LOG:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-12-2019
Ran by maja (administrator) on MAJA-PC (ASUSTeK COMPUTER INC. 1025C) (21-12-2019 20:53:51)
Running from C:\Users\maja\Desktop
Loaded Profiles: maja (Available Profiles: maja)
Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe
(ASUSTeK Computer Inc. -> ) C:\Windows\System32\AsusService.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\Asus\CapsHook\CapsHook.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\Asus\InstantOn for EPC\InsOnSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\Asus\InstantOn for EPC\InsOnWMI.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\Asus\HotkeyService\HotKeyMon.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\Asus\HotkeyService\HotkeyService.exe
(ASUSTeK Computer Inc. -> AsusTek Computer Inc.) C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\Asus\SHE\SuperHybridEngine.exe
(ASUSTeK Computer Inc. -> AsusTek Computer Inc.) C:\Program Files\Asus\USBChargeSetting\iSeriesCharge.exe
(AVAST Software -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Common Files\avast software\overseer\overseer.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google) C:\Users\maja\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\maja\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Panasonic Corporation -> Panasonic Corporation) C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
(VideACE Technology Co. -> ) C:\ExpressGateUtil\VAWinAgent.exe
(VideACE Technology Co. -> ) C:\ExpressGateUtil\VAWinService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [GfxServiceInstall] => C:\windows\system32\GfxCUIServiceInstall.vbs [131 2011-12-13] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [HotkeyMon] => C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe [101800 2011-08-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] => C:\Program Files\ASUS\HotkeyService\HotkeyService.exe [1263024 2011-08-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
HKLM\...\Run: [SuperHybridEngine] => C:\Program Files\ASUS\SHE\SuperHybridEngine.exe [425400 2011-12-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
HKLM\...\Run: [LiveUpdate] => C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [1095080 2011-11-10] (ASUSTeK Computer Inc. -> AsusTek Computer Inc.)
HKLM\...\Run: [CapsHook] => C:\Program Files\ASUS\CapsHook\CapsHook.exe [445344 2010-11-15] (ASUSTeK Computer Inc. -> ASUS)
HKLM\...\Run: [Eee Docking] => C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [417456 2011-07-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
HKLM\...\Run: [ASUSWebStorage] => C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (eCareme Technologies, Inc. -> ecareme)
HKLM\...\Run: [VizorHtmlDialog.exe] => C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [1123664 2010-10-08] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [112632 2010-10-12] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [218448 2010-10-20] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [VAWinAgent] => C:\ExpressGateUtil\VAWinAgent.exe [45448 2011-08-19] (VideACE Technology Co. -> )
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11004520 2011-09-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [1813800 2011-03-10] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [ASUSPRP] => C:\Program Files\ASUS\APRP\APRP.EXE [3331312 2012-01-05] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4767304 2013-03-07] (AVAST Software -> AVAST Software)
HKLM\...\Run: [iSeriesCharge] => C:\Program Files\ASUS\USBChargeSetting\iSeriesCharge.exe [99792 2012-06-28] (ASUSTeK Computer Inc. -> AsusTek Computer Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) [File not signed]
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\MountPoints2: {d976b0aa-b975-11e1-9f16-c86000283925} - "F:\WD SmartWare.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-06-18]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files\Asus\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HD Writer.lnk [2012-06-19]
ShortcutTarget: HD Writer.lnk -> C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Panasonic Corporation -> Panasonic Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {20C6F29C-6775-48F4-92AC-CE7B1F5E9136} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [179584 2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {5CF3F392-A911-4BAF-8020-B4E549587B66} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-03-05] (Google Inc -> Google Inc.)
Task: {803560C3-6BA7-4816-B0FF-C208273EB071} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-03-05] (Google Inc -> Google Inc.)
Task: {849DEB90-FE9E-431D-A87B-D37375950FF9} - System32\Tasks\{D4D9D4B7-8E7C-424B-90CB-E18EA14828C7} => C:\windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {AFE1D72C-6B24-4D1D-9927-FEAFEB2921F7} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2736056 2018-08-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {BA28B958-0B12-4DD4-A9AB-8AD07F128258} - System32\Tasks\{C43DE92B-354B-4856-BE42-D11A724BCF31} => C:\windows\system32\pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {EBEEC802-4B42-4A82-BDC6-9D7212346996} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-03-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F8F5F944-72BC-4E79-A7E1-1F4A9424DDC4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1455456 2017-12-06] (AVAST Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{2B4FF6E6-1428-4111-A16E-2BF526659DB9}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{A18BAFC2-B3D5-4792-BE2B-3CA83C1C94B3}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{E3B31B79-9E60-4487-87D9-B541BB568345}: [DhcpNameServer] 192.168.1.1 10.24.0.23
Internet Explorer:
==================
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3898336196-934405070-3867738441-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3898336196-934405070-3867738441-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension
FF Extension: (Trend Micro NSC Firefox Extension) - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension [2012-01-05] [Legacy] [not signed]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) [File not signed]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR NewTab: Default -> Not-active:"chrome-extension://kpocjpoifmommoiiiamepombpeoaehfh/dynamicNewTab.html"
CHR Notifications: Default -> hxxp://youzeek.com; hxxps://www.youtube.com
CHR Profile: C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default [2019-12-21]
CHR Extension: (Vyhledávání Google) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-09]
CHR Extension: (avast! WebRep) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2013-04-14]
CHR Extension: (EasyPDFCombine) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh [2019-12-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-01]
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-25]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Amsp; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [196320 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 ASUS InstantOn; C:\Program Files\ASUS\InstantOn for EPC\InsOnSrv.exe [92800 2011-12-01] (ASUSTeK Computer Inc. -> ASUS)
R2 AsusService; C:\windows\system32\AsusService.exe [224680 2011-08-09] (ASUSTeK Computer Inc. -> )
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software -> AVAST Software)
S3 DCDhcpService; C:\Program Files\WiSharing\DCDhcpService.exe [108544 2011-09-16] (Atheros Communication Inc.) [File not signed]
R2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [161104 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [91464 2011-03-26] (VideACE Technology Co. -> )
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1713536 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiDriver; C:\windows\System32\DRIVERS\AiDriver.sys [14720 2012-05-07] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R1 AsIO; C:\windows\System32\drivers\AsIO.sys [11456 2010-06-28] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11832 2010-08-03] (ASUSTeK Computer Inc. -> )
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-03-07] (AVAST Software -> AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [66336 2013-03-07] (AVAST Software -> AVAST Software)
R1 aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [60656 2013-03-07] (AVAST Software -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49248 2013-03-07] (AVAST Software -> )
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [765736 2013-03-07] (AVAST Software -> AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [368176 2013-03-07] (AVAST Software -> AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [62376 2013-03-07] (AVAST Software -> AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [164736 2013-03-07] (AVAST Software -> )
R3 athr; C:\windows\System32\DRIVERS\athr.sys [2205696 2011-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 DETECT PS2: ; C:\Program Files\ASUS\LiveUpdate\DetectSys.sys [6144 2010-05-26] (ELAN Microelectronic Corp.) [File not signed]
S3 dsNcAdpt; C:\windows\System32\DRIVERS\dsNcAdpt.sys [27648 2014-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Juniper Networks)
R3 ETD; C:\windows\System32\DRIVERS\ETD.sys [118568 2011-03-10] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] (ASUSTeK Computer Inc. -> )
R1 tmactmon; C:\windows\System32\DRIVERS\tmactmon.sys [80464 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmcomm; C:\windows\System32\DRIVERS\tmcomm.sys [189520 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmevtmgr; C:\windows\System32\DRIVERS\tmevtmgr.sys [64080 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmtdi; C:\windows\System32\DRIVERS\tmtdi.sys [92112 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-21 20:53 - 2019-12-21 21:02 - 000022104 _____ C:\Users\maja\Desktop\FRST.txt
2019-12-21 20:51 - 2019-12-21 21:00 - 000000000 ____D C:\FRST
2019-12-21 19:57 - 2019-12-21 20:04 - 001992192 _____ (Farbar) C:\Users\maja\Desktop\FRST.exe
2019-12-11 20:19 - 2019-12-11 20:21 - 000000000 ____D C:\windows\rescache
2019-12-11 13:28 - 2019-11-15 02:58 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2019-12-11 13:22 - 2019-12-06 02:40 - 000472064 _____ (Microsoft Corporation) C:\windows\system32\EOSNotify.exe
2019-12-11 13:22 - 2019-11-28 04:33 - 000069048 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2019-12-11 13:22 - 2019-11-28 04:32 - 004061616 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2019-12-11 13:22 - 2019-11-28 04:32 - 003967416 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2019-12-11 13:22 - 2019-11-28 04:32 - 000191416 _____ (Microsoft Corporation) C:\windows\system32\halmacpi.dll
2019-12-11 13:22 - 2019-11-28 04:32 - 000191416 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2019-12-11 13:22 - 2019-11-28 04:32 - 000138192 _____ (Microsoft Corporation) C:\windows\system32\halacpi.dll
2019-12-11 13:22 - 2019-11-28 04:32 - 000137656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2019-12-11 13:22 - 2019-11-28 04:31 - 001316424 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2019-12-11 13:22 - 2019-11-28 04:29 - 000307200 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2019-12-11 13:22 - 2019-11-28 04:02 - 002407424 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2019-12-11 13:22 - 2019-11-26 21:22 - 000532192 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2019-12-11 13:22 - 2019-11-23 07:57 - 000341896 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2019-12-11 13:22 - 2019-11-21 03:16 - 000496640 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2019-12-11 13:22 - 2019-11-19 09:17 - 020290048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2019-12-11 13:22 - 2019-11-19 08:56 - 002304000 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2019-12-11 13:22 - 2019-11-19 08:49 - 000662528 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2019-12-11 13:22 - 2019-11-19 08:43 - 000668160 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2019-12-11 13:22 - 2019-11-19 08:26 - 004112384 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2019-12-11 13:22 - 2019-11-19 08:23 - 002058752 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2019-12-11 13:22 - 2019-11-19 08:22 - 001155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2019-12-11 13:22 - 2019-11-19 08:20 - 013838336 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2019-12-11 13:22 - 2019-11-19 08:05 - 004387840 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2019-12-11 13:22 - 2019-11-19 08:01 - 001331712 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2019-12-11 13:22 - 2019-11-15 03:32 - 000311008 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 001330176 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000583680 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000479232 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000215040 _____ (Microsoft Corporation) C:\windows\system32\icm32.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000111616 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000071680 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2019-12-11 13:22 - 2019-11-15 03:13 - 000448000 _____ (Microsoft Corporation) C:\windows\system32\printfilterpipelinesvc.exe
2019-12-11 13:22 - 2019-11-15 03:13 - 000025088 _____ (Microsoft Corporation) C:\windows\system32\printfilterpipelineprxy.dll
2019-12-11 13:22 - 2019-11-15 02:59 - 000033280 _____ (Microsoft Corporation) C:\windows\system32\WcsPlugInService.dll
2019-12-11 13:22 - 2019-11-15 02:55 - 000258048 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2019-12-11 13:22 - 2019-11-05 22:27 - 000137144 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2019-12-11 13:22 - 2019-10-26 01:17 - 001465344 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 001072640 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000872448 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000812544 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000644096 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000555520 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000294400 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000261632 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000254464 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000223232 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000171008 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000167936 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000141312 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000099840 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000082432 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000070144 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:04 - 000097792 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2019-12-11 13:21 - 2019-11-28 04:04 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2019-12-11 13:21 - 2019-11-28 04:04 - 000029696 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2019-12-11 13:21 - 2019-11-28 04:04 - 000016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2019-12-11 13:21 - 2019-11-28 04:04 - 000009728 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2019-12-11 13:21 - 2019-11-28 04:03 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2019-12-11 13:21 - 2019-11-28 04:02 - 000271360 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2019-12-11 13:21 - 2019-11-28 04:01 - 000262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2019-12-11 13:21 - 2019-11-28 04:01 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2019-12-11 13:21 - 2019-11-28 03:59 - 000317440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000314880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000226304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000126464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000117248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000098816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2019-12-11 13:21 - 2019-11-28 03:57 - 000055296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000053760 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\viac7.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000052736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000052224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000036352 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000035328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\npfs.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2019-12-11 13:21 - 2019-11-28 03:57 - 000015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-12-11 13:21 - 2019-11-19 09:11 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2019-12-11 13:21 - 2019-11-19 09:11 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2019-12-11 13:21 - 2019-11-19 08:59 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2019-12-11 13:21 - 2019-11-19 08:58 - 000341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2019-12-11 13:21 - 2019-11-19 08:58 - 000047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2019-12-11 13:21 - 2019-11-19 08:57 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2019-12-11 13:21 - 2019-11-19 08:53 - 000047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2019-12-11 13:21 - 2019-11-19 08:52 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2019-12-11 13:21 - 2019-11-19 08:50 - 000476160 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2019-12-11 13:21 - 2019-11-19 08:49 - 000620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2019-12-11 13:21 - 2019-11-19 08:49 - 000115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2019-12-11 13:21 - 2019-11-19 08:49 - 000104960 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2019-12-11 13:21 - 2019-11-19 08:40 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2019-12-11 13:21 - 2019-11-19 08:36 - 000073216 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2019-12-11 13:21 - 2019-11-19 08:36 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2019-12-11 13:21 - 2019-11-19 08:35 - 000091136 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2019-12-11 13:21 - 2019-11-19 08:33 - 000168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2019-12-11 13:21 - 2019-11-19 08:33 - 000076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2019-12-11 13:21 - 2019-11-19 08:31 - 000279040 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2019-12-11 13:21 - 2019-11-19 08:30 - 000130048 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2019-12-11 13:21 - 2019-11-19 08:24 - 000230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2019-12-11 13:21 - 2019-11-19 08:23 - 000696320 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2019-12-11 13:21 - 2019-11-19 08:23 - 000692224 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2019-12-11 13:21 - 2019-11-19 08:00 - 000710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 001425920 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 000380928 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 000010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2019-12-11 13:21 - 2019-11-15 03:04 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll
2019-12-11 13:21 - 2019-11-15 02:59 - 000034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-21 20:03 - 2009-07-14 05:34 - 000016160 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-21 20:03 - 2009-07-14 05:34 - 000016160 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-21 19:27 - 2009-07-14 05:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-12-18 21:13 - 2018-01-09 20:44 - 000004174 _____ C:\windows\system32\Tasks\Avast Emergency Update
2019-12-18 09:31 - 2011-02-16 18:02 - 000693138 _____ C:\windows\system32\perfh005.dat
2019-12-18 09:31 - 2011-02-16 18:02 - 000149892 _____ C:\windows\system32\perfc005.dat
2019-12-18 09:31 - 2009-07-27 11:11 - 001641976 _____ C:\windows\system32\PerfStringBackup.INI
2019-12-18 09:31 - 2009-07-14 03:37 - 000000000 ____D C:\windows\inf
2019-12-14 17:06 - 2019-05-11 13:39 - 000000000 ____D C:\Users\maja\AppData\Roaming\Spotify
2019-12-14 09:10 - 2019-05-11 13:40 - 000000000 ____D C:\Users\maja\AppData\Local\Spotify
2019-12-14 00:32 - 2012-06-18 18:38 - 000003376 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-14 00:32 - 2012-06-18 18:38 - 000003248 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-11 18:34 - 2009-07-14 05:33 - 000357096 _____ C:\windows\system32\FNTCACHE.DAT
2019-12-11 17:06 - 2013-09-18 14:21 - 000000000 ____D C:\windows\system32\MRT
2019-12-11 16:49 - 2012-06-19 20:53 - 126061744 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2019-12-02 20:37 - 2009-07-14 05:53 - 000032584 _____ C:\windows\Tasks\SCHEDLGU.TXT
2019-12-01 11:04 - 2012-06-18 18:37 - 000000000 ____D C:\Program Files\Google
2019-11-29 00:45 - 2019-07-28 11:03 - 000000000 ____D C:\Users\maja\AppData\Roaming\vlc
2019-11-21 22:31 - 2012-06-18 18:39 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-21 22:30 - 2012-06-18 18:39 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-11-21 22:30 - 2012-06-18 18:39 - 000002129 _____ C:\ProgramData\Desktop\Google Chrome.lnk
==================== Files in the root of some directories ========
2012-07-13 20:47 - 2012-08-01 18:15 - 000004608 _____ () C:\Users\maja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-12-09 01:19
==================== End of FRST.txt ========================
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-12-2019
Ran by maja (21-12-2019 21:08:06)
Running from C:\Users\maja\Desktop
Microsoft Windows 7 Starter Service Pack 1 (X86) (2012-06-18 17:14:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3898336196-934405070-3867738441-500 - Administrator - Disabled)
Guest (S-1-5-21-3898336196-934405070-3867738441-501 - Limited - Disabled)
maja (S-1-5-21-3898336196-934405070-3867738441-1000 - Administrator - Enabled) => C:\Users\maja
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Out of date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium (Disabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902}
AS: avast! Antivirus (Disabled - Out of date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Trend Micro Titanium (Disabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
ASUS WebStorage (HKLM\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
AsusScreensaver (HKLM\...\{99E77016-BCF2-48C8-9119-43ECF5815F65}) (Version: 1.05 - AsusTek Computer Inc.)
ASUSUpdate for Eee PC (HKLM\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 1.06.03 - ASUSTeK Computer Inc.)
AsusVibe2.0 (HKLM\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
CapsHook (HKLM\...\{4B5092B6-F231-4D18-83BC-2618B729CA45}) (Version: 1.0.0.7 - AsusTek Computer)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
E-Cam (HKLM\...\{185AFA7A-F63E-450B-94AA-011CAC18090E}) (Version: 2.0.3.0 - AzureWave)
Eee Docking 3.10.5 (HKLM\...\Eee Docking_is1) (Version: 3.10.5 - ASUSTek Computer Inc.)
ETDWare PS/2-X86 8.0.5.2_WHQL (HKLM\...\Elantech) (Version: 8.0.5.2 - ELAN Microelectronic Corp.)
ExpressGateCloud (HKLM\...\{36B0DC39-3282-40EB-8587-B875CE46C3A7}) (Version: 2.7.44.279 - VideACE Co.) Hidden
ExpressGateCloud (HKLM\...\InstallShield_{36B0DC39-3282-40EB-8587-B875CE46C3A7}) (Version: 2.7.44.279 - VideACE Co.)
FontResizer (HKLM\...\{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek) Hidden
FontResizer (HKLM\...\InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Galeria fotografii usługi Windows Live (HKLM\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HD Writer AE 3.0 (HKLM\...\{5678B15A-504C-4A79-8554-05488A206E41}) (Version: 3.00.019.1033 - Panasonic Corporation)
Hotkey Service (HKLM\...\{71C0E38E-09F2-4386-9977-404D4F6640CD}) (Version: 1.45 - AsusTek Computer Inc.)
InstantOn for EPC (HKLM\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.1.6 - ASUS)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.14.8.1064 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Juniper Networks Setup Client (HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\Juniper_Setup_Client) (Version: 8.0.6.48695 - Juniper Networks)
Juniper Networks Setup Client Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LiveUpdate (HKLM\...\{38E5A3B1-ADF1-47E0-8024-76310A30EB36}) (Version: 1.30 - AsusTek Computer Inc.)
Media Sharing (HKLM\...\{9042F9FE-43CB-4ACF-9978-F62235127F90}) (Version: 0.65.6 - ASUS)
Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nero Backup Drivers (HKLM\...\{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}) (Version: 1.0.11100.8.0 - Nero AG)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Poczta usługi Windows Live (HKLM\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6473 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Sada Compatibility Pack pro systém Office 2007 (HKLM\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Spotify (HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\Spotify) (Version: 1.1.21.1654.g282a2807 - Spotify AB)
Super Hybrid Engine (HKLM\...\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}) (Version: 2.20 - AsusTek Computer)
Trend Micro Titanium (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 3.0 - Trend Micro Inc.)
Trend Micro Titanium (HKLM\...\{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 3.00 - Trend Micro Inc.) Hidden
USBCharge+ (HKLM\...\{8165EFD2-0EB8-4C4F-A0E4-0E641B117ED2}) (Version: 1.0.0.23 - AsusTek Computer)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.50 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WiSharing (HKLM\...\{21DD6041-7251-40FA-9D06-C5EB30268E0F}) (Version: 1.1.0.7 - AzureWave)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\ContextMenu.dll => No File
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\XPClient.DLL [2011-07-29] (eCareme Technologies, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2011-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
ContextMenuHandlers1_S-1-5-21-3898336196-934405070-3867738441-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\ContextMenu.dll -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2010-04-01 03:55 - 2010-04-01 03:55 - 000221184 _____ ( ) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.EZNamespaceExtensions.dll
2009-03-02 03:07 - 2009-03-02 03:07 - 000200704 _____ ( ) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.EZShellExtensions.dll
2009-03-02 03:08 - 2009-03-02 03:08 - 000003584 _____ () [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.PropSheetExtensionHelper.dll
2014-09-30 17:56 - 2014-09-30 08:42 - 002870272 _____ () [File not signed] C:\Program Files\AVAST Software\Avast\defs\14093000\algo.dll
2012-01-05 21:11 - 2010-09-17 09:32 - 000057344 _____ () [File not signed] C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
2012-01-05 21:11 - 2010-09-17 09:32 - 000049152 _____ () [File not signed] C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
2012-06-18 18:17 - 2011-09-28 01:13 - 000086528 _____ (Atheros Communications, Inc.) [File not signed] C:\Program Files\Qualcomm Atheros WiFi Driver Installation\AthIhvWlanExt.dll
2012-06-18 18:17 - 2011-09-28 01:12 - 000216064 _____ (Atheros Communications, Inc.) [File not signed] c:\program files\qualcomm atheros wifi driver installation\athihvwpap2p.dll
2011-07-28 09:48 - 2011-07-28 09:48 - 000274432 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\eCaremeDLL.dll
2011-07-29 10:37 - 2011-07-29 10:37 - 004526080 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\XPClient.dll
2012-06-19 19:16 - 2012-06-19 19:16 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2012-06-19 19:59 - 2012-06-19 19:59 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2009-10-29 02:41 - 2009-10-29 02:41 - 000270336 _____ (The Apache Software Foundation) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\log4net.dll
2013-03-17 11:19 - 2013-01-29 12:28 - 001169408 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\Avast\LIBEAY32.dll
2013-03-17 11:19 - 2013-01-29 12:28 - 000265216 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\Avast\SSLEAY32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared;C:\Program Files\Trend Micro\AMSP
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\Control Panel\Desktop\\Wallpaper -> %windir%\web\wallpaper\windows\img0.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{CB69B178-1ACD-4FD2-BF62-3932A684B8D1}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{35A57417-DEC3-413E-BA43-17C5FD5E840A}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{16538B9D-30D8-4110-B54A-CF7556319E23}] => (Allow) LPort=2869
FirewallRules: [{8CF4790F-48D8-4218-BDD0-C7EA96D5D961}] => (Allow) LPort=1900
FirewallRules: [{D3680A79-9481-4F71-93E2-6BD69083E228}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1FE5DF69-72D2-411F-9320-3FED7A080864}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{93C0EB7B-9BE6-46E4-94D6-4E91C7C6CFF6}] => (Allow) C:\Program Files\WiSharing\P2PUIMain.exe (Atheros Communication) [File not signed]
FirewallRules: [{2D046336-F76C-43A3-B6E9-6482BF283F4D}] => (Allow) C:\Program Files\WiSharing\DCDhcpService.exe (Atheros Communication Inc.) [File not signed]
FirewallRules: [TCP Query User{76CAC69A-71D5-423F-A4FD-BE592A3AD2DB}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [UDP Query User{036DFA49-D764-4D40-9F69-1A34D20FADF9}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [TCP Query User{5BAE9C57-28FF-4644-95D8-C85940D20359}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [UDP Query User{6E9DDEFF-FAC7-44FD-ABFD-8691E15EF4DA}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [TCP Query User{FF67B783-CA8D-4E97-8040-E9008AF7F9B0}C:\users\maja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{80876312-8FEA-44E4-A33E-AB86168D5D00}C:\users\maja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6FDA9B4B-79BD-476C-B97B-D4FC0E50A434}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
15-12-2019 20:03:12 Naplánovaný kontrolní bod
21-12-2019 20:10:23 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/14/2019 05:22:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: InsOnSrv.exe, verze: 2.1.7.1, časové razítko: 0x4ed5f236
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x7c
Čas spuštění chybující aplikace: 0x01d5b25551464099
Cesta k chybující aplikaci: C:\Program Files\ASUS\InstantOn for EPC\InsOnSrv.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: da5460e1-1e8d-11ea-a882-c86000283925
Error: (12/14/2019 09:33:46 AM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.
Error: (12/13/2019 11:47:26 AM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.
Error: (12/12/2019 03:25:21 AM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.
Error: (12/11/2019 01:52:32 PM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.
Error: (12/10/2019 12:13:50 PM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.
Error: (12/09/2019 03:29:32 AM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.
Error: (12/08/2019 05:16:16 AM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.
System errors:
=============
Error: (12/21/2019 08:59:38 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (12/21/2019 08:30:45 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (12/21/2019 07:59:02 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (12/21/2019 07:29:57 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.228.
Počítač s IP adresou 192.168.0.59 nepovolil získání názvu
tímto počítačem.
Error: (12/21/2019 07:29:08 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.228.
Počítač s IP adresou 192.168.0.59 nepovolil získání názvu
tímto počítačem.
Error: (12/21/2019 07:28:46 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (12/21/2019 07:28:42 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (12/21/2019 07:28:42 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Windows Defender:
===================================
Date: 2019-09-22 18:17:39.816
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{0BC08668-2D95-4A0F-AC1F-9EDD4D612744}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
CodeIntegrity:
===================================
Date: 2015-04-13 20:27:28.151
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\crypt32.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1025C.0701 01/06/2012
Motherboard: ASUSTeK COMPUTER INC. 1025C
Processor: Intel(R) Atom(TM) CPU N2800 @ 1.86GHz
Percentage of memory in use: 88%
Total physical RAM: 1011.94 MB
Available physical RAM: 113.5 MB
Total Virtual: 2589.34 MB
Available Virtual: 293.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:100 GB) (Free:38.57 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:183.07 GB) (Free:140.99 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: A8D6F410)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15 GB) - (Type=1B)
Partition 3: (Not Active) - (Size=183.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=16 MB) - (Type=EF)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivní kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
romcolahvac
- Návštěvník
- Příspěvky: 186
- Registrován: 23 pro 2008 00:30
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu logu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
romcolahvac
- Návštěvník
- Příspěvky: 186
- Registrován: 23 pro 2008 00:30
Re: Prosím o preventivní kontrolu logu
Dobrý den , děkuji, zde je log
# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2019-12-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-27-2019
# Duration: 00:04:08
# OS: Windows 7 Starter
# Cleaned: 20
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\Premium
Deleted C:\Users\maja\AppData\Roaming\OpenCandy
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Conduit
***** [ Chromium (and derivatives) ] *****
Deleted EasyPDFCombine
Deleted EasyPDFCombine
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.ASUSInstantOn Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{749F674B-2674-47E8-879C-5626A06B2A91}
Deleted Preinstalled.ASUSLiveUpdate Folder C:\Program Files\ASUS\LIVEUPDATE
Deleted Preinstalled.ASUSLiveUpdate Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\LIVEUPDATE
Deleted Preinstalled.ASUSProductRegistration Folder C:\Program Files\ASUS\APRP
Deleted Preinstalled.ASUSProductRegistration Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|ASUSPRP
Deleted Preinstalled.ASUSUpdateChecker Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{587178E7-B1DF-494E-9838-FA4DD36E873C}
Deleted Preinstalled.ASUSVibe Folder C:\Program Files\ASUS\ASUSVIBE
Deleted Preinstalled.ASUSVibe Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUSVIBE
Deleted Preinstalled.ASUSVibe Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Asus Vibe2.0
Deleted Preinstalled.ASUSWebStorage Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS WEBSTORAGE
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|ASUSWebStorage
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ASUS WebStorage
Deleted Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
Deleted Preinstalled.VAIOSmartNetwork Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{21DD6041-7251-40FA-9D06-C5EB30268E0F}
Not Deleted Preinstalled.ASUSWebStorage Folder C:\Program Files\ASUS\ASUS WEBSTORAGE
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3127 octets] - [27/12/2019 22:01:40]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2019-12-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-27-2019
# Duration: 00:04:08
# OS: Windows 7 Starter
# Cleaned: 20
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\Premium
Deleted C:\Users\maja\AppData\Roaming\OpenCandy
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Conduit
***** [ Chromium (and derivatives) ] *****
Deleted EasyPDFCombine
Deleted EasyPDFCombine
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.ASUSInstantOn Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{749F674B-2674-47E8-879C-5626A06B2A91}
Deleted Preinstalled.ASUSLiveUpdate Folder C:\Program Files\ASUS\LIVEUPDATE
Deleted Preinstalled.ASUSLiveUpdate Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\LIVEUPDATE
Deleted Preinstalled.ASUSProductRegistration Folder C:\Program Files\ASUS\APRP
Deleted Preinstalled.ASUSProductRegistration Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|ASUSPRP
Deleted Preinstalled.ASUSUpdateChecker Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{587178E7-B1DF-494E-9838-FA4DD36E873C}
Deleted Preinstalled.ASUSVibe Folder C:\Program Files\ASUS\ASUSVIBE
Deleted Preinstalled.ASUSVibe Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUSVIBE
Deleted Preinstalled.ASUSVibe Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Asus Vibe2.0
Deleted Preinstalled.ASUSWebStorage Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS WEBSTORAGE
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|ASUSWebStorage
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ASUS WebStorage
Deleted Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
Deleted Preinstalled.VAIOSmartNetwork Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{21DD6041-7251-40FA-9D06-C5EB30268E0F}
Not Deleted Preinstalled.ASUSWebStorage Folder C:\Program Files\ASUS\ASUS WEBSTORAGE
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3127 octets] - [27/12/2019 22:01:40]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu logu
OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
romcolahvac
- Návštěvník
- Příspěvky: 186
- Registrován: 23 pro 2008 00:30
Re: Prosím o preventivní kontrolu logu
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-12-2019
Ran by maja (28-12-2019 22:54:53)
Running from C:\Users\maja\Desktop
Microsoft Windows 7 Starter Service Pack 1 (X86) (2012-06-18 17:14:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3898336196-934405070-3867738441-500 - Administrator - Disabled)
Guest (S-1-5-21-3898336196-934405070-3867738441-501 - Limited - Disabled)
maja (S-1-5-21-3898336196-934405070-3867738441-1000 - Administrator - Enabled) => C:\Users\maja
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Out of date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium (Disabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902}
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: avast! Antivirus (Disabled - Out of date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Trend Micro Titanium (Disabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
AsusScreensaver (HKLM\...\{99E77016-BCF2-48C8-9119-43ECF5815F65}) (Version: 1.05 - AsusTek Computer Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
Avira (HKLM\...\{4e6a365c-99da-4552-bea4-b13f55457be4}) (Version: 1.2.141.10870 - Avira Operations GmbH & Co. KG)
Avira (HKLM\...\{93A3C9E9-C927-43EC-B42F-29C3B5670A2E}) (Version: 1.2.141.10870 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.1912.1683 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM\...\Avira Phantom VPN) (Version: 2.29.2.24183 - Avira Operations GmbH & Co. KG)
Avira Privacy Pal (HKLM\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.1.0.1934 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM\...\{D72D7C97-7AEC-43E0-A8CF-B23F27422FE0}) (Version: 2.0.6.22870 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM\...\Avira System Speedup_is1) (Version: 6.3.1.10826 - Avira Operations GmbH & Co. KG)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
CapsHook (HKLM\...\{4B5092B6-F231-4D18-83BC-2618B729CA45}) (Version: 1.0.0.7 - AsusTek Computer)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
E-Cam (HKLM\...\{185AFA7A-F63E-450B-94AA-011CAC18090E}) (Version: 2.0.3.0 - AzureWave)
Eee Docking 3.10.5 (HKLM\...\Eee Docking_is1) (Version: 3.10.5 - ASUSTek Computer Inc.)
ETDWare PS/2-X86 8.0.5.2_WHQL (HKLM\...\Elantech) (Version: 8.0.5.2 - ELAN Microelectronic Corp.)
ExpressGateCloud (HKLM\...\{36B0DC39-3282-40EB-8587-B875CE46C3A7}) (Version: 2.7.44.279 - VideACE Co.) Hidden
ExpressGateCloud (HKLM\...\InstallShield_{36B0DC39-3282-40EB-8587-B875CE46C3A7}) (Version: 2.7.44.279 - VideACE Co.)
FontResizer (HKLM\...\{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek) Hidden
FontResizer (HKLM\...\InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Galeria fotografii usługi Windows Live (HKLM\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HD Writer AE 3.0 (HKLM\...\{5678B15A-504C-4A79-8554-05488A206E41}) (Version: 3.00.019.1033 - Panasonic Corporation)
Hotkey Service (HKLM\...\{71C0E38E-09F2-4386-9977-404D4F6640CD}) (Version: 1.45 - AsusTek Computer Inc.)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.14.8.1064 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Juniper Networks Setup Client (HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\Juniper_Setup_Client) (Version: 8.0.6.48695 - Juniper Networks)
Juniper Networks Setup Client Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LiveUpdate (HKLM\...\{38E5A3B1-ADF1-47E0-8024-76310A30EB36}) (Version: 1.30 - AsusTek Computer Inc.)
Media Sharing (HKLM\...\{9042F9FE-43CB-4ACF-9978-F62235127F90}) (Version: 0.65.6 - ASUS)
Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nero Backup Drivers (HKLM\...\{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}) (Version: 1.0.11100.8.0 - Nero AG)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Poczta usługi Windows Live (HKLM\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6473 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
Sada Compatibility Pack pro systém Office 2007 (HKLM\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Spotify (HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\Spotify) (Version: 1.1.21.1654.g282a2807 - Spotify AB)
Super Hybrid Engine (HKLM\...\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}) (Version: 2.20 - AsusTek Computer)
Trend Micro Titanium (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 3.0 - Trend Micro Inc.)
Trend Micro Titanium (HKLM\...\{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 3.00 - Trend Micro Inc.) Hidden
USBCharge+ (HKLM\...\{8165EFD2-0EB8-4C4F-A0E4-0E641B117ED2}) (Version: 1.0.0.23 - AsusTek Computer)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.50 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\ContextMenu.dll => No File
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\XPClient.DLL [2011-07-29] (eCareme Technologies, Inc.) [File not signed]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2011-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
ContextMenuHandlers1_S-1-5-21-3898336196-934405070-3867738441-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\ContextMenu.dll -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2009-03-02 03:07 - 2009-03-02 03:07 - 000200704 _____ ( ) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.EZShellExtensions.dll
2014-09-30 17:56 - 2014-09-30 08:42 - 002870272 _____ () [File not signed] C:\Program Files\AVAST Software\Avast\defs\14093000\algo.dll
2012-01-05 21:11 - 2010-09-17 09:32 - 000057344 _____ () [File not signed] C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
2012-01-05 21:11 - 2010-09-17 09:32 - 000049152 _____ () [File not signed] C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
2012-06-18 18:17 - 2011-09-28 01:13 - 000086528 _____ (Atheros Communications, Inc.) [File not signed] C:\Program Files\Qualcomm Atheros WiFi Driver Installation\AthIhvWlanExt.dll
2012-06-18 18:17 - 2011-09-28 01:12 - 000216064 _____ (Atheros Communications, Inc.) [File not signed] c:\program files\qualcomm atheros wifi driver installation\athihvwpap2p.dll
2011-07-28 09:48 - 2011-07-28 09:48 - 000274432 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\eCaremeDLL.dll
2011-07-29 10:37 - 2011-07-29 10:37 - 004526080 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\XPClient.dll
2012-06-19 19:16 - 2012-06-19 19:16 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2012-06-19 19:59 - 2012-06-19 19:59 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2019-12-24 12:52 - 2019-12-24 12:52 - 000880128 _____ (ServiceStack) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\b3bd16df7e27cd6d87053c670a1b0eaa\ServiceStack.Text.ni.dll
2009-10-29 02:41 - 2009-10-29 02:41 - 000270336 _____ (The Apache Software Foundation) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\log4net.dll
2013-03-17 11:19 - 2013-01-29 12:28 - 001169408 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\Avast\LIBEAY32.dll
2013-03-17 11:19 - 2013-01-29 12:28 - 000265216 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\Avast\SSLEAY32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared;C:\Program Files\Trend Micro\AMSP
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\Control Panel\Desktop\\Wallpaper -> %windir%\web\wallpaper\windows\img0.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{CB69B178-1ACD-4FD2-BF62-3932A684B8D1}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{35A57417-DEC3-413E-BA43-17C5FD5E840A}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{16538B9D-30D8-4110-B54A-CF7556319E23}] => (Allow) LPort=2869
FirewallRules: [{8CF4790F-48D8-4218-BDD0-C7EA96D5D961}] => (Allow) LPort=1900
FirewallRules: [{D3680A79-9481-4F71-93E2-6BD69083E228}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1FE5DF69-72D2-411F-9320-3FED7A080864}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{93C0EB7B-9BE6-46E4-94D6-4E91C7C6CFF6}] => (Allow) C:\Program Files\WiSharing\P2PUIMain.exe (Atheros Communication) [File not signed]
FirewallRules: [{2D046336-F76C-43A3-B6E9-6482BF283F4D}] => (Allow) C:\Program Files\WiSharing\DCDhcpService.exe (Atheros Communication Inc.) [File not signed]
FirewallRules: [TCP Query User{76CAC69A-71D5-423F-A4FD-BE592A3AD2DB}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [UDP Query User{036DFA49-D764-4D40-9F69-1A34D20FADF9}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [TCP Query User{5BAE9C57-28FF-4644-95D8-C85940D20359}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [UDP Query User{6E9DDEFF-FAC7-44FD-ABFD-8691E15EF4DA}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [TCP Query User{FF67B783-CA8D-4E97-8040-E9008AF7F9B0}C:\users\maja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{80876312-8FEA-44E4-A33E-AB86168D5D00}C:\users\maja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1633478E-02D4-4D09-85AF-57E89F5E3EAA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D9A91A0B-9FC5-4E88-B0EC-345EE0E9004C}] => (Block) C:\Program Files\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{E9E9C68B-84A9-4505-9488-C7DA0A98666E}] => (Allow) C:\Program Files\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{B00F4D6F-F8A6-4810-9EBA-2C916FE30FBE}] => (Allow) C:\Program Files\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Restore Points =========================
21-12-2019 20:10:23 Windows Update
24-12-2019 12:42:19 Instalace balíčku ovladače zařízení: Phantom TAP-Windows Provider V9 Síťové adaptéry
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/28/2019 10:52:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.3.1.10826, časové razítko: 0x5dfbb212
Název chybujícího modulu: clr.dll, verze: 4.7.3468.0, časové razítko: 0x5d490e65
Kód výjimky: 0xc0000409
Posun chyby: 0x002f8fd9
ID chybujícího procesu: 0x15a8
Čas spuštění chybující aplikace: 0x01d5bdc8e59d90f0
Cesta k chybující aplikaci: C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: 560a3268-29bc-11ea-8bef-c86000283925
Error: (12/27/2019 10:22:09 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Users\maja\Desktop\adwcleaner_8.0.1.exe ; Popis = AdwCleaner_BeforeCleaning_27/12/2019_22:03:02; Chyba = 0x81000101).
Error: (12/27/2019 10:03:58 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {b2b5ddb7-580c-4040-8198-cfb1b77f5d35}
Error: (12/27/2019 09:51:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.3.1.10826, časové razítko: 0x5dfbb212
Název chybujícího modulu: clr.dll, verze: 4.7.3468.0, časové razítko: 0x5d490e65
Kód výjimky: 0xc0000409
Posun chyby: 0x002f8fd9
ID chybujícího procesu: 0x13fc
Čas spuštění chybující aplikace: 0x01d5bcf75909f14d
Cesta k chybující aplikaci: C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: ae702a7b-28ea-11ea-8bc5-c86000283925
Error: (12/24/2019 12:02:22 PM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.
Error: (12/21/2019 09:24:00 PM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.
Error: (12/14/2019 05:22:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: InsOnSrv.exe, verze: 2.1.7.1, časové razítko: 0x4ed5f236
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x7c
Čas spuštění chybující aplikace: 0x01d5b25551464099
Cesta k chybující aplikaci: C:\Program Files\ASUS\InstantOn for EPC\InsOnSrv.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: da5460e1-1e8d-11ea-a882-c86000283925
Error: (12/14/2019 09:33:46 AM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.
System errors:
=============
Error: (12/28/2019 10:39:02 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (12/28/2019 10:22:08 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.228.
Počítač s IP adresou 192.168.0.59 nepovolil získání názvu
tímto počítačem.
Error: (12/28/2019 10:18:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Microsoft .NET Framework NGEN v4.0.30319_X86 bylo dosaženo časového limitu (30000 ms).
Error: (12/28/2019 10:16:58 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.228.
Počítač s IP adresou 192.168.0.59 nepovolil získání názvu
tímto počítačem.
Error: (12/28/2019 10:16:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/28/2019 10:16:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (12/28/2019 10:15:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom
Error: (12/28/2019 10:11:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Avira Service Host bylo dosaženo časového limitu (30000 ms).
Windows Defender:
===================================
Date: 2019-09-22 18:17:39.816
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{0BC08668-2D95-4A0F-AC1F-9EDD4D612744}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
CodeIntegrity:
===================================
Date: 2015-04-13 20:27:28.151
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\crypt32.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1025C.0701 01/06/2012
Motherboard: ASUSTeK COMPUTER INC. 1025C
Processor: Intel(R) Atom(TM) CPU N2800 @ 1.86GHz
Percentage of memory in use: 91%
Total physical RAM: 1011.94 MB
Available physical RAM: 89.81 MB
Total Virtual: 2555.27 MB
Available Virtual: 240.29 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:100 GB) (Free:34.8 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:183.07 GB) (Free:140.99 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: A8D6F410)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15 GB) - (Type=1B)
Partition 3: (Not Active) - (Size=183.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=16 MB) - (Type=EF)
==================== End of Addition.txt =======================
Ran by maja (28-12-2019 22:54:53)
Running from C:\Users\maja\Desktop
Microsoft Windows 7 Starter Service Pack 1 (X86) (2012-06-18 17:14:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3898336196-934405070-3867738441-500 - Administrator - Disabled)
Guest (S-1-5-21-3898336196-934405070-3867738441-501 - Limited - Disabled)
maja (S-1-5-21-3898336196-934405070-3867738441-1000 - Administrator - Enabled) => C:\Users\maja
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Out of date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium (Disabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902}
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: avast! Antivirus (Disabled - Out of date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Trend Micro Titanium (Disabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
AsusScreensaver (HKLM\...\{99E77016-BCF2-48C8-9119-43ECF5815F65}) (Version: 1.05 - AsusTek Computer Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
Avira (HKLM\...\{4e6a365c-99da-4552-bea4-b13f55457be4}) (Version: 1.2.141.10870 - Avira Operations GmbH & Co. KG)
Avira (HKLM\...\{93A3C9E9-C927-43EC-B42F-29C3B5670A2E}) (Version: 1.2.141.10870 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.1912.1683 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM\...\Avira Phantom VPN) (Version: 2.29.2.24183 - Avira Operations GmbH & Co. KG)
Avira Privacy Pal (HKLM\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.1.0.1934 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM\...\{D72D7C97-7AEC-43E0-A8CF-B23F27422FE0}) (Version: 2.0.6.22870 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM\...\Avira System Speedup_is1) (Version: 6.3.1.10826 - Avira Operations GmbH & Co. KG)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
CapsHook (HKLM\...\{4B5092B6-F231-4D18-83BC-2618B729CA45}) (Version: 1.0.0.7 - AsusTek Computer)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
E-Cam (HKLM\...\{185AFA7A-F63E-450B-94AA-011CAC18090E}) (Version: 2.0.3.0 - AzureWave)
Eee Docking 3.10.5 (HKLM\...\Eee Docking_is1) (Version: 3.10.5 - ASUSTek Computer Inc.)
ETDWare PS/2-X86 8.0.5.2_WHQL (HKLM\...\Elantech) (Version: 8.0.5.2 - ELAN Microelectronic Corp.)
ExpressGateCloud (HKLM\...\{36B0DC39-3282-40EB-8587-B875CE46C3A7}) (Version: 2.7.44.279 - VideACE Co.) Hidden
ExpressGateCloud (HKLM\...\InstallShield_{36B0DC39-3282-40EB-8587-B875CE46C3A7}) (Version: 2.7.44.279 - VideACE Co.)
FontResizer (HKLM\...\{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek) Hidden
FontResizer (HKLM\...\InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Galeria fotografii usługi Windows Live (HKLM\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HD Writer AE 3.0 (HKLM\...\{5678B15A-504C-4A79-8554-05488A206E41}) (Version: 3.00.019.1033 - Panasonic Corporation)
Hotkey Service (HKLM\...\{71C0E38E-09F2-4386-9977-404D4F6640CD}) (Version: 1.45 - AsusTek Computer Inc.)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.14.8.1064 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Juniper Networks Setup Client (HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\Juniper_Setup_Client) (Version: 8.0.6.48695 - Juniper Networks)
Juniper Networks Setup Client Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LiveUpdate (HKLM\...\{38E5A3B1-ADF1-47E0-8024-76310A30EB36}) (Version: 1.30 - AsusTek Computer Inc.)
Media Sharing (HKLM\...\{9042F9FE-43CB-4ACF-9978-F62235127F90}) (Version: 0.65.6 - ASUS)
Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nero Backup Drivers (HKLM\...\{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}) (Version: 1.0.11100.8.0 - Nero AG)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Poczta usługi Windows Live (HKLM\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6473 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
Sada Compatibility Pack pro systém Office 2007 (HKLM\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Spotify (HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\Spotify) (Version: 1.1.21.1654.g282a2807 - Spotify AB)
Super Hybrid Engine (HKLM\...\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}) (Version: 2.20 - AsusTek Computer)
Trend Micro Titanium (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 3.0 - Trend Micro Inc.)
Trend Micro Titanium (HKLM\...\{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 3.00 - Trend Micro Inc.) Hidden
USBCharge+ (HKLM\...\{8165EFD2-0EB8-4C4F-A0E4-0E641B117ED2}) (Version: 1.0.0.23 - AsusTek Computer)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.50 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\ContextMenu.dll => No File
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\XPClient.DLL [2011-07-29] (eCareme Technologies, Inc.) [File not signed]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2011-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
ContextMenuHandlers1_S-1-5-21-3898336196-934405070-3867738441-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\ContextMenu.dll -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2009-03-02 03:07 - 2009-03-02 03:07 - 000200704 _____ ( ) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.EZShellExtensions.dll
2014-09-30 17:56 - 2014-09-30 08:42 - 002870272 _____ () [File not signed] C:\Program Files\AVAST Software\Avast\defs\14093000\algo.dll
2012-01-05 21:11 - 2010-09-17 09:32 - 000057344 _____ () [File not signed] C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
2012-01-05 21:11 - 2010-09-17 09:32 - 000049152 _____ () [File not signed] C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
2012-06-18 18:17 - 2011-09-28 01:13 - 000086528 _____ (Atheros Communications, Inc.) [File not signed] C:\Program Files\Qualcomm Atheros WiFi Driver Installation\AthIhvWlanExt.dll
2012-06-18 18:17 - 2011-09-28 01:12 - 000216064 _____ (Atheros Communications, Inc.) [File not signed] c:\program files\qualcomm atheros wifi driver installation\athihvwpap2p.dll
2011-07-28 09:48 - 2011-07-28 09:48 - 000274432 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\eCaremeDLL.dll
2011-07-29 10:37 - 2011-07-29 10:37 - 004526080 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\XPClient.dll
2012-06-19 19:16 - 2012-06-19 19:16 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2012-06-19 19:59 - 2012-06-19 19:59 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2019-12-24 12:52 - 2019-12-24 12:52 - 000880128 _____ (ServiceStack) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\b3bd16df7e27cd6d87053c670a1b0eaa\ServiceStack.Text.ni.dll
2009-10-29 02:41 - 2009-10-29 02:41 - 000270336 _____ (The Apache Software Foundation) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\log4net.dll
2013-03-17 11:19 - 2013-01-29 12:28 - 001169408 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\Avast\LIBEAY32.dll
2013-03-17 11:19 - 2013-01-29 12:28 - 000265216 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\Avast\SSLEAY32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared;C:\Program Files\Trend Micro\AMSP
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\Control Panel\Desktop\\Wallpaper -> %windir%\web\wallpaper\windows\img0.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{CB69B178-1ACD-4FD2-BF62-3932A684B8D1}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{35A57417-DEC3-413E-BA43-17C5FD5E840A}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{16538B9D-30D8-4110-B54A-CF7556319E23}] => (Allow) LPort=2869
FirewallRules: [{8CF4790F-48D8-4218-BDD0-C7EA96D5D961}] => (Allow) LPort=1900
FirewallRules: [{D3680A79-9481-4F71-93E2-6BD69083E228}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1FE5DF69-72D2-411F-9320-3FED7A080864}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{93C0EB7B-9BE6-46E4-94D6-4E91C7C6CFF6}] => (Allow) C:\Program Files\WiSharing\P2PUIMain.exe (Atheros Communication) [File not signed]
FirewallRules: [{2D046336-F76C-43A3-B6E9-6482BF283F4D}] => (Allow) C:\Program Files\WiSharing\DCDhcpService.exe (Atheros Communication Inc.) [File not signed]
FirewallRules: [TCP Query User{76CAC69A-71D5-423F-A4FD-BE592A3AD2DB}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [UDP Query User{036DFA49-D764-4D40-9F69-1A34D20FADF9}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [TCP Query User{5BAE9C57-28FF-4644-95D8-C85940D20359}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [UDP Query User{6E9DDEFF-FAC7-44FD-ABFD-8691E15EF4DA}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [TCP Query User{FF67B783-CA8D-4E97-8040-E9008AF7F9B0}C:\users\maja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{80876312-8FEA-44E4-A33E-AB86168D5D00}C:\users\maja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1633478E-02D4-4D09-85AF-57E89F5E3EAA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D9A91A0B-9FC5-4E88-B0EC-345EE0E9004C}] => (Block) C:\Program Files\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{E9E9C68B-84A9-4505-9488-C7DA0A98666E}] => (Allow) C:\Program Files\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{B00F4D6F-F8A6-4810-9EBA-2C916FE30FBE}] => (Allow) C:\Program Files\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Restore Points =========================
21-12-2019 20:10:23 Windows Update
24-12-2019 12:42:19 Instalace balíčku ovladače zařízení: Phantom TAP-Windows Provider V9 Síťové adaptéry
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/28/2019 10:52:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.3.1.10826, časové razítko: 0x5dfbb212
Název chybujícího modulu: clr.dll, verze: 4.7.3468.0, časové razítko: 0x5d490e65
Kód výjimky: 0xc0000409
Posun chyby: 0x002f8fd9
ID chybujícího procesu: 0x15a8
Čas spuštění chybující aplikace: 0x01d5bdc8e59d90f0
Cesta k chybující aplikaci: C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: 560a3268-29bc-11ea-8bef-c86000283925
Error: (12/27/2019 10:22:09 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Users\maja\Desktop\adwcleaner_8.0.1.exe ; Popis = AdwCleaner_BeforeCleaning_27/12/2019_22:03:02; Chyba = 0x81000101).
Error: (12/27/2019 10:03:58 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {b2b5ddb7-580c-4040-8198-cfb1b77f5d35}
Error: (12/27/2019 09:51:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.3.1.10826, časové razítko: 0x5dfbb212
Název chybujícího modulu: clr.dll, verze: 4.7.3468.0, časové razítko: 0x5d490e65
Kód výjimky: 0xc0000409
Posun chyby: 0x002f8fd9
ID chybujícího procesu: 0x13fc
Čas spuštění chybující aplikace: 0x01d5bcf75909f14d
Cesta k chybující aplikaci: C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: ae702a7b-28ea-11ea-8bc5-c86000283925
Error: (12/24/2019 12:02:22 PM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.
Error: (12/21/2019 09:24:00 PM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.
Error: (12/14/2019 05:22:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: InsOnSrv.exe, verze: 2.1.7.1, časové razítko: 0x4ed5f236
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x7c
Čas spuštění chybující aplikace: 0x01d5b25551464099
Cesta k chybující aplikaci: C:\Program Files\ASUS\InstantOn for EPC\InsOnSrv.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: da5460e1-1e8d-11ea-a882-c86000283925
Error: (12/14/2019 09:33:46 AM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.
System errors:
=============
Error: (12/28/2019 10:39:02 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (12/28/2019 10:22:08 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.228.
Počítač s IP adresou 192.168.0.59 nepovolil získání názvu
tímto počítačem.
Error: (12/28/2019 10:18:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Microsoft .NET Framework NGEN v4.0.30319_X86 bylo dosaženo časového limitu (30000 ms).
Error: (12/28/2019 10:16:58 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.228.
Počítač s IP adresou 192.168.0.59 nepovolil získání názvu
tímto počítačem.
Error: (12/28/2019 10:16:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/28/2019 10:16:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (12/28/2019 10:15:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom
Error: (12/28/2019 10:11:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Avira Service Host bylo dosaženo časového limitu (30000 ms).
Windows Defender:
===================================
Date: 2019-09-22 18:17:39.816
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{0BC08668-2D95-4A0F-AC1F-9EDD4D612744}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
CodeIntegrity:
===================================
Date: 2015-04-13 20:27:28.151
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\crypt32.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1025C.0701 01/06/2012
Motherboard: ASUSTeK COMPUTER INC. 1025C
Processor: Intel(R) Atom(TM) CPU N2800 @ 1.86GHz
Percentage of memory in use: 91%
Total physical RAM: 1011.94 MB
Available physical RAM: 89.81 MB
Total Virtual: 2555.27 MB
Available Virtual: 240.29 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:100 GB) (Free:34.8 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:183.07 GB) (Free:140.99 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: A8D6F410)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15 GB) - (Type=1B)
Partition 3: (Not Active) - (Size=183.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=16 MB) - (Type=EF)
==================== End of Addition.txt =======================
-
romcolahvac
- Návštěvník
- Příspěvky: 186
- Registrován: 23 pro 2008 00:30
Re: Prosím o preventivní kontrolu logu
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-12-2019
Ran by maja (administrator) on MAJA-PC (ASUSTeK COMPUTER INC. 1025C) (28-12-2019 22:28:59)
Running from C:\Users\maja\Desktop
Loaded Profiles: maja (Available Profiles: maja)
Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe
(ASUSTeK Computer Inc. -> ) C:\Windows\System32\AsusService.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\Asus\InstantOn for EPC\InsOnSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\Asus\InstantOn for EPC\InsOnWMI.exe
(AVAST Software -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avscan.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avscan.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\update.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Optimizer Host\Avira.OptimizerHost.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google) C:\Users\maja\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\maja\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTel\diagtrackrunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\lpksetup.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\lpksetup.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\sipnotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Panasonic Corporation -> Panasonic Corporation) C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
(VideACE Technology Co. -> ) C:\ExpressGateUtil\VAWinAgent.exe
(VideACE Technology Co. -> ) C:\ExpressGateUtil\VAWinService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [GfxServiceInstall] => C:\windows\system32\GfxCUIServiceInstall.vbs [131 2011-12-13] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [HotkeyMon] => C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe [101800 2011-08-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] => C:\Program Files\ASUS\HotkeyService\HotkeyService.exe [1263024 2011-08-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
HKLM\...\Run: [SuperHybridEngine] => C:\Program Files\ASUS\SHE\SuperHybridEngine.exe [425400 2011-12-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
HKLM\...\Run: [LiveUpdate] => AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
HKLM\...\Run: [CapsHook] => C:\Program Files\ASUS\CapsHook\CapsHook.exe [445344 2010-11-15] (ASUSTeK Computer Inc. -> ASUS)
HKLM\...\Run: [Eee Docking] => C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [417456 2011-07-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
HKLM\...\Run: [VizorHtmlDialog.exe] => C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [1123664 2010-10-08] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [112632 2010-10-12] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [218448 2010-10-20] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [VAWinAgent] => C:\ExpressGateUtil\VAWinAgent.exe [45448 2011-08-19] (VideACE Technology Co. -> )
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11004520 2011-09-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [1813800 2011-03-10] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4767304 2013-03-07] (AVAST Software -> AVAST Software)
HKLM\...\Run: [iSeriesCharge] => C:\Program Files\ASUS\USBChargeSetting\iSeriesCharge.exe [99792 2012-06-28] (ASUSTeK Computer Inc. -> AsusTek Computer Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) [File not signed]
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [228120 2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira System Speedup User Starter] => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [330008 2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\MountPoints2: {d976b0aa-b975-11e1-9f16-c86000283925} - "F:\WD SmartWare.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-24] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-06-18]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files\Asus\AsusVibe\AsusVibeLauncher.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HD Writer.lnk [2012-06-19]
ShortcutTarget: HD Writer.lnk -> C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Panasonic Corporation -> Panasonic Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09CBE58F-7236-4B7D-9261-B4B0F4821A46} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27855480 2019-12-24] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {20C6F29C-6775-48F4-92AC-CE7B1F5E9136} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [179584 2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {5CF3F392-A911-4BAF-8020-B4E549587B66} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-03-05] (Google Inc -> Google Inc.)
