VIRY.CZ

Zdravim, mam problem ze vecsinu casu mi procesor ide na 100% aj ked na pc nic nerobim.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2019
Ran by John (administrator) on JOHN-PC (12-07-2019 18:03:06)
Running from C:\Users\John\AppData\Local\Temp\scoped_dir1588_12169
Loaded Profiles: John (Available Profiles: John)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
() [File not signed] C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\SDK\CM_LibraryIO.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Apache Software Foundation) [File not signed] C:\xampp\apache\bin\httpd.exe
(Apache Software Foundation) [File not signed] C:\xampp\apache\bin\httpd.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google LLC -> Google) C:\Users\John\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\John\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\John\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\John\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(MariaDB Corporation Ab -> ) C:\xampp\mysql\bin\mysqld.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera_crashreporter.exe
(Popcorn Time) [File not signed] C:\Program Files (x86)\Popcorn Time\Updater.exe
(Riot Games, Inc. -> ) C:\Riot Games\League of Legends\LeagueClient.exe
(SOKNO S.R.L. -> ) C:\Program Files (x86)\SpeedFan\speedfan.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-949114339-2066100574-2594248327-1000\...\Run: [BloodyToneMaker] => C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe [8555008 2017-10-16] () [File not signed]
HKU\S-1-5-21-949114339-2066100574-2594248327-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-949114339-2066100574-2594248327-1000\...\Run: [AvastBrowserAutoLaunch_D39FDF68DE73058B395809CCEB6C0150] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1456448 2017-03-01] (Image Line -> HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2017-12-22] (Beepa P/L) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-22] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.80\Installer\chrmstp.exe [2019-06-28] (AVAST Software s.r.o. -> AVAST Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A9D12E3-3DCF-40E3-80B9-803013CD2C22} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {20F2855A-9B28-4022-99B6-36E4DB6293AE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-06] (Piriform Ltd -> Piriform Ltd)
Task: {77064960-AE74-4218-80A6-5D2E16039A6D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
Task: {8D7E6AF0-44BB-402D-8C2C-A835EF2CFD2D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
Task: {9124367A-90C1-401F-99FD-79EA7552AA01} - System32\Tasks\AdobeGCInvoker-1.0-John-PC-John => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {9D6C3930-F621-4296-A748-5865083AD527} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {A30993DD-B4C8-45A6-B8B7-83DDFCF1B0D1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B1D77E51-7D67-444E-B3F5-61FD2F00823D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_pepper.exe [1452600 2019-06-29] (Adobe Inc. -> Adobe)
Task: {B7A4BB3A-B24E-42D8-9830-1D21197540A8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {EBC23B6F-5E09-43B9-A2B5-964A74F04CFA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {F5D2FE26-6C34-457B-A652-1E96E58C6E01} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {FE05E3C4-0EEA-458C-9464-41A491FBEE03} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-12] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{54287F57-F62E-4A77-887F-98CFD53339ED}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B1477436-BDB7-43DB-8368-4FEBFCEBABA8}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-25] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll [2005-09-23] (Microsoft Corporation) [File not signed]
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: dpdx1dpi.default
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default [2019-07-12]
FF NetworkProxy: Mozilla\Firefox\Profiles\dpdx1dpi.default -> backup.ftp", "127.0.0.1"
FF Extension: (Flash Debugger) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\@flash_debugger.xpi [2019-07-01]
FF Extension: (ETP Search Volume Study) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\etp-search-volume-study@shield.mozilla.org.xpi [2019-07-12]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\sp@avast.com.xpi [2019-01-23]
FF Extension: (Avast Online Security) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\wrc@avast.com.xpi [2018-07-17]
FF Extension: (Video DownloadHelper) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-07-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-12] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPDDB91BBD-BA11-4584-980A-F18600097BBE&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3321897&octid ... google.com"
CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default [2019-07-12]
CHR Extension: (Google Drive) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-04]
CHR Extension: (YouTube) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-04]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2019-07-03]
CHR Extension: (Slither.io Skins, Mods, Hack & Guide) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\dggomkijbihggjgcgdbnleolpleddaid [2016-06-12]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-15]
CHR Extension: (DarkOrbit SID Login) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgkcmijdllamjcbfeeheebbphpnbmbco [2019-07-01]
CHR Extension: (Avast Online Security) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-01]
CHR Extension: (Stream Video Downloader) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\imkngaibigegepnlckfcbecjoilcjbhf [2019-04-01]
CHR Extension: (Chromebook Recovery Utility) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2019-02-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-07-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-23]
CHR HKU\S-1-5-21-949114339-2066100574-2594248327-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (AdBlock) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-09-10]
OPR Extension: (Nimbus Screenshot & Screen Video Recorder) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\gjpihpkhgfngnbhhfdehlcmgfahbciip [2018-05-08]
OPR Extension: (Twitch Now) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\hiahmjdojdodmjjhhddegdnhcpjmokmo [2018-02-20]
OPR Extension: (Scripter) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\hpochgedhgonjnpbepkbnkkibkjigknc [2018-04-19]
OPR Extension: (Direct Currency Converter) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\jionklhcihkojemcnabgmdahckalngcl [2019-06-05]
OPR Extension: (Quasimodo) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbioggfbkfijplhkfhaedclnadjdcbnn [2018-07-05]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-02-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [499592 2019-03-27] (Advanced Micro Devices, Inc. -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-23] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [423288 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-23] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.80\elevation_service.exe [978720 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8577760 2019-05-08] (BattlEye Innovations e.K. -> )
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-05-30] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803456 2019-07-06] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S4 ewserver; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [191664 2018-02-26] (Trace Software International -> )
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S4 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [File not signed]
S3 impi_hydra; C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe [880296 2018-02-26] (Intel(R) Software Development Products -> Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
S4 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] (Razer USA Ltd. -> )
S4 RemoteSolverDispatcher; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe [264704 2018-02-26] (Mentor Graphics Corporation -> Mentor Graphics Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2018-05-27] (SolidWorks) [File not signed]
S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
S4 SWVisualize2018.BoostService; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe [59280 2018-02-26] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
S4 SWVisualize2018.Queue.Server; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe [24976 2018-02-26] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11446104 2019-04-24] (TeamViewer GmbH -> TeamViewer GmbH)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2018-04-06] (Popcorn Time) [File not signed]
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14346680 2018-05-11] (VMware, Inc. -> )
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation -> Microsoft Corporation)
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe [30720 2018-03-18] (Apache Software Foundation) [File not signed]
S3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.2.14\bin\mysqld.exe [14550440 2018-03-26] (MariaDB Corporation Ab -> )
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe [39551488 2017-12-28] () [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [52879752 2019-03-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [581512 2019-03-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [130536 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [395752 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [209256 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [263224 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206056 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61688 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42504 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169112 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [549416 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030992 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477288 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225816 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [387392 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.5.1\dbk64.sys [94040 2016-05-19] (Cheat Engine -> )
R3 CMUAC; C:\Windows\System32\DRIVERS\Headset6400x1.SYS [386560 2013-10-03] (C-MEDIA ELECTRONICS INC. -> A4Tech Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-06-04] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-06-04] (Disc Soft Ltd -> Disc Soft Ltd)
R3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [66728 2016-07-06] (NTONYX Ltd. -> Eugene V. Muzychenko)
R0 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [10265032 2018-03-17] (FACE IT LIMITED -> )
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [32384 2018-05-03] (Sony Mobile Communications AB -> Sony Mobile Communications)
S3 libusbK; C:\Windows\System32\DRIVERS\libusbK.sys [47200 2018-07-23] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S4 RsFx0310; C:\Windows\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [51224 2016-05-12] (Razer USA Ltd. -> Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer Inc. -> Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer Inc. -> Razer, Inc.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [40664 2015-02-03] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-05-04] (Apple, Inc.) [File not signed]
R3 VBAudioVMAUXVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmauxvaio64_win7.sys [41192 2019-01-06] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2019-01-05] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [213080 2018-06-29] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [222872 2018-06-29] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135768 2016-06-28] (Oracle Corporation -> Oracle Corporation)
R1 vmkbd3; C:\Windows\System32\DRIVERS\vmkbd.sys [52288 2018-05-11] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [93248 2017-09-05] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 wovad_micarray; C:\Windows\System32\drivers\womic.sys [35696 2017-11-25] (Beijing Wolicheng Technology Co., Ltd. -> Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-12 18:02 - 2019-07-12 18:02 - 002095104 _____ (Farbar) C:\Users\John\Downloads\FRST64.exe
2019-07-12 15:29 - 2019-07-12 15:29 - 000214846 _____ C:\Users\John\Downloads\curlpp-0.8.1 (1).zip
2019-07-12 15:09 - 2019-07-12 15:09 - 000214846 _____ C:\Users\John\Downloads\curlpp-0.8.1.zip
2019-07-12 14:54 - 2019-07-12 14:54 - 000000153 _____ C:\Users\John\Desktop\takt bisnis
2019-07-12 14:36 - 2019-07-12 14:36 - 000004416 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-12 14:33 - 2019-07-12 14:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-12 11:27 - 2019-07-12 11:27 - 000012666 _____ C:\Users\John\Downloads\GGModule.java
2019-07-11 13:14 - 2019-07-11 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-07-11 13:13 - 2019-06-27 14:52 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-07-11 13:12 - 2019-07-11 13:12 - 000549416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2019-07-11 13:12 - 2019-07-11 13:12 - 000038152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys
2019-07-10 16:09 - 2019-07-10 16:09 - 000026185 _____ C:\Users\John\Desktop\nastavnie.txt
2019-07-10 13:01 - 2019-07-10 13:01 - 000000000 ____D C:\Users\John\AppData\Local\Tempzxpsign8116301db2c8f574
2019-07-10 12:47 - 2019-07-10 12:47 - 000000000 ____D C:\Users\John\AppData\Local\Tempzxpsignd534ccc90a41cb79
2019-07-10 12:43 - 2019-07-10 12:43 - 000000000 ____D C:\Users\John\AppData\Local\Tempzxpsign23f218f613a06efe
2019-07-09 09:16 - 2019-07-09 09:16 - 007227870 _____ C:\Users\John\Downloads\launch4j-3.12-win32.exe
2019-07-07 22:30 - 2019-07-07 22:30 - 000000000 ____D C:\Users\John\AppData\Local\www.coderbag.com
2019-07-07 22:29 - 2019-07-07 22:29 - 000000738 _____ C:\Users\Public\Desktop\QuickCPU.lnk
2019-07-07 22:29 - 2019-07-07 22:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickCPU
2019-07-07 22:04 - 2019-06-12 18:30 - 000000000 ____D C:\Users\John\Desktop\Rust 2019 FPS Pack By Panj
2019-07-07 22:00 - 2019-07-07 22:00 - 002123105 _____ C:\Users\John\Downloads\Rust 2019 FPS Pack By Panj.rar
2019-07-07 11:39 - 2019-07-12 12:45 - 000000000 ____D C:\Users\John\Desktop\Popcorn Darkbot V1.13.11beta31
2019-07-07 11:38 - 2019-07-07 11:38 - 001214443 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta31.zip
2019-07-07 11:12 - 2019-07-07 11:12 - 000016113 _____ C:\Users\John\Downloads\document.pdf
2019-07-07 10:56 - 2019-07-07 10:56 - 000399348 _____ C:\Users\John\Downloads\DPD_cenník služieb medzinárodná preprava_2019 (1).pdf
2019-07-07 09:46 - 2019-07-12 14:32 - 000003454 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-John-PC-John
2019-07-06 22:59 - 2019-07-06 23:23 - 127056647 _____ C:\Users\John\Downloads\Videohive 11266469 - 140 Flash FX Elements V3.rar.opdownload
2019-07-06 12:21 - 2019-07-06 12:21 - 000000000 ____D C:\Users\John\AppData\Local\GameAnalytics
2019-07-05 12:17 - 2019-07-05 12:17 - 000001080 _____ C:\Users\Public\Desktop\Opera Browser.lnk
2019-07-03 14:56 - 2019-07-03 14:56 - 001214297 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta27.zip
2019-07-03 14:56 - 2019-07-03 14:56 - 000000000 ____D C:\Users\John\Desktop\Popcorn Darkbot V1.13.11beta27
2019-07-01 17:30 - 2019-07-01 17:33 - 000000000 ____D C:\Program Files (x86)\swiftwire
2019-07-01 17:30 - 2019-07-01 17:30 - 000000000 ____D C:\Users\John\AppData\Roaming\SWFWireDebugger
2019-07-01 10:55 - 2019-07-01 10:55 - 000001249 _____ C:\Users\John\Downloads\settings.ini
2019-07-01 10:39 - 2019-07-01 10:39 - 000202752 _____ () C:\Users\John\Downloads\Corvus.exe
2019-07-01 10:09 - 2019-07-01 10:09 - 000120523 _____ C:\Users\John\Downloads\report_5cfe96194f656_5cfe96194f6a4.pdf
2019-06-30 19:32 - 2019-06-30 19:32 - 000012789 _____ C:\Users\John\Downloads\beastformer.zip
2019-06-29 19:04 - 2019-07-01 14:32 - 000000000 ____D C:\Users\John\Desktop\Popcorn Darkbot V1.13.11beta22
2019-06-29 19:04 - 2019-06-29 19:04 - 001201064 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta22.zip
2019-06-29 01:44 - 2019-06-29 03:08 - 000000000 ____D C:\Users\John\Desktop\Popcorn Darkbot V1.13.11beta14
2019-06-29 01:43 - 2019-06-29 01:43 - 001198101 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta14.zip
2019-06-29 01:43 - 2019-06-29 01:43 - 001198101 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta14 (1).zip
2019-06-29 01:25 - 2019-07-12 14:32 - 000004428 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-06-29 01:24 - 2019-06-29 01:24 - 001207336 _____ (Adobe Inc) C:\Users\John\Downloads\flashplayer32pp_fa_install.exe
2019-06-28 23:35 - 2019-06-28 23:35 - 001528320 _____ (kernel-panik) C:\Users\John\Downloads\kprm_1.3.exe
2019-06-27 19:51 - 2019-06-27 19:51 - 000001003 _____ C:\Users\Public\Desktop\League of Legends.lnk
2019-06-27 19:50 - 2019-06-27 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2019-06-27 19:48 - 2019-06-27 19:48 - 098862144 _____ (Riot Games, Inc) C:\Users\John\Downloads\League%20of%20Legends%20installer%20NA.exe
2019-06-27 14:53 - 2019-06-27 14:52 - 000225816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-27 14:53 - 2019-06-27 14:52 - 000169112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-06-27 12:35 - 2019-06-27 12:35 - 000000000 ____D C:\Users\John\Desktop\dada
2019-06-26 11:50 - 2019-06-26 11:50 - 000000693 _____ C:\Users\Public\Desktop\Hextech Repair Tool.lnk
2019-06-26 11:49 - 2019-06-26 11:49 - 069902336 _____ C:\Users\John\Downloads\Hextech Repair Tool.msi
2019-06-26 11:46 - 2019-06-26 11:46 - 000002541 _____ C:\Users\John\Downloads\LOL_OPGG_Observer_2210294178_spectate.bat
2019-06-26 10:49 - 2019-06-26 10:49 - 000002545 _____ C:\Users\John\Downloads\LOL_OPGG_Observer_3717436160_replay.bat
2019-06-26 09:07 - 2019-06-26 09:07 - 000000076 _____ C:\Windows\system32\퐀െ
2019-06-24 21:52 - 2019-06-24 22:54 - 678873586 _____ C:\Users\John\Downloads\Bufo Alvarius (2017) ČR.mp4
2019-06-23 19:42 - 2019-06-23 19:42 - 000004446 _____ C:\Users\John\Downloads\2500.m3u8
2019-06-23 11:26 - 2019-07-12 14:32 - 000002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-06-22 22:09 - 2019-06-22 22:09 - 000875891 _____ C:\Users\John\Downloads\a24c6dada83097ef2eb6b38d4fe64aedc09fe61952237989333fd396a9d7284c.zip
2019-06-22 22:09 - 2019-06-22 22:09 - 000875765 _____ C:\Users\John\Downloads\flaggybird.apk
2019-06-19 13:34 - 2019-06-19 13:34 - 000003316 _____ C:\Users\John\Downloads\grafs.txt
2019-06-19 13:34 - 2019-06-19 13:34 - 000002412 _____ C:\Users\John\Downloads\amcharts.editor.html
2019-06-19 12:51 - 2019-06-19 12:51 - 000000897 _____ C:\Users\John\Desktop\desktop - Shortcut.lnk
2019-06-18 21:43 - 2019-06-18 21:43 - 000012202 _____ C:\Users\John\.bash_history
2019-06-17 15:29 - 2019-06-17 15:29 - 000021363 _____ C:\Users\John\Downloads\AdsManagerTemplate_v2.3_sk_SK.xltx
2019-06-17 15:24 - 2019-06-17 15:24 - 000024668 _____ C:\Users\John\Downloads\export_20190617_1524.csv
2019-06-17 15:23 - 2019-06-17 15:37 - 000024668 _____ C:\Users\John\Downloads\export.txt
2019-06-17 15:19 - 2019-06-17 15:21 - 000024512 _____ C:\Users\John\Downloads\export_20190617_1519.csv
2019-06-17 15:18 - 2019-06-17 15:18 - 000080728 _____ C:\Users\John\Downloads\export_20190617_1445.csv
2019-06-16 20:19 - 2019-06-16 20:19 - 000000000 ____D C:\Users\John\Downloads\VeraCrypt
2019-06-15 18:13 - 2019-06-15 18:13 - 004612343 _____ C:\Users\John\Downloads\forge-1.10.2-12.18.3.2185-installer-win.exe
2019-06-15 18:11 - 2019-06-15 18:11 - 003903829 _____ C:\Users\John\Downloads\Age+of+Engineering-1.1.2.zip
2019-06-15 14:56 - 2019-06-15 14:56 - 000001321 _____ C:\Users\John\Downloads\1.13.2-Aristois-Latest.zip

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-12 18:03 - 2017-02-03 16:18 - 000000000 ____D C:\FRST
2019-07-12 17:59 - 2018-02-01 00:19 - 000000000 ____D C:\Users\John\AppData\LocalLow\Mozilla
2019-07-12 15:54 - 2018-07-29 00:15 - 000000000 ____D C:\Users\John\AppData\Roaming\discord
2019-07-12 15:03 - 2016-06-13 14:01 - 000000000 ____D C:\Users\John\Documents\Visual Studio 2015
2019-07-12 14:53 - 2019-05-31 22:28 - 000001733 _____ C:\Users\John\Desktop\Co pozriet na aute
2019-07-12 14:38 - 2009-07-14 06:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-12 14:38 - 2009-07-14 06:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-12 14:36 - 2018-07-08 21:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-12 14:36 - 2016-10-21 15:21 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-07-12 14:36 - 2016-10-21 15:21 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-07-12 14:36 - 2016-10-21 15:21 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-07-12 14:36 - 2016-10-21 15:21 - 000000000 ____D C:\Windows\system32\Macromed
2019-07-12 14:36 - 2016-06-04 20:55 - 000000000 ____D C:\Users\John\AppData\Local\Adobe
2019-07-12 14:32 - 2019-02-15 21:50 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-07-12 14:32 - 2018-09-06 18:43 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-07-12 14:32 - 2016-06-22 19:24 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-07-12 13:57 - 2019-01-31 04:33 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2019-07-12 11:05 - 2018-06-28 20:47 - 000000000 ____D C:\Users\John\AppData\Local\LogMeIn Hamachi
2019-07-12 10:57 - 2017-03-06 06:53 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-07-12 10:54 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-12 02:32 - 2016-06-04 17:02 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-07-11 13:14 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-07-11 00:50 - 2016-06-05 18:45 - 000000000 ____D C:\Users\John\AppData\Roaming\TS3Client
2019-07-11 00:50 - 2016-06-04 17:49 - 000000000 ____D C:\Program Files (x86)\Steam
2019-07-10 15:01 - 2016-07-29 17:42 - 000000000 ____D C:\Users\John\AppData\Roaming\vlc
2019-07-10 15:01 - 2016-06-04 17:36 - 000000000 ____D C:\Users\John\AppData\Roaming\uTorrent
2019-07-10 14:44 - 2016-06-04 16:54 - 000000000 ____D C:\ProgramData\Package Cache
2019-07-10 13:14 - 2016-06-25 14:18 - 000000000 ____D C:\Program Files\Adobe
2019-07-10 12:51 - 2019-06-04 23:22 - 000000000 ____D C:\Users\John\AppData\Local\BitTorrentHelper
2019-07-09 20:18 - 2019-01-08 16:42 - 000034138 _____ C:\Users\John\AppData\Roaming\VoiceMeeterBananaDefault.xml
2019-07-09 10:02 - 2016-06-04 17:53 - 000000000 ____D C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-07-09 09:12 - 2018-11-01 10:47 - 000000000 __SHD C:\Users\Public\DRM
2019-07-07 22:07 - 2017-06-16 15:06 - 000007647 _____ C:\Users\John\AppData\Local\Resmon.ResmonCfg
2019-07-06 21:05 - 2019-02-01 11:44 - 000000000 ____D C:\Users\John\Desktop\runy
2019-07-06 21:00 - 2016-06-04 17:39 - 000000000 ___SD C:\Users\John\AppData\LocalLow\Temp
2019-07-06 16:57 - 2017-08-29 08:42 - 000000000 ____D C:\Users\John\AppData\Local\Sublime Text 3
2019-07-06 11:27 - 2016-09-21 22:26 - 000000000 ____D C:\Windows\pss
2019-07-06 11:27 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-07-06 11:27 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-07-06 08:07 - 2019-02-03 10:09 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-06 02:25 - 2018-07-19 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-07-05 12:17 - 2016-09-10 18:45 - 000000000 ____D C:\Program Files (x86)\Opera
2019-07-02 10:13 - 2017-02-21 17:47 - 000000000 ____D C:\Users\John\AppData\Roaming\obs-studio
2019-07-01 17:34 - 2016-06-04 20:55 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-07-01 17:30 - 2016-06-04 20:56 - 000000000 ____D C:\Users\John\AppData\Roaming\Adobe
2019-07-01 17:30 - 2016-06-04 20:55 - 000000000 ____D C:\ProgramData\Adobe
2019-07-01 08:55 - 2018-03-12 10:31 - 005069784 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-30 23:03 - 2018-03-11 15:57 - 000102224 _____ C:\Users\John\AppData\Local\GDIPFONTCACHEV1.DAT
2019-06-30 13:51 - 2017-06-12 12:19 - 000000000 ____D C:\Users\John\AppData\Roaming\VMware
2019-06-30 13:51 - 2017-06-12 12:19 - 000000000 ____D C:\Users\John\AppData\Local\VMware
2019-06-30 13:51 - 2016-07-12 10:05 - 000000000 ____D C:\Users\John\.VirtualBox
2019-06-29 12:06 - 2018-07-22 21:47 - 000000000 ____D C:\Users\John\Downloads\FRST-OlderVersion
2019-06-28 11:43 - 2019-04-12 05:45 - 000003732 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-06-28 11:43 - 2019-04-12 05:45 - 000003150 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-06-28 11:43 - 2018-03-23 11:25 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-06-27 23:19 - 2016-07-08 20:13 - 000000000 ____D C:\Users\John\AppData\Roaming\TeamViewer
2019-06-27 14:52 - 2019-01-14 16:28 - 000263224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-06-27 14:52 - 2019-01-05 12:29 - 000206056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-06-27 14:52 - 2019-01-05 12:29 - 000061688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-06-27 14:52 - 2018-10-20 02:00 - 000042504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-06-27 14:52 - 2017-11-16 17:05 - 000209256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 001030992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 000477288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 000387392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 000088160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-06-26 11:13 - 2018-02-06 00:34 - 000000000 ____D C:\Users\John\AppData\Roaming\.minecraft
2019-06-22 17:43 - 2018-11-13 18:31 - 000000000 ____D C:\Users\John\AppData\Local\Ubisoft Game Launcher
2019-06-22 00:24 - 2016-06-04 16:16 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-19 12:43 - 2016-06-16 20:58 - 000000000 ____D C:\folders shortcut
2019-06-18 21:43 - 2016-06-04 15:57 - 000000000 ____D C:\Users\John
2019-06-13 20:02 - 2016-06-04 20:55 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories ================

2018-12-26 12:13 - 2019-02-14 16:38 - 000000033 _____ () C:\Users\John\AppData\Roaming\AdobeWLCMCache.dat
2018-12-26 12:41 - 2018-12-27 15:25 - 000000028 _____ () C:\Users\John\AppData\Roaming\kulerdata.json
2019-01-08 16:42 - 2019-07-09 20:18 - 000034138 _____ () C:\Users\John\AppData\Roaming\VoiceMeeterBananaDefault.xml
2019-01-05 03:03 - 2019-01-06 18:26 - 000004634 _____ () C:\Users\John\AppData\Roaming\VoiceMeeterDefault.xml
2016-11-26 22:00 - 2017-09-23 21:52 - 000001480 _____ () C:\Users\John\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2017-01-06 04:05 - 2017-01-06 04:05 - 000003584 _____ () C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-06 09:27 - 2018-09-06 09:27 - 000001111 _____ () C:\Users\John\AppData\Local\gamma_ramp.reg
2018-01-29 00:40 - 2018-06-03 16:05 - 000000600 _____ () C:\Users\John\AppData\Local\PUTTY.RND
2018-07-27 14:26 - 2018-07-27 14:26 - 000000487 _____ () C:\Users\John\AppData\Local\ReclaiMe.config
2017-06-16 15:06 - 2019-07-07 22:07 - 000007647 _____ () C:\Users\John\AppData\Local\Resmon.ResmonCfg
2019-03-04 17:27 - 2019-03-04 17:27 - 000000003 _____ () C:\Users\John\AppData\Local\updater.log
2019-03-04 17:27 - 2019-03-04 17:27 - 000000425 _____ () C:\Users\John\AppData\Local\UserProducts.xml

==================== FLock ================

2017-10-28 00:09 C:\Windows\infpub.dat

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-07-02 09:57
==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-12-2019
# Duration: 00:00:03
# OS: Windows 7 Home Premium
# Cleaned: 13
# Failed: 0


***** [ Services ] *****

Deleted Update service

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{09A0F42F-1160-4B6C-9D3B-37A15F60ECDA}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0E408BD1-9465-4B3D-A9D5-C206B8D82947}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{17EA89D8-514B-498B-B188-735661460E3F}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{65E495A2-A54D-4F0D-8864-1008FBD5B2A2}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B79F2B45-9C1D-4604-8FF4-5A73BEA0DE9A}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E505C01C-73B3-4674-8CFB-6732EEED1B97}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted http://search.conduit.com/?ctid=CT33218 ... 7BBE&SSPV=
Deleted http://www.istartsurf.com/?type=hp&ts=1 ... XXZ1D81TPZ
Deleted http://www.istartsurf.com/?type=hp&ts=1 ... XXZ1D81TPZ
Deleted http://www.istartsurf.com/?type=hp&ts=1 ... XXZ4Y3Y2NT
Deleted http://www.trovi.com/?gd=&ctid=CT332189 ... F073&SSPV=
Deleted http://www.trovi.com/?gd=&ctid=CT332189 ... F073&SSPV=

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3231 octets] - [12/07/2019 19:54:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

OK. Dejte nové logy FRST+Addition.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2019
Ran by John (administrator) on JOHN-PC (13-07-2019 09:37:29)
Running from C:\Users\John\Downloads
Loaded Profiles: John (Available Profiles: John)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
() [File not signed] C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\SDK\CM_LibraryIO.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.43\opera_crashreporter.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Java\jre1.8.0_141\bin\javaw.exe
(SOKNO S.R.L. -> ) C:\Program Files (x86)\SpeedFan\speedfan.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-949114339-2066100574-2594248327-1000\...\Run: [BloodyToneMaker] => C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe [8555008 2017-10-16] () [File not signed]
HKU\S-1-5-21-949114339-2066100574-2594248327-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-949114339-2066100574-2594248327-1000\...\Run: [AvastBrowserAutoLaunch_D39FDF68DE73058B395809CCEB6C0150] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-949114339-2066100574-2594248327-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_pepper.exe [1452600 2019-06-29] (Adobe Inc. -> Adobe)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1456448 2017-03-01] (Image Line -> HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2017-12-22] (Beepa P/L) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-22] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.80\Installer\chrmstp.exe [2019-06-28] (AVAST Software s.r.o. -> AVAST Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A9D12E3-3DCF-40E3-80B9-803013CD2C22} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {20F2855A-9B28-4022-99B6-36E4DB6293AE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-06] (Piriform Ltd -> Piriform Ltd)
Task: {77064960-AE74-4218-80A6-5D2E16039A6D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
Task: {8D7E6AF0-44BB-402D-8C2C-A835EF2CFD2D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
Task: {9124367A-90C1-401F-99FD-79EA7552AA01} - System32\Tasks\AdobeGCInvoker-1.0-John-PC-John => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {9D6C3930-F621-4296-A748-5865083AD527} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {A30993DD-B4C8-45A6-B8B7-83DDFCF1B0D1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B1D77E51-7D67-444E-B3F5-61FD2F00823D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_pepper.exe [1452600 2019-06-29] (Adobe Inc. -> Adobe)
Task: {B7A4BB3A-B24E-42D8-9830-1D21197540A8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {EBC23B6F-5E09-43B9-A2B5-964A74F04CFA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {F5D2FE26-6C34-457B-A652-1E96E58C6E01} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {FE05E3C4-0EEA-458C-9464-41A491FBEE03} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-12] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{54287F57-F62E-4A77-887F-98CFD53339ED}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B1477436-BDB7-43DB-8368-4FEBFCEBABA8}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-25] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll [2005-09-23] (Microsoft Corporation) [File not signed]
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: dpdx1dpi.default
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default [2019-07-13]
FF NetworkProxy: Mozilla\Firefox\Profiles\dpdx1dpi.default -> backup.ftp", "127.0.0.1"
FF Extension: (Flash Debugger) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\@flash_debugger.xpi [2019-07-01]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\sp@avast.com.xpi [2019-01-23]
FF Extension: (Avast Online Security) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\wrc@avast.com.xpi [2018-07-17]
FF Extension: (Video DownloadHelper) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-07-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-12] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.co ... google.com"
CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default [2019-07-12]
CHR Extension: (Google Drive) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-04]
CHR Extension: (YouTube) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-04]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2019-07-03]
CHR Extension: (Slither.io Skins, Mods, Hack & Guide) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\dggomkijbihggjgcgdbnleolpleddaid [2016-06-12]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-15]
CHR Extension: (DarkOrbit SID Login) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgkcmijdllamjcbfeeheebbphpnbmbco [2019-07-01]
CHR Extension: (Avast Online Security) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-01]
CHR Extension: (Stream Video Downloader) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\imkngaibigegepnlckfcbecjoilcjbhf [2019-04-01]
CHR Extension: (Chromebook Recovery Utility) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2019-02-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-07-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-23]
CHR HKU\S-1-5-21-949114339-2066100574-2594248327-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (AdBlock) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-09-10]
OPR Extension: (Nimbus Screenshot & Screen Video Recorder) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\gjpihpkhgfngnbhhfdehlcmgfahbciip [2018-05-08]
OPR Extension: (Twitch Now) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\hiahmjdojdodmjjhhddegdnhcpjmokmo [2018-02-20]
OPR Extension: (Scripter) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\hpochgedhgonjnpbepkbnkkibkjigknc [2018-04-19]
OPR Extension: (Direct Currency Converter) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\jionklhcihkojemcnabgmdahckalngcl [2019-06-05]
OPR Extension: (Quasimodo) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbioggfbkfijplhkfhaedclnadjdcbnn [2018-07-05]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-02-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [499592 2019-03-27] (Advanced Micro Devices, Inc. -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-23] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [423288 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-23] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.80\elevation_service.exe [978720 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8577760 2019-05-08] (BattlEye Innovations e.K. -> )
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-05-30] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803456 2019-07-06] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S4 ewserver; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [191664 2018-02-26] (Trace Software International -> )
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S4 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [File not signed]
S3 impi_hydra; C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe [880296 2018-02-26] (Intel(R) Software Development Products -> Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
S4 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] (Razer USA Ltd. -> )
S4 RemoteSolverDispatcher; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe [264704 2018-02-26] (Mentor Graphics Corporation -> Mentor Graphics Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2018-05-27] (SolidWorks) [File not signed]
S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
S4 SWVisualize2018.BoostService; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe [59280 2018-02-26] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
S4 SWVisualize2018.Queue.Server; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe [24976 2018-02-26] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11446104 2019-04-24] (TeamViewer GmbH -> TeamViewer GmbH)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14346680 2018-05-11] (VMware, Inc. -> )
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation -> Microsoft Corporation)
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe [30720 2018-03-18] (Apache Software Foundation) [File not signed]
S3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.2.14\bin\mysqld.exe [14550440 2018-03-26] (MariaDB Corporation Ab -> )
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe [39551488 2017-12-28] () [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [52879752 2019-03-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [581512 2019-03-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [130536 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [395752 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [209256 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [263224 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206056 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61688 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42504 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169112 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [549416 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030992 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477288 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225816 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [387392 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.5.1\dbk64.sys [94040 2016-05-19] (Cheat Engine -> )
R3 CMUAC; C:\Windows\System32\DRIVERS\Headset6400x1.SYS [386560 2013-10-03] (C-MEDIA ELECTRONICS INC. -> A4Tech Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-06-04] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-06-04] (Disc Soft Ltd -> Disc Soft Ltd)
R3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [66728 2016-07-06] (NTONYX Ltd. -> Eugene V. Muzychenko)
R0 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [10265032 2018-03-17] (FACE IT LIMITED -> )
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [32384 2018-05-03] (Sony Mobile Communications AB -> Sony Mobile Communications)
S3 libusbK; C:\Windows\System32\DRIVERS\libusbK.sys [47200 2018-07-23] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S4 RsFx0310; C:\Windows\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [51224 2016-05-12] (Razer USA Ltd. -> Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer Inc. -> Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer Inc. -> Razer, Inc.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [40664 2015-02-03] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-05-04] (Apple, Inc.) [File not signed]
R3 VBAudioVMAUXVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmauxvaio64_win7.sys [41192 2019-01-06] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2019-01-05] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [213080 2018-06-29] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [222872 2018-06-29] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135768 2016-06-28] (Oracle Corporation -> Oracle Corporation)
R1 vmkbd3; C:\Windows\System32\DRIVERS\vmkbd.sys [52288 2018-05-11] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [93248 2017-09-05] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 wovad_micarray; C:\Windows\System32\drivers\womic.sys [35696 2017-11-25] (Beijing Wolicheng Technology Co., Ltd. -> Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-13 09:36 - 2019-07-13 09:37 - 000000000 ____D C:\Users\John\Desktop\rstasdf
2019-07-12 19:54 - 2019-07-12 19:55 - 000000000 ____D C:\AdwCleaner
2019-07-12 19:54 - 2019-07-12 19:54 - 007025360 _____ (Malwarebytes) C:\Users\John\Downloads\AdwCleaner.exe
2019-07-12 18:02 - 2019-07-12 18:02 - 002095104 _____ (Farbar) C:\Users\John\Downloads\FRST64.exe
2019-07-12 15:29 - 2019-07-12 15:29 - 000214846 _____ C:\Users\John\Downloads\curlpp-0.8.1 (1).zip
2019-07-12 15:09 - 2019-07-12 15:09 - 000214846 _____ C:\Users\John\Downloads\curlpp-0.8.1.zip
2019-07-12 14:54 - 2019-07-12 14:54 - 000000153 _____ C:\Users\John\Desktop\takt bisnis
2019-07-12 14:36 - 2019-07-12 14:36 - 000004416 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-12 14:33 - 2019-07-12 14:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-12 11:27 - 2019-07-12 11:27 - 000012666 _____ C:\Users\John\Downloads\GGModule.java
2019-07-11 13:14 - 2019-07-11 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-07-11 13:13 - 2019-06-27 14:52 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-07-11 13:12 - 2019-07-11 13:12 - 000549416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2019-07-11 13:12 - 2019-07-11 13:12 - 000038152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys
2019-07-10 16:09 - 2019-07-10 16:09 - 000026185 _____ C:\Users\John\Desktop\nastavnie.txt
2019-07-10 13:01 - 2019-07-10 13:01 - 000000000 ____D C:\Users\John\AppData\Local\Tempzxpsign8116301db2c8f574
2019-07-10 12:47 - 2019-07-10 12:47 - 000000000 ____D C:\Users\John\AppData\Local\Tempzxpsignd534ccc90a41cb79
2019-07-10 12:43 - 2019-07-10 12:43 - 000000000 ____D C:\Users\John\AppData\Local\Tempzxpsign23f218f613a06efe
2019-07-09 09:16 - 2019-07-09 09:16 - 007227870 _____ C:\Users\John\Downloads\launch4j-3.12-win32.exe
2019-07-07 22:30 - 2019-07-07 22:30 - 000000000 ____D C:\Users\John\AppData\Local\www.coderbag.com
2019-07-07 22:29 - 2019-07-07 22:29 - 000000738 _____ C:\Users\Public\Desktop\QuickCPU.lnk
2019-07-07 22:29 - 2019-07-07 22:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickCPU
2019-07-07 22:04 - 2019-06-12 18:30 - 000000000 ____D C:\Users\John\Desktop\Rust 2019 FPS Pack By Panj
2019-07-07 22:00 - 2019-07-07 22:00 - 002123105 _____ C:\Users\John\Downloads\Rust 2019 FPS Pack By Panj.rar
2019-07-07 11:39 - 2019-07-12 12:45 - 000000000 ____D C:\Users\John\Desktop\Popcorn Darkbot V1.13.11beta31
2019-07-07 11:38 - 2019-07-07 11:38 - 001214443 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta31.zip
2019-07-07 11:12 - 2019-07-07 11:12 - 000016113 _____ C:\Users\John\Downloads\document.pdf
2019-07-07 10:56 - 2019-07-07 10:56 - 000399348 _____ C:\Users\John\Downloads\DPD_cenník služieb medzinárodná preprava_2019 (1).pdf
2019-07-07 09:46 - 2019-07-12 14:32 - 000003454 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-John-PC-John
2019-07-06 22:59 - 2019-07-06 23:23 - 127056647 _____ C:\Users\John\Downloads\Videohive 11266469 - 140 Flash FX Elements V3.rar.opdownload
2019-07-06 12:21 - 2019-07-06 12:21 - 000000000 ____D C:\Users\John\AppData\Local\GameAnalytics
2019-07-05 12:17 - 2019-07-05 12:17 - 000001080 _____ C:\Users\Public\Desktop\Opera Browser.lnk
2019-07-03 14:56 - 2019-07-03 14:56 - 001214297 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta27.zip
2019-07-03 14:56 - 2019-07-03 14:56 - 000000000 ____D C:\Users\John\Desktop\Popcorn Darkbot V1.13.11beta27
2019-07-01 17:30 - 2019-07-01 17:33 - 000000000 ____D C:\Program Files (x86)\swiftwire
2019-07-01 17:30 - 2019-07-01 17:30 - 000000000 ____D C:\Users\John\AppData\Roaming\SWFWireDebugger
2019-07-01 10:55 - 2019-07-01 10:55 - 000001249 _____ C:\Users\John\Downloads\settings.ini
2019-07-01 10:39 - 2019-07-01 10:39 - 000202752 _____ () C:\Users\John\Downloads\Corvus.exe
2019-07-01 10:09 - 2019-07-01 10:09 - 000120523 _____ C:\Users\John\Downloads\report_5cfe96194f656_5cfe96194f6a4.pdf
2019-06-30 19:32 - 2019-06-30 19:32 - 000012789 _____ C:\Users\John\Downloads\beastformer.zip
2019-06-29 19:04 - 2019-07-01 14:32 - 000000000 ____D C:\Users\John\Desktop\Popcorn Darkbot V1.13.11beta22
2019-06-29 19:04 - 2019-06-29 19:04 - 001201064 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta22.zip
2019-06-29 01:44 - 2019-06-29 03:08 - 000000000 ____D C:\Users\John\Desktop\Popcorn Darkbot V1.13.11beta14
2019-06-29 01:43 - 2019-06-29 01:43 - 001198101 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta14.zip
2019-06-29 01:43 - 2019-06-29 01:43 - 001198101 _____ C:\Users\John\Downloads\Popcorn_Darkbot_V1.13.11beta14 (1).zip
2019-06-29 01:25 - 2019-07-12 14:32 - 000004428 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-06-29 01:24 - 2019-06-29 01:24 - 001207336 _____ (Adobe Inc) C:\Users\John\Downloads\flashplayer32pp_fa_install.exe
2019-06-28 23:35 - 2019-06-28 23:35 - 001528320 _____ (kernel-panik) C:\Users\John\Downloads\kprm_1.3.exe
2019-06-27 19:51 - 2019-06-27 19:51 - 000001003 _____ C:\Users\Public\Desktop\League of Legends.lnk
2019-06-27 19:50 - 2019-06-27 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2019-06-27 19:48 - 2019-06-27 19:48 - 098862144 _____ (Riot Games, Inc) C:\Users\John\Downloads\League%20of%20Legends%20installer%20NA.exe
2019-06-27 14:53 - 2019-06-27 14:52 - 000225816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-27 14:53 - 2019-06-27 14:52 - 000169112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-06-27 12:35 - 2019-06-27 12:35 - 000000000 ____D C:\Users\John\Desktop\dada
2019-06-26 11:50 - 2019-06-26 11:50 - 000000693 _____ C:\Users\Public\Desktop\Hextech Repair Tool.lnk
2019-06-26 11:49 - 2019-06-26 11:49 - 069902336 _____ C:\Users\John\Downloads\Hextech Repair Tool.msi
2019-06-26 11:46 - 2019-06-26 11:46 - 000002541 _____ C:\Users\John\Downloads\LOL_OPGG_Observer_2210294178_spectate.bat
2019-06-26 10:49 - 2019-06-26 10:49 - 000002545 _____ C:\Users\John\Downloads\LOL_OPGG_Observer_3717436160_replay.bat
2019-06-26 09:07 - 2019-06-26 09:07 - 000000076 _____ C:\Windows\system32\퐀െ
2019-06-24 21:52 - 2019-06-24 22:54 - 678873586 _____ C:\Users\John\Downloads\Bufo Alvarius (2017) ČR.mp4
2019-06-23 19:42 - 2019-06-23 19:42 - 000004446 _____ C:\Users\John\Downloads\2500.m3u8
2019-06-23 11:26 - 2019-07-12 14:32 - 000002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-06-22 22:09 - 2019-06-22 22:09 - 000875891 _____ C:\Users\John\Downloads\a24c6dada83097ef2eb6b38d4fe64aedc09fe61952237989333fd396a9d7284c.zip
2019-06-22 22:09 - 2019-06-22 22:09 - 000875765 _____ C:\Users\John\Downloads\flaggybird.apk
2019-06-19 13:34 - 2019-06-19 13:34 - 000003316 _____ C:\Users\John\Downloads\grafs.txt
2019-06-19 13:34 - 2019-06-19 13:34 - 000002412 _____ C:\Users\John\Downloads\amcharts.editor.html
2019-06-19 12:51 - 2019-06-19 12:51 - 000000897 _____ C:\Users\John\Desktop\desktop - Shortcut.lnk
2019-06-18 21:43 - 2019-06-18 21:43 - 000012202 _____ C:\Users\John\.bash_history
2019-06-17 15:29 - 2019-06-17 15:29 - 000021363 _____ C:\Users\John\Downloads\AdsManagerTemplate_v2.3_sk_SK.xltx
2019-06-17 15:24 - 2019-06-17 15:24 - 000024668 _____ C:\Users\John\Downloads\export_20190617_1524.csv
2019-06-17 15:23 - 2019-06-17 15:37 - 000024668 _____ C:\Users\John\Downloads\export.txt
2019-06-17 15:19 - 2019-06-17 15:21 - 000024512 _____ C:\Users\John\Downloads\export_20190617_1519.csv
2019-06-17 15:18 - 2019-06-17 15:18 - 000080728 _____ C:\Users\John\Downloads\export_20190617_1445.csv
2019-06-16 20:19 - 2019-06-16 20:19 - 000000000 ____D C:\Users\John\Downloads\VeraCrypt
2019-06-15 18:13 - 2019-06-15 18:13 - 004612343 _____ C:\Users\John\Downloads\forge-1.10.2-12.18.3.2185-installer-win.exe
2019-06-15 18:11 - 2019-06-15 18:11 - 003903829 _____ C:\Users\John\Downloads\Age+of+Engineering-1.1.2.zip
2019-06-15 14:56 - 2019-06-15 14:56 - 000001321 _____ C:\Users\John\Downloads\1.13.2-Aristois-Latest.zip

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-13 09:40 - 2018-05-27 14:28 - 000029324 _____ C:\Users\John\Downloads\FRST.txt
2019-07-13 09:37 - 2017-02-03 16:18 - 000000000 ____D C:\FRST
2019-07-12 17:59 - 2018-02-01 00:19 - 000000000 ____D C:\Users\John\AppData\LocalLow\Mozilla
2019-07-12 15:54 - 2018-07-29 00:15 - 000000000 ____D C:\Users\John\AppData\Roaming\discord
2019-07-12 15:03 - 2016-06-13 14:01 - 000000000 ____D C:\Users\John\Documents\Visual Studio 2015
2019-07-12 14:53 - 2019-05-31 22:28 - 000001733 _____ C:\Users\John\Desktop\Co pozriet na aute
2019-07-12 14:38 - 2009-07-14 06:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-12 14:38 - 2009-07-14 06:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-12 14:36 - 2018-07-08 21:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-12 14:36 - 2016-10-21 15:21 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-07-12 14:36 - 2016-10-21 15:21 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-07-12 14:36 - 2016-10-21 15:21 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-07-12 14:36 - 2016-10-21 15:21 - 000000000 ____D C:\Windows\system32\Macromed
2019-07-12 14:36 - 2016-06-04 20:55 - 000000000 ____D C:\Users\John\AppData\Local\Adobe
2019-07-12 14:32 - 2019-02-15 21:50 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-07-12 14:32 - 2018-09-06 18:43 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-07-12 14:32 - 2016-06-22 19:24 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-07-12 13:57 - 2019-01-31 04:33 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2019-07-12 11:05 - 2018-06-28 20:47 - 000000000 ____D C:\Users\John\AppData\Local\LogMeIn Hamachi
2019-07-12 10:57 - 2017-03-06 06:53 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-07-12 10:54 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-12 02:32 - 2016-06-04 17:02 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-07-11 13:14 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-07-11 00:50 - 2016-06-05 18:45 - 000000000 ____D C:\Users\John\AppData\Roaming\TS3Client
2019-07-11 00:50 - 2016-06-04 17:49 - 000000000 ____D C:\Program Files (x86)\Steam
2019-07-10 15:01 - 2016-07-29 17:42 - 000000000 ____D C:\Users\John\AppData\Roaming\vlc
2019-07-10 15:01 - 2016-06-04 17:36 - 000000000 ____D C:\Users\John\AppData\Roaming\uTorrent
2019-07-10 14:44 - 2016-06-04 16:54 - 000000000 ____D C:\ProgramData\Package Cache
2019-07-10 13:14 - 2016-06-25 14:18 - 000000000 ____D C:\Program Files\Adobe
2019-07-10 12:51 - 2019-06-04 23:22 - 000000000 ____D C:\Users\John\AppData\Local\BitTorrentHelper
2019-07-09 20:18 - 2019-01-08 16:42 - 000034138 _____ C:\Users\John\AppData\Roaming\VoiceMeeterBananaDefault.xml
2019-07-09 10:02 - 2016-06-04 17:53 - 000000000 ____D C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-07-09 09:12 - 2018-11-01 10:47 - 000000000 __SHD C:\Users\Public\DRM
2019-07-07 22:07 - 2017-06-16 15:06 - 000007647 _____ C:\Users\John\AppData\Local\Resmon.ResmonCfg
2019-07-06 21:05 - 2019-02-01 11:44 - 000000000 ____D C:\Users\John\Desktop\runy
2019-07-06 21:00 - 2016-06-04 17:39 - 000000000 ___SD C:\Users\John\AppData\LocalLow\Temp
2019-07-06 16:57 - 2017-08-29 08:42 - 000000000 ____D C:\Users\John\AppData\Local\Sublime Text 3
2019-07-06 11:27 - 2016-09-21 22:26 - 000000000 ____D C:\Windows\pss
2019-07-06 11:27 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-07-06 11:27 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-07-06 08:07 - 2019-02-03 10:09 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-06 02:25 - 2018-07-19 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-07-05 12:17 - 2016-09-10 18:45 - 000000000 ____D C:\Program Files (x86)\Opera
2019-07-02 10:13 - 2017-02-21 17:47 - 000000000 ____D C:\Users\John\AppData\Roaming\obs-studio
2019-07-01 17:34 - 2016-06-04 20:55 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-07-01 17:30 - 2016-06-04 20:56 - 000000000 ____D C:\Users\John\AppData\Roaming\Adobe
2019-07-01 17:30 - 2016-06-04 20:55 - 000000000 ____D C:\ProgramData\Adobe
2019-07-01 08:55 - 2018-03-12 10:31 - 005069784 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-30 23:03 - 2018-03-11 15:57 - 000102224 _____ C:\Users\John\AppData\Local\GDIPFONTCACHEV1.DAT
2019-06-30 13:51 - 2017-06-12 12:19 - 000000000 ____D C:\Users\John\AppData\Roaming\VMware
2019-06-30 13:51 - 2017-06-12 12:19 - 000000000 ____D C:\Users\John\AppData\Local\VMware
2019-06-30 13:51 - 2016-07-12 10:05 - 000000000 ____D C:\Users\John\.VirtualBox
2019-06-29 12:06 - 2018-07-22 21:47 - 000000000 ____D C:\Users\John\Downloads\FRST-OlderVersion
2019-06-28 11:43 - 2019-04-12 05:45 - 000003732 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-06-28 11:43 - 2019-04-12 05:45 - 000003150 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-06-28 11:43 - 2018-03-23 11:25 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-06-27 23:19 - 2016-07-08 20:13 - 000000000 ____D C:\Users\John\AppData\Roaming\TeamViewer
2019-06-27 14:52 - 2019-01-14 16:28 - 000263224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-06-27 14:52 - 2019-01-05 12:29 - 000206056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-06-27 14:52 - 2019-01-05 12:29 - 000061688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-06-27 14:52 - 2018-10-20 02:00 - 000042504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-06-27 14:52 - 2017-11-16 17:05 - 000209256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 001030992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 000477288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 000387392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-06-27 14:52 - 2016-06-22 19:24 - 000088160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-06-26 11:13 - 2018-02-06 00:34 - 000000000 ____D C:\Users\John\AppData\Roaming\.minecraft
2019-06-22 17:43 - 2018-11-13 18:31 - 000000000 ____D C:\Users\John\AppData\Local\Ubisoft Game Launcher
2019-06-22 00:24 - 2016-06-04 16:16 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-19 12:43 - 2016-06-16 20:58 - 000000000 ____D C:\folders shortcut
2019-06-18 21:43 - 2016-06-04 15:57 - 000000000 ____D C:\Users\John
2019-06-13 20:02 - 2016-06-04 20:55 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories ================

2018-12-26 12:13 - 2019-02-14 16:38 - 000000033 _____ () C:\Users\John\AppData\Roaming\AdobeWLCMCache.dat
2018-12-26 12:41 - 2018-12-27 15:25 - 000000028 _____ () C:\Users\John\AppData\Roaming\kulerdata.json
2019-01-08 16:42 - 2019-07-09 20:18 - 000034138 _____ () C:\Users\John\AppData\Roaming\VoiceMeeterBananaDefault.xml
2019-01-05 03:03 - 2019-01-06 18:26 - 000004634 _____ () C:\Users\John\AppData\Roaming\VoiceMeeterDefault.xml
2016-11-26 22:00 - 2017-09-23 21:52 - 000001480 _____ () C:\Users\John\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2017-01-06 04:05 - 2017-01-06 04:05 - 000003584 _____ () C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-06 09:27 - 2018-09-06 09:27 - 000001111 _____ () C:\Users\John\AppData\Local\gamma_ramp.reg
2018-01-29 00:40 - 2018-06-03 16:05 - 000000600 _____ () C:\Users\John\AppData\Local\PUTTY.RND
2018-07-27 14:26 - 2018-07-27 14:26 - 000000487 _____ () C:\Users\John\AppData\Local\ReclaiMe.config
2017-06-16 15:06 - 2019-07-07 22:07 - 000007647 _____ () C:\Users\John\AppData\Local\Resmon.ResmonCfg
2019-03-04 17:27 - 2019-03-04 17:27 - 000000003 _____ () C:\Users\John\AppData\Local\updater.log
2019-03-04 17:27 - 2019-03-04 17:27 - 000000425 _____ () C:\Users\John\AppData\Local\UserProducts.xml

