"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll" => not found
HKLM\System\CurrentControlSet\Services\avast! Firewall => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\AppMgmt => removed successfully
AppMgmt => service removed successfully
HKLM\System\CurrentControlSet\Services\Bulk1528 => removed successfully
Bulk1528 => service removed successfully
HKLM\System\CurrentControlSet\Services\Ca1528av => removed successfully
Ca1528av => service removed successfully
HKLM\System\CurrentControlSet\Services\tmlwf => removed successfully
tmlwf => service removed successfully
HKLM\System\CurrentControlSet\Services\tmwfp => removed successfully
tmwfp => service removed successfully
C:\Users\Martin\Uninstall NFSPS_SK.exe => moved successfully
C:\Users\Martin\AppData\Local\MSGBOX.EXE => moved successfully
C:\Program Files (x86)\Seznam.cz => moved successfully
C:\Users\Martin\AppData\Roaming\Seznam.cz => moved successfully
HKEY_USERS\S-1-5-21-88772817-131360668-2424160999-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23349115 B
Java, Flash, Steam htmlcache => 41029891 B
Windows/system/drivers => 270391309 B
Edge => 0 B
Chrome => 0 B
Firefox => 1095975333 B
Opera => 147132 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Martin => 20838069 B
UpdatusUser => 0 B

RecycleBin => 731424 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 08-11-2018 23:24:36)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\avast! Firewall => could not remove, key could be protected

==== End of Fixlog 23:24:36 ====

Re: Prosím o kontrolu, děkuji

Napsal: 09 lis 2018 19:53
od Conder
:arrow: Vyzera to OK. Nastala nejaka zmena alebo su este nejake problemy s PC?

:arrow: Odporucam doinstalovat vsetky dolezite aktualizacie cez Windows Update.

:arrow: Dalej je v PC nainstalovana starsia verzia NVIDIA ovladacov - 306.97. Neviem, aka je v PC graficka karta, ale mozes skontrolovat na stranke https://www.nvidia.com/drivers ci nie je dostupna novsia verzia pre danu graficku kartu, pokial je tak odporucam aktualizovat.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz