Sorry, tie veci robí nie Opera, ale Vivaldi.Opera je čistá.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.09.2018
Ran by Martin (administrator) on MARTIN-PC (19-09-2018 09:55:53)
Running from C:\Users\Martin\Downloads
Loaded Profiles: Martin (Available Profiles: Martin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 9 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-08-17] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B5844788-BED4-4849-99BF-940E9B612EC4}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-515885200-768628804-3900138106-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-515885200-768628804-3900138106-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-515885200-768628804-3900138106-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-515885200-768628804-3900138106-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://
www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-515885200-768628804-3900138106-1000 -> {A8A2381B-85B6-4030-B763-863A4F470EAD} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-11-07] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-11-07] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-11-07] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-11-07] (Google Inc.)
Toolbar: HKU\S-1-5-21-515885200-768628804-3900138106-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-11-07] (Google Inc.)
FireFox:
========
FF DefaultProfile: ef26py92.default
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ii5mfmc2.default [2018-02-04]
FF Homepage: Mozilla\SeaMonkey\Profiles\ii5mfmc2.default ->
www.google.com
FF NewTab: Mozilla\SeaMonkey\Profiles\ii5mfmc2.default -> about:newtab
FF Extension: (DOM Inspector) - C:\Users\Martin\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ii5mfmc2.default\Extensions\
inspector@mozilla.org [2016-09-22] [Legacy]
FF Extension: (ChatZilla) - C:\Users\Martin\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ii5mfmc2.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2015-09-30] [Legacy]
FF Extension: (NoScript) - C:\Users\Martin\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ii5mfmc2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-09-23] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Martin\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ii5mfmc2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-08] [Legacy]
FF Extension: (JavaScript Debugger) - C:\Users\Martin\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ii5mfmc2.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2016-09-22] [Legacy]
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ef26py92.default [2018-09-06]
FF Homepage: Mozilla\Firefox\Profiles\ef26py92.default -> about:home
FF Extension: (Popup Blocker Ultimate) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ef26py92.default\Extensions\{60B7679C-BED9-11E5-998D-8526BB8E7F8B}.xpi [2018-02-03]
FF Extension: (No Name) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ef26py92.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\a8zub8k1.default [2018-02-04]
FF HKLM\...\Thunderbird\Extensions: [
eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [
eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Firefox\Extensions: [
acewebextension_unlisted@acestream.org] - C:\Users\Martin\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll [2018-09-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-12] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default [2018-09-04]
CHR Extension: (Dokumenty) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-27]
CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-27]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-10-27]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-27]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-27]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-04]
CHR HKU\S-1-5-21-515885200-768628804-3900138106-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (AdBlock) - C:\Users\Martin\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2017-06-19]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-28] (Advanced Micro Devices, Inc.) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [895056 2018-08-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [226000 2018-08-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [226000 2018-08-27] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1148568 2018-08-27] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [436848 2018-08-17] (Avira Operations GmbH & Co. KG)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42096 2016-11-28] (Dropbox, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2012-04-22] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [73240 2018-08-27] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [199920 2018-08-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [153040 2018-08-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2018-08-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2018-08-27] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [34128 2018-08-27] (Avira Operations GmbH & Co. KG)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [197240 2017-12-03] (360.cn)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0121.sys [38432 2016-09-18] (SoftEther Corporation)
S3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2015-08-10] (The OpenVPN Project)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-06-28] (Anchorfree Inc.)
U5 UnlockerDriver5; D:\Nový priečinok\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2016-10-13] (Wondershare)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 DeepATS; \??\C:\Program Files (x86)\360\360Safe\deepscan\AtS64.sys [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
S2 WinDivert1.2; \??\C:\Windows\system32\drivers\WinDivert64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-19 09:55 - 2018-09-19 09:58 - 000012931 _____ C:\Users\Martin\Downloads\FRST.txt
2018-09-19 09:55 - 2018-09-19 09:55 - 000001119 _____ C:\Users\Martin\Desktop\FRST64 - odkaz.lnk
2018-09-19 09:55 - 2018-09-19 09:55 - 000000000 ____D C:\FRST
2018-09-19 09:53 - 2018-09-19 09:53 - 002413568 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe
2018-09-18 12:55 - 2018-09-18 12:57 - 081980476 _____ C:\Users\Martin\Downloads\Uncut - November 2018.pdf
2018-09-18 10:19 - 2018-09-18 10:19 - 000194821 _____ C:\Users\Martin\Downloads\ZS s MS Sar. Dravce 2.pdf
2018-09-18 09:58 - 2018-09-19 09:58 - 000003292 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2018-09-18 09:58 - 2018-08-27 15:28 - 000199920 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2018-09-18 09:58 - 2018-08-27 15:28 - 000153040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2018-09-18 09:58 - 2018-08-27 15:28 - 000078600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2018-09-18 09:58 - 2018-08-27 15:28 - 000073240 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avdevprot.sys
2018-09-18 09:58 - 2018-08-27 15:28 - 000035328 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2018-09-18 09:58 - 2018-08-27 15:28 - 000034128 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2018-09-17 14:05 - 2018-09-18 09:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-09-17 14:05 - 2018-09-18 09:58 - 000000000 ____D C:\Program Files (x86)\Avira
2018-09-17 14:04 - 2018-09-18 09:58 - 000000000 ____D C:\ProgramData\Avira
2018-09-08 17:58 - 2018-09-08 18:00 - 000000000 ____D C:\Users\Martin\AppData\Local\ZPN Connect
2018-09-06 14:11 - 2018-09-17 10:27 - 000004084 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1536235891
2018-09-06 14:11 - 2018-09-06 14:11 - 000001252 _____ C:\Users\Martin\Desktop\Prehliadač Opera.lnk
2018-09-06 14:11 - 2018-09-06 14:11 - 000001252 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2018-09-06 12:11 - 2018-09-06 12:11 - 018946676 _____ C:\Users\Martin\Downloads\2018-10-01 Q Magazine.pdf
2018-09-06 11:06 - 2018-09-06 11:06 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2018-09-04 14:59 - 2018-09-04 14:59 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-09-04 14:59 - 2018-09-04 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-09-04 14:54 - 2018-09-04 14:55 - 000000000 ____D C:\Program Files (x86)\GUM9FD7.tmp
2018-09-04 14:53 - 2018-09-04 15:04 - 000000000 ____D C:\Users\Martin\AppData\Local\AVAST Software
2018-09-04 14:53 - 2018-09-04 14:53 - 000001964 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Avast Passwords.lnk
2018-09-04 14:52 - 2018-09-04 14:52 - 001142072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-09-04 14:52 - 2018-09-04 14:52 - 001001272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-09-04 14:52 - 2018-09-04 14:52 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-09-04 14:29 - 2018-09-04 14:29 - 000000000 ____D C:\Users\Martin\AppData\Local\Avira Operations Gmbh & Co. KG
2018-09-04 14:28 - 2018-09-04 14:28 - 000000000 ____D C:\Windows\System32\Tasks\Avira
2018-09-04 14:27 - 2018-09-04 14:27 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2018-09-04 13:32 - 2018-09-04 13:32 - 000000000 ____D C:\Users\Martin\AppData\Local\mbam
2018-09-04 13:12 - 2018-09-04 13:12 - 000000000 ____D C:\Users\Martin\AppData\Local\CrashRpt
2018-08-26 12:21 - 2018-08-26 12:32 - 019380921 _____ C:\Users\Martin\Downloads\mojo-october-2018.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-19 09:54 - 2009-07-14 06:45 - 000021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-19 09:54 - 2009-07-14 06:45 - 000021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-19 09:52 - 2015-10-04 19:50 - 000000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2018-09-19 09:51 - 2009-07-14 07:13 - 000785302 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-19 09:51 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-09-19 09:47 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-18 13:58 - 2014-07-28 18:35 - 000000000 ____D C:\Users\Martin
2018-09-18 13:50 - 2014-08-23 21:09 - 000000000 ____D C:\Users\Martin\AppData\Roaming\vlc
2018-09-18 10:00 - 2016-01-14 18:08 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Seznam.cz
2018-09-17 14:04 - 2015-12-11 19:15 - 000000000 ____D C:\ProgramData\Package Cache
2018-09-16 11:44 - 2014-07-28 19:11 - 000000000 ____D C:\Program Files\WinRAR
2018-09-16 09:20 - 2014-07-29 13:15 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-09-15 15:04 - 2014-08-16 20:49 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Spotify
2018-09-12 13:52 - 2016-04-08 15:54 - 000004454 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-09-12 13:52 - 2015-10-04 19:50 - 000003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-09-12 13:52 - 2014-07-29 13:15 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-09-12 13:52 - 2014-07-29 13:15 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-12 13:52 - 2014-07-29 13:15 - 000000000 ____D C:\Windows\system32\Macromed
2018-09-12 12:52 - 2018-03-13 15:52 - 000004466 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-09-08 18:39 - 2014-08-24 12:31 - 000000000 ____D C:\Users\Martin\AppData\Local\ElevatedDiagnostics
2018-09-04 14:59 - 2015-05-09 15:30 - 000001066 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-09-04 14:59 - 2015-05-09 15:30 - 000001066 _____ C:\ProgramData\Desktop\VLC media player.lnk
2018-08-30 10:56 - 2017-06-18 21:49 - 000003860 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1497815344
2018-08-21 10:16 - 2009-07-14 07:08 - 000032516 _____ C:\Windows\Tasks\SCHEDLGU.TXT
==================== Files in the root of some directories =======
2014-05-08 06:05 - 2014-05-08 06:05 - 000000524 _____ () C:\Users\Martin\AppData\Roaming\159 dk orange bl 4.ADO
2015-02-12 07:07 - 2015-02-12 07:07 - 000000213 _____ () C:\Users\Martin\AppData\Roaming\3BSYBS1_DDVW_ErrLog.txt
2013-10-02 04:55 - 2013-10-02 04:55 - 000000940 _____ () C:\Users\Martin\AppData\Roaming\admon.graphics.extension.xml
2014-05-08 07:44 - 2014-05-08 07:44 - 000003523 _____ () C:\Users\Martin\AppData\Roaming\Adobe-Japan1-0
2013-10-02 04:54 - 2013-10-02 04:54 - 000000453 _____ () C:\Users\Martin\AppData\Roaming\Aqtau
2013-10-02 04:54 - 2013-10-02 04:54 - 000000065 _____ () C:\Users\Martin\AppData\Roaming\Bangui
2014-05-08 06:05 - 2014-05-08 06:05 - 000000524 _____ () C:\Users\Martin\AppData\Roaming\BMC blue 4.ADO
2010-07-19 23:16 - 2010-07-19 23:16 - 000004751 _____ () C:\Users\Martin\AppData\Roaming\b_no.jpg
2013-10-02 04:54 - 2013-10-02 04:54 - 000000549 _____ () C:\Users\Martin\AppData\Roaming\Catamarca
2013-10-02 04:55 - 2013-10-02 04:55 - 000001978 _____ () C:\Users\Martin\AppData\Roaming\caution.tif
2014-05-08 07:44 - 2014-05-08 07:44 - 000002828 _____ () C:\Users\Martin\AppData\Roaming\CNS2-V
2013-10-02 04:56 - 2013-10-02 04:56 - 000001266 _____ () C:\Users\Martin\AppData\Roaming\compact.list.item.spacing.xml
2014-05-08 06:05 - 2014-05-08 06:05 - 000000524 _____ () C:\Users\Martin\AppData\Roaming\Cool Gray 9 bl 4.ADO
2015-05-20 03:28 - 2015-05-20 03:28 - 000002176 _____ () C:\Users\Martin\AppData\Roaming\C_Enabled.png
2011-03-21 18:48 - 2011-03-21 18:48 - 000000512 _____ () C:\Users\Martin\AppData\Roaming\data2.cab
2013-10-02 04:55 - 2013-10-02 04:55 - 000002654 _____ () C:\Users\Martin\AppData\Roaming\dbtoepub
2013-10-02 04:56 - 2013-10-02 04:56 - 000001013 _____ () C:\Users\Martin\AppData\Roaming\double.sided.xml
2015-05-20 03:28 - 2015-05-20 03:28 - 000004817 _____ () C:\Users\Martin\AppData\Roaming\dsc_checkup_tile.png
2015-05-20 03:28 - 2015-05-20 03:28 - 000004997 _____ () C:\Users\Martin\AppData\Roaming\dsc_drivers_tile.png
2014-05-08 07:44 - 2014-05-08 07:44 - 000002862 _____ () C:\Users\Martin\AppData\Roaming\dut1995phon.env
2015-05-20 03:28 - 2015-05-20 03:28 - 000004279 _____ () C:\Users\Martin\AppData\Roaming\dxdiag.png
2007-01-16 02:00 - 2007-01-16 02:00 - 000003294 _____ () C:\Users\Martin\AppData\Roaming\Extravagancy.Y
2015-05-20 03:28 - 2015-05-20 03:28 - 000001592 _____ () C:\Users\Martin\AppData\Roaming\forward32.png
2013-10-02 04:54 - 2013-10-02 04:54 - 000001676 _____ () C:\Users\Martin\AppData\Roaming\Gibraltar
2013-10-02 04:56 - 2013-10-02 04:56 - 000005030 _____ () C:\Users\Martin\AppData\Roaming\graphics.xsl
2014-05-08 07:44 - 2014-05-08 07:44 - 000000672 _____ () C:\Users\Martin\AppData\Roaming\gre.fca
2013-10-02 04:54 - 2013-10-02 04:54 - 000000137 _____ () C:\Users\Martin\AppData\Roaming\Guatemala
2015-05-20 03:28 - 2015-05-20 03:28 - 000003291 _____ () C:\Users\Martin\AppData\Roaming\history_report_gray.png
2013-10-02 04:56 - 2013-10-02 04:56 - 000000941 _____ () C:\Users\Martin\AppData\Roaming\htmlhelp.autolabel.xml
2013-10-02 04:56 - 2013-10-02 04:56 - 000000963 _____ () C:\Users\Martin\AppData\Roaming\ignore.image.scaling.xml
2015-05-20 03:28 - 2015-05-20 03:28 - 000002116 _____ () C:\Users\Martin\AppData\Roaming\internetProperties.png
1987-02-02 02:00 - 1987-02-02 02:00 - 000046203 _____ () C:\Users\Martin\AppData\Roaming\Introvert.j6a
2013-10-02 04:56 - 2013-10-02 04:56 - 000001015 _____ () C:\Users\Martin\AppData\Roaming\javahelp.encoding.xml
2015-05-20 03:28 - 2015-05-20 03:28 - 000004676 _____ () C:\Users\Martin\AppData\Roaming\lid_closure.png
2014-05-08 06:05 - 2014-05-08 06:05 - 000000117 _____ () C:\Users\Martin\AppData\Roaming\More Saturated.hdt
2013-10-02 04:54 - 2013-10-02 04:54 - 000000097 _____ () C:\Users\Martin\AppData\Roaming\Nairobi
2013-10-02 04:56 - 2013-10-02 04:56 - 000001093 _____ () C:\Users\Martin\AppData\Roaming\navig.graphics.xml
2015-05-20 03:28 - 2015-05-20 03:28 - 000001519 _____ () C:\Users\Martin\AppData\Roaming\not_applicable_2.png
2015-05-20 03:28 - 2015-05-20 03:28 - 000001315 _____ () C:\Users\Martin\AppData\Roaming\pcdrfingerprintreader.p5m
2015-05-20 03:28 - 2015-05-20 03:28 - 000000781 _____ () C:\Users\Martin\AppData\Roaming\phone.png
2014-05-08 06:08 - 2014-05-08 06:08 - 000001433 _____ () C:\Users\Martin\AppData\Roaming\Plastic - Violet Purple, Strong & Flexible.3PP
2014-05-08 07:44 - 2014-05-08 07:44 - 000000972 _____ () C:\Users\Martin\AppData\Roaming\pol.fca
2013-10-02 04:55 - 2013-10-02 04:55 - 000001597 _____ () C:\Users\Martin\AppData\Roaming\projectteam.xml
2013-10-02 04:56 - 2013-10-02 04:56 - 000001085 _____ () C:\Users\Martin\AppData\Roaming\qanda.inherit.numeration.xml
2015-05-20 03:28 - 2015-05-20 03:28 - 000004156 _____ () C:\Users\Martin\AppData\Roaming\quick-test.png
2014-05-08 07:44 - 2014-05-08 07:44 - 000000889 _____ () C:\Users\Martin\AppData\Roaming\README_gu.txt
2014-05-08 07:44 - 2014-05-08 07:44 - 000001614 _____ () C:\Users\Martin\AppData\Roaming\s29.png
2015-05-20 03:28 - 2015-05-20 03:28 - 000003676 _____ () C:\Users\Martin\AppData\Roaming\save.png
2013-10-02 04:56 - 2013-10-02 04:56 - 000000883 _____ () C:\Users\Martin\AppData\Roaming\section.autolabel.xml
2013-10-02 04:56 - 2013-10-02 04:56 - 000001102 _____ () C:\Users\Martin\AppData\Roaming\section.title.level5.properties.xml
2015-05-20 03:28 - 2015-05-20 03:28 - 000001421 _____ () C:\Users\Martin\AppData\Roaming\security.png
2015-05-20 03:28 - 2015-05-20 03:28 - 000002649 _____ () C:\Users\Martin\AppData\Roaming\sysinfopage_forfile.css
2015-05-20 03:14 - 2015-05-20 03:14 - 000000110 _____ () C:\Users\Martin\AppData\Roaming\tweakChkDsk_ar.p5p
2015-05-20 03:14 - 2015-05-20 03:14 - 000000095 _____ () C:\Users\Martin\AppData\Roaming\tweakChkDsk_it.p5p
2015-05-20 03:14 - 2015-05-20 03:14 - 000000112 _____ () C:\Users\Martin\AppData\Roaming\tweakChkDsk_nl.p5p
2015-05-20 03:14 - 2015-05-20 03:14 - 000001728 _____ () C:\Users\Martin\AppData\Roaming\tweakNetworkingManual_ko.p5p
2013-10-02 04:56 - 2013-10-02 04:56 - 000001323 _____ () C:\Users\Martin\AppData\Roaming\ulink.show.xml
2015-05-20 03:28 - 2015-05-20 03:28 - 000001543 _____ () C:\Users\Martin\AppData\Roaming\user_attention.png
2017-10-17 21:40 - 2017-10-17 21:40 - 000009029 _____ () C:\Users\Martin\AppData\Local\recently-used.xbel
2015-06-16 17:54 - 2015-06-16 17:54 - 000000000 _____ () C:\Users\Martin\AppData\Local\Temp.dat
Some files in TEMP:
====================
2018-03-24 15:31 - 2018-02-22 11:48 - 000976416 _____ (BlueStack Systems, Inc.) C:\Users\Martin\AppData\Local\Temp\BlueStacksClientUninstaller.exe
2018-04-07 14:43 - 2005-04-06 11:47 - 000040960 _____ () C:\Users\Martin\AppData\Local\Temp\comver.dll