==================== FLock ================

2017-10-28 00:09 C:\Windows\infpub.dat

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-07-02 09:57
==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {F5D2FE26-6C34-457B-A652-1E96E58C6E01} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
C:\Users\John\AppData\Local\Tempzxpsign8116301db2c8f574
C:\Users\John\AppData\Local\Tempzxpsignd534ccc90a41cb79
C:\Users\John\AppData\Local\Tempzxpsign23f218f613a06efe
C:\Windows\system32\퐀െ
C:\Users\John\AppData\LocalLow\Temp
C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
AlternateDataStreams: C:\Users\Public\DRM:احتضان [48]
FirewallRules: [TCP Query User{5226ADAC-6FAA-41E7-B770-208A682DCA19}C:\folders shortcut\downloads 2\anydesk (1).exe] => (Allow) C:\folders shortcut\downloads 2\anydesk (1).exe No File
FirewallRules: [UDP Query User{733B039C-7736-4043-98CC-0CAABC6F58AB}C:\folders shortcut\downloads 2\anydesk (1).exe] => (Allow) C:\folders shortcut\downloads 2\anydesk (1).exe No File
FirewallRules: [{2BD2A10B-4619-43F6-8742-16FE0CEEC6C9}] => (Block) C:\folders shortcut\downloads 2\anydesk (1).exe No File
FirewallRules: [{6C77169E-C246-4364-829F-72D370B00328}] => (Block) C:\folders shortcut\downloads 2\anydesk (1).exe No File

Hosts:
EmptyTemp:
End

Uložte do C:\Users\John\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.