2018-08-05 11:19 - 2018-08-05 11:19 - 007258024 _____ (Hola Networks Ltd.) C:\Users\Martin\AppData\Local\Temp\Hola-Setup-x64-1.103.449.exe
2018-09-12 16:29 - 2018-09-12 16:29 - 007380392 _____ (Hola Networks Ltd.) C:\Users\Martin\AppData\Local\Temp\Hola-Setup-x64-1.107.108.exe
2018-02-08 18:36 - 2018-02-08 18:37 - 007188064 _____ (Hola Networks Ltd.) C:\Users\Martin\AppData\Local\Temp\Hola-Setup-x64-1.81.356.exe
2018-04-23 14:32 - 2018-04-23 14:32 - 007233448 _____ (Hola Networks Ltd.) C:\Users\Martin\AppData\Local\Temp\Hola-Setup-x64-1.92.264.exe
2018-09-05 11:37 - 2018-09-05 11:37 - 000379864 _____ (ESET) C:\Users\Martin\AppData\Local\Temp\InstHelper.exe
2018-03-24 15:31 - 2018-02-22 11:48 - 000421368 _____ (CodeTitans) C:\Users\Martin\AppData\Local\Temp\JSON.dll
2018-09-18 10:00 - 2018-09-18 10:00 - 000534528 _____ () C:\Users\Martin\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-09-15 16:46
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.09.2018
Ran by Martin (19-09-2018 09:58:40)
Running from C:\Users\Martin\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2014-07-28 16:35:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-515885200-768628804-3900138106-500 - Administrator - Disabled)
Guest (S-1-5-21-515885200-768628804-3900138106-501 - Limited - Disabled)
Martin (S-1-5-21-515885200-768628804-3900138106-1000 - Administrator - Enabled) => C:\Users\Martin
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F37078EA-4B6A-1D6F-6FED-3EDF2117B42C}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{532da46c-2aa3-4588-a4a2-b02bc641bf95}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{9620D4C2-CF5B-4DBE-8103-CC9DAB0871C6}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.40.12 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MotoGP URT 3 (HKLM-x32\...\MotoGP URT 3_is1) (Version: - THQ)
Opera Stable 55.0.2994.44 (HKLM-x32\...\Opera 55.0.2994.44) (Version: 55.0.2994.44 - Opera Software)
Opera Stable 55.0.2994.61 (HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Opera 55.0.2994.61) (Version: 55.0.2994.61 - Opera Software)
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Quake II (HKLM-x32\...\Quake2UninstallKey) (Version: - )
Spotify (HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Spotify) (Version: 1.0.77.338.g758ebd78 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tomb Raider III (HKLM-x32\...\Tomb Raider III) (Version: - )
TP-LINK Wireless Client Utility (HKLM-x32\...\{7A2A107B-9695-423F-9462-8F17C178BD35}) (Version: 7.0 - TP-LINK)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vivaldi (HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Vivaldi) (Version: 1.15.1147.55 - Vivaldi)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [.Akclap5962] -> {8a9b264c-eb61-4135-a455-0f6767c09462} => C:\Users\Martin\AppData\Roaming\kclap5962\kclap5962.dll [2016-07-08] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [Advanced System Protector] -> {00212D92-C5D8-4ff4-AE50-B20F0F85C40A} => -> No File
ContextMenuHandlers1: [duba_64bit] -> {DDEA5705-1BB0-4C03-AC1E-8FF9716A0D51} => -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-08-27] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [duba_64bit] -> {DDEA5705-1BB0-4C03-AC1E-8FF9716A0D51} => -> No File
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => D:\Nový priečinok\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [duba_64bit] -> {DDEA5705-1BB0-4C03-AC1E-8FF9716A0D51} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-07-28] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-08-27] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => D:\Nový priečinok\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1AD28213-097C-4893-B327-C071147AB296} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
Task: {299173C1-BEDC-4BE4-AF76-52C583E1B197} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe [2018-09-12] (Adobe Systems Incorporated)
Task: {4FCE8287-F99D-421F-A8BB-94F04C6C99A0} - System32\Tasks\Opera scheduled Autoupdate 1477133455 => C:\Program Files (x86)\Opera\launcher.exe
Task: {74FC347C-1BDA-4916-9FA0-84CA926BA809} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-19] (Adobe Systems Incorporated)
Task: {776464BC-99BD-4D1E-AB41-9CE8D2E4F386} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-07] (Google Inc.)
Task: {8833A238-587B-4E20-84AF-0AC198A046E8} - System32\Tasks\Opera scheduled Autoupdate 1536235891 => C:\Users\Martin\AppData\Local\Programs\Opera\launcher.exe [2018-09-13] (Opera Software)
Task: {8E43CCB0-D70F-41B3-A4BA-6D1055A29D7C} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-08-27] (Avira Operations GmbH & Co. KG)
Task: {AD9E773B-3189-4F77-9067-8AB3787B7FB0} - System32\Tasks\Opera scheduled Autoupdate 1497815344 => C:\Program Files (x86)\Opera\launcher.exe
Task: {CDAA5F8A-9019-43EB-A923-18371851666B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {D037912B-7859-49BC-BFD0-C482F1CF161D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {DA19EA11-F8FD-4C36-9BC5-C92AA6DBE2BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-07] (Google Inc.)
Task: {DBDA8427-2F42-4CC4-92C6-68642A719DC9} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_pepper.exe [2018-09-12] (Adobe Systems Incorporated)
Task: {F96B2165-AA32-4349-B138-0B738423926C} - System32\Tasks\{F529C778-212F-4A4C-A435-C1F3B293A60A} => C:\Windows\system32\pcalua.exe -a C:\Windows\IsUninst.exe -c -f"d:\Thomb raider 3\Uninst.isu"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-12-03 12:18 - 2016-07-08 16:35 - 000420192 _____ () C:\Users\Martin\AppData\Roaming\kclap5962\kclap5962.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 000020032 _____ () D:\Nový priečinok\Unlocker\UnlockerCOM.dll
2015-07-28 22:45 - 2015-07-28 22:45 - 000127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2018-09-18 09:58 - 2018-08-27 15:28 - 001204472 _____ () C:\Program Files (x86)\Avira\Antivirus\crypto-42.dll
2018-09-18 09:58 - 2018-08-27 15:28 - 000243352 _____ () C:\Program Files (x86)\Avira\Antivirus\ssl-44.dll
2017-12-03 12:18 - 2017-12-03 12:42 - 000640400 _____ () C:\Users\Martin\AppData\Roaming\kclap5962\kclap5962_core.dll
2017-07-17 19:30 - 2017-07-17 19:30 - 000863744 _____ () C:\Windows\mod_frst.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\100sexlinks.com -> 100sexlinks.com
There are 4788 more sites.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2017-07-27 17:09 - 000000130 _____ C:\Windows\system32\Drivers\etc\hosts
0.0.0.0
www.mefeedia.com
0.0.0.0
www.mefeedia.com
0.0.0.0 delivery.anchorfree.us/land.php
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-515885200-768628804-3900138106-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: iSkysoft Helper Compact.exe => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
MSCONFIG\startupreg: Spotify => C:\Users\Martin\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Martin\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: TIDAL => C:\Users\Martin\AppData\Local\TIDAL\update.exe --processStart TIDAL.exe --process-start-args " -autostart -minimized"
MSCONFIG\startupreg: Vivaldi Update Notifier => "D:\zde\html\vivaldi\Application\update_notifier.exe"
MSCONFIG\startupreg: ZPNConnect => C:\Users\Martin\AppData\Local\ZPN Connect\ZpnCli.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{646DCD8D-DF44-49C1-8F8E-C9FF2902413E}] => (Allow) D:\PROGRAMY\Steam\Steam.exe
FirewallRules: [{A2AD1C24-3EE8-4850-8E35-DFBB4C259DAA}] => (Allow) D:\PROGRAMY\Steam\Steam.exe
FirewallRules: [{D7B9C5CE-4AC8-48C1-BD71-B357B8BF3E5F}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{9A8EE00C-D15B-4081-98BC-A1B3116BD335}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{E15D46E9-0EA6-489E-9917-B27393EA56A1}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Tomb Raider Legend\trl.exe
FirewallRules: [{B12F4E68-0197-4558-B750-D4D26A9EAC50}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Tomb Raider Legend\trl.exe
FirewallRules: [TCP Query User{C5EB449F-BED4-49D4-8CE4-ADA02F25B1F3}C:\users\martin\appdata\roaming\xmusicupdate\xmusicserver.exe] => (Allow) C:\users\martin\appdata\roaming\xmusicupdate\xmusicserver.exe
FirewallRules: [UDP Query User{E20D8B8E-7B76-46C2-9AC2-8FCEA7D0CA8B}C:\users\martin\appdata\roaming\xmusicupdate\xmusicserver.exe] => (Allow) C:\users\martin\appdata\roaming\xmusicupdate\xmusicserver.exe
FirewallRules: [TCP Query User{916542B8-37B2-4B45-8060-109345C8D7D2}D:\motogp urt 3\motogp.exe] => (Allow) D:\motogp urt 3\motogp.exe
FirewallRules: [UDP Query User{94383437-B0C7-46BF-8400-48F5FAA98512}D:\motogp urt 3\motogp.exe] => (Allow) D:\motogp urt 3\motogp.exe
FirewallRules: [{4340AC80-268D-4F82-98E3-E4FE4E6330BE}] => (Allow) LPort=58172
FirewallRules: [{7F90DB53-54DC-467F-B390-D2E4D32DC869}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{50D55F4D-4E3B-41B2-A715-3ECA3D36AE4A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9FE49B77-DD32-436C-BCF3-3F2E7A138D35}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{156B5BE0-89CD-4A0C-9D50-93A6ABE80ADF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FC1D952F-5E1F-4A2D-8A00-7F2DAB0A4362}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Quake\Winquake.exe
FirewallRules: [{18D07B99-F756-477C-A3F8-9A0E0671E1AE}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Quake\Winquake.exe
FirewallRules: [{E4DE097F-E158-4E61-AF35-6722290BF174}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Quake\qwcl.exe
FirewallRules: [{528A0558-DB36-443A-970A-4BE62F812E2F}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Quake\qwcl.exe
FirewallRules: [{96BD2439-CF1D-4FFD-A2D3-2C51B89B4E94}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Quake\Glquake.exe
FirewallRules: [{B587AAA2-75F6-4894-800A-E35868546DD4}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Quake\Glquake.exe
FirewallRules: [{EA984656-E4B7-4B8B-898D-9986FA114EFB}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Quake\glqwcl.exe
FirewallRules: [{9FD3D1A5-524A-4C0F-9EF3-ECB25CE0FD4F}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Quake\glqwcl.exe
FirewallRules: [{74329262-E301-4638-8367-D6A951262F59}] => (Allow) D:\PROGRAMY\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B7D3E7B4-C0DB-46BB-B6FB-82088132BB13}] => (Allow) D:\PROGRAMY\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E08279C4-80DA-41D8-BA23-96109989693E}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe
FirewallRules: [{9966BADD-E931-4FE4-9461-2A3690CA82AE}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [{3EA558AE-056C-46E5-B953-7A322F3A5AFC}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [TCP Query User{1CE59B52-4ED8-4E7D-B33B-D2F02D7ED63F}C:\users\martin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\martin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DFA7C960-F2E3-4C6F-8A90-BD43DEDCD17A}C:\users\martin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\martin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{48884CF9-C9F6-4B7B-9618-519346195568}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Doom 3\Doom3.exe
FirewallRules: [{567B0639-D3DD-4FFE-A048-2B77CADBD5F6}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Doom 3\Doom3.exe
FirewallRules: [{D91B4033-AE34-4055-A42A-DCDA57194931}] => (Allow) D:\zde\html\vivaldi\Application\vivaldi.exe
FirewallRules: [{97E19586-905F-4B0A-832F-ABFC5A75EA18}] => (Allow) C:\Program Files (x86)\Opera\54.0.2952.71\opera.exe
FirewallRules: [{4F8B0055-4D28-45E1-AF25-96E24831A23D}] => (Allow) C:\Program Files (x86)\Opera\55.0.2994.44\opera.exe
FirewallRules: [{24D66D1C-93BE-41DA-BDCA-79847AF57FCC}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{89B2B90A-6156-4E57-977D-8CC722E4B1A8}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{B31206C4-5FEB-421D-A46E-5C6377FEB270}] => (Allow) C:\Users\Martin\AppData\Local\Programs\Opera\55.0.2994.56\opera.exe
FirewallRules: [{A872585B-00E1-4A7E-9B2E-E8F22C2C6E80}] => (Allow) C:\Users\Martin\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
==================== Restore Points =========================
04-11-2017 17:08:04 Plánovaný kontrolný bod
13-11-2017 17:09:45 Plánovaný kontrolný bod
09-12-2017 17:28:53 Plánovaný kontrolný bod
16-12-2017 16:02:42 Installed resident evil 4
17-12-2017 17:18:21 Removed resident evil 4
07-01-2018 17:17:42 Plánovaný kontrolný bod
21-01-2018 14:39:56 Plánovaný kontrolný bod
08-02-2018 14:49:01 Plánovaný kontrolný bod
17-02-2018 13:22:22 Plánovaný kontrolný bod
04-03-2018 14:28:34 Plánovaný kontrolný bod
12-03-2018 20:26:45 Plánovaný kontrolný bod
18-03-2018 17:27:35 Installed jetAudio Basic
18-03-2018 17:29:11 Removed jetAudio Basic
28-03-2018 19:23:15 Plánovaný kontrolný bod
10-04-2018 19:24:49 Plánovaný kontrolný bod
21-04-2018 12:42:15 Plánovaný kontrolný bod
28-04-2018 16:40:10 Plánovaný kontrolný bod
14-05-2018 18:34:18 Plánovaný kontrolný bod
26-05-2018 15:42:30 Plánovaný kontrolný bod
17-06-2018 13:11:03 Plánovaný kontrolný bod
30-06-2018 16:57:00 Plánovaný kontrolný bod
15-07-2018 20:57:28 Plánovaný kontrolný bod
22-07-2018 20:57:30 Plánovaný kontrolný bod
01-08-2018 12:06:41 Plánovaný kontrolný bod
08-08-2018 16:01:08 Plánovaný kontrolný bod
16-08-2018 20:37:46 Plánovaný kontrolný bod
26-08-2018 13:33:12 Plánovaný kontrolný bod
04-09-2018 14:42:20 Removed Avira Safe Shopping
04-09-2018 14:42:47 Removed Avira Home Guard
05-09-2018 11:32:52 Installed ESET Security
05-09-2018 11:34:30 Nainštalované: ESET NOD32 Antivirus
06-09-2018 11:06:32 Windows Update
18-09-2018 13:24:21 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
Name: WinDivert1.2
Description: WinDivert1.2
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WinDivert1.2
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Ethernet Controller
Description: Ethernet Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/19/2018 09:56:08 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov z kabinetu automatickej aktualizácie v: <
http://www.download.windowsupdate.com/m ... ootstl.cab> s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.
Error: (09/19/2018 09:56:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov z kabinetu automatickej aktualizácie v: <
http://www.download.windowsupdate.com/m ... ootstl.cab> s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.
Error: (09/19/2018 09:56:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov z kabinetu automatickej aktualizácie v: <
http://www.download.windowsupdate.com/m ... ootstl.cab> s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.
Error: (09/19/2018 09:53:26 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov z kabinetu automatickej aktualizácie v: <
http://www.download.windowsupdate.com/m ... ootstl.cab> s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.
Error: (09/19/2018 09:52:20 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov z kabinetu automatickej aktualizácie v: <
http://www.download.windowsupdate.com/m ... ootstl.cab> s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.
Error: (09/19/2018 09:51:36 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (09/19/2018 09:51:36 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (09/19/2018 09:49:11 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov z kabinetu automatickej aktualizácie v: <
http://www.download.windowsupdate.com/m ... ootstl.cab> s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.
System errors:
=============
Error: (09/19/2018 09:47:33 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (09/19/2018 09:47:33 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (09/19/2018 09:47:31 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
SBRE
Error: (09/19/2018 09:47:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby WinDivert1.2 zlyhalo kvôli nasledujúcej chybe:
Systém nemôže nájsť zadaný súbor.
Error: (09/19/2018 09:47:10 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (09/19/2018 09:47:06 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (09/19/2018 09:47:05 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (09/19/2018 09:47:04 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa nepodarilo spustiť.
Cesta k modulu: C:\Windows\system32\athExt.dll
Kód chyby: 126
Windows Defender:
===================================
Date: 2018-09-06 11:08:41.156
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{AE98B6B0-B283-436D-B583-8F2BFBCEDAF1}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan
Date: 2018-09-06 11:08:37.365
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{7078D724-96C6-46FD-A887-ACE1D1591977}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan
Date: 2018-09-06 11:07:54.903
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{3B58ABC9-4977-4189-B41B-3D214B4BA97C}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan
CodeIntegrity:
===================================
Date: 2018-09-16 11:45:25.683
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\WinRAR\sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.
Date: 2018-09-16 11:45:25.683
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\WinRAR\sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.
Date: 2018-09-16 11:45:25.683
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\WinRAR\sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.
Date: 2018-09-16 11:45:25.668
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\WinRAR\sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.
Date: 2018-09-16 11:45:25.668
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\WinRAR\sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.
Date: 2018-09-16 11:45:25.668
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\WinRAR\sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.
Date: 2018-09-16 11:45:25.652
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\WinRAR\sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.
Date: 2018-09-16 11:45:25.637
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\WinRAR\sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X3 460 Processor
Percentage of memory in use: 17%
Total physical RAM: 8154.46 MB
Available physical RAM: 6702.94 MB
Total Virtual: 16307.11 MB
Available Virtual: 14779.91 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:107.32 GB) (Free:19.27 GB) NTFS
Drive d: () (Fixed) (Total:358.34 GB) (Free:332.83 GB) NTFS
\\?\Volume{3ccbebad-1674-11e4-ba11-806e6f6e6963}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: A4C80B1C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=107.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=358.3 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================