Task: {803560C3-6BA7-4816-B0FF-C208273EB071} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-03-05] (Google Inc -> Google Inc.)
Task: {849DEB90-FE9E-431D-A87B-D37375950FF9} - System32\Tasks\{D4D9D4B7-8E7C-424B-90CB-E18EA14828C7} => C:\windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {AFE1D72C-6B24-4D1D-9927-FEAFEB2921F7} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2736056 2018-08-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {BA28B958-0B12-4DD4-A9AB-8AD07F128258} - System32\Tasks\{C43DE92B-354B-4856-BE42-D11A724BCF31} => C:\windows\system32\pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {EBEEC802-4B42-4A82-BDC6-9D7212346996} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-03-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F8F5F944-72BC-4E79-A7E1-1F4A9424DDC4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1455456 2017-12-06] (AVAST Software s.r.o. -> AVAST Software)
Task: {FEE42346-ACBD-489F-9ADE-00B031BD207B} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files\Avira\Antivirus\avgnt.exe [2757672 2019-11-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{2B4FF6E6-1428-4111-A16E-2BF526659DB9}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{A18BAFC2-B3D5-4792-BE2B-3CA83C1C94B3}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{E3B31B79-9E60-4487-87D9-B541BB568345}: [DhcpNameServer] 192.168.1.1 10.24.0.23
Internet Explorer:
==================
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3898336196-934405070-3867738441-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3898336196-934405070-3867738441-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
FireFox:
========
FF ProfilePath: C:\Users\maja\AppData\Roaming\Mozilla\Firefox\Profiles\2KeyyKzg.default [2019-12-24]
FF Extension: (Avira Password Manager) - C:\Users\maja\AppData\Roaming\Mozilla\Firefox\Profiles\2KeyyKzg.default\Extensions\passwordmanager@avira.com [2019-12-24]
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension
FF Extension: (Trend Micro NSC Firefox Extension) - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension [2012-01-05] [Legacy] [not signed]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) [File not signed]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Notifications: Default -> hxxp://youzeek.com; hxxps://www.youtube.com
CHR Profile: C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default [2019-12-28]
CHR Extension: (Avira Safe Shopping) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2019-12-27]
CHR Extension: (Vyhledávání Google) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-09]
CHR Extension: (avast! WebRep) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2013-04-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-27]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-25]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Amsp; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [196320 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [1210168 2019-11-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [484768 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [484768 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [567872 2019-11-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ASUS InstantOn; C:\Program Files\ASUS\InstantOn for EPC\InsOnSrv.exe [92800 2011-12-01] (ASUSTeK Computer Inc. -> ASUS)
R2 AsusService; C:\windows\system32\AsusService.exe [224680 2011-08-09] (ASUSTeK Computer Inc. -> )
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software -> AVAST Software)
S2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [612944 2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989536 2019-12-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraPhantomVPN; C:\Program Files\Avira\VPN\Avira.VpnService.exe [381424 2019-12-04] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraUpdaterService; C:\Program Files\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [146224 2019-10-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 DCDhcpService; C:\Program Files\WiSharing\DCDhcpService.exe [108544 2011-09-16] (Atheros Communication Inc.) [File not signed]
R2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [161104 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [91464 2011-03-26] (VideACE Technology Co. -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1713536 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiDriver; C:\windows\System32\DRIVERS\AiDriver.sys [14720 2012-05-07] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R1 AsIO; C:\windows\System32\drivers\AsIO.sys [11456 2010-06-28] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11832 2010-08-03] (ASUSTeK Computer Inc. -> )
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-03-07] (AVAST Software -> AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [66336 2013-03-07] (AVAST Software -> AVAST Software)
R1 aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [60656 2013-03-07] (AVAST Software -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49248 2013-03-07] (AVAST Software -> )
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [765736 2013-03-07] (AVAST Software -> AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [368176 2013-03-07] (AVAST Software -> AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [62376 2013-03-07] (AVAST Software -> AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [164736 2013-03-07] (AVAST Software -> )
R3 athr; C:\windows\System32\DRIVERS\athr.sys [2205696 2011-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [50728 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [156160 2019-12-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [171568 2019-09-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [36688 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [60360 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\windows\System32\Drivers\avusbflt.sys [33280 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 dsNcAdpt; C:\windows\System32\DRIVERS\dsNcAdpt.sys [27648 2014-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Juniper Networks)
R3 ETD; C:\windows\System32\DRIVERS\ETD.sys [118568 2011-03-10] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] (ASUSTeK Computer Inc. -> )
R3 phantomtap; C:\windows\System32\DRIVERS\phantomtap.sys [31032 2019-12-04] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R1 tmactmon; C:\windows\System32\DRIVERS\tmactmon.sys [80464 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmcomm; C:\windows\System32\DRIVERS\tmcomm.sys [189520 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmevtmgr; C:\windows\System32\DRIVERS\tmevtmgr.sys [64080 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmtdi; C:\windows\System32\DRIVERS\tmtdi.sys [92112 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
S3 DETECT PS2: ; \??\C:\Program Files\ASUS\LiveUpdate\DetectSys.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-28 22:28 - 2019-12-28 22:28 - 000000000 ____D C:\Users\maja\Desktop\FRST-OlderVersion
2019-12-27 22:27 - 2019-12-27 22:27 - 000000000 ____D C:\Users\maja\AppData\Local\Avira
2019-12-27 21:54 - 2019-12-27 22:22 - 000000000 ____D C:\AdwCleaner
2019-12-27 21:49 - 2019-12-27 21:49 - 008237744 _____ (Malwarebytes) C:\Users\maja\Desktop\adwcleaner_8.0.1.exe
2019-12-27 21:40 - 2019-12-27 21:40 - 000000000 ____D C:\windows\system32\Tasks\Avira
2019-12-27 21:32 - 2019-12-27 21:32 - 020799544 _____ (Adobe) C:\windows\system32\FlashPlayerInstaller.exe
2019-12-24 14:11 - 2019-12-24 14:11 - 000000000 ____D C:\windows\system32\GPUCache
2019-12-24 14:10 - 2019-12-24 14:10 - 000000000 ____D C:\Users\maja\AppData\Local\CEF
2019-12-24 13:07 - 2019-12-24 13:07 - 000003268 _____ C:\windows\system32\Tasks\Avira_Antivirus_Systray
2019-12-24 13:07 - 2019-12-24 13:07 - 000000000 ____H C:\windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2019-12-24 13:03 - 2019-03-20 18:50 - 000033280 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avusbflt.sys
2019-12-24 13:02 - 2019-12-02 10:26 - 000156160 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2019-12-24 13:02 - 2019-09-19 09:07 - 000171568 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2019-12-24 13:02 - 2019-06-07 14:09 - 000050728 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avdevprot.sys
2019-12-24 13:02 - 2019-03-20 18:50 - 000060360 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2019-12-24 13:02 - 2019-03-20 18:50 - 000036688 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2019-12-24 12:54 - 2019-12-24 12:56 - 000000000 ____D C:\Users\Public\PrivacyPal Sessions
2019-12-24 12:46 - 2019-12-24 12:46 - 000000000 ____D C:\Users\Public\Speedup Sessions
2019-12-24 12:45 - 2019-12-24 12:45 - 000003664 _____ C:\windows\system32\Tasks\AviraSystemSpeedupUpdate
2019-12-24 12:39 - 2019-12-24 12:39 - 000000000 ____D C:\Users\maja\AppData\Roaming\Mozilla
2019-12-24 12:38 - 2019-12-24 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-12-24 12:38 - 2019-12-24 12:57 - 000000000 ____D C:\Program Files\Avira
2019-12-24 12:38 - 2019-12-24 12:38 - 000001146 _____ C:\Users\Public\Desktop\Avira.lnk
2019-12-24 12:38 - 2019-12-24 12:38 - 000001146 _____ C:\ProgramData\Desktop\Avira.lnk
2019-12-24 12:37 - 2019-12-24 12:57 - 000000000 ____D C:\ProgramData\Avira
2019-12-24 12:37 - 2019-12-24 12:37 - 000000000 ____D C:\ProgramData\Package Cache
2019-12-21 21:48 - 2019-12-21 21:48 - 000143208 _____ C:\windows\Minidump\122119-64241-01.dmp
2019-12-21 21:42 - 2019-12-21 21:48 - 000000000 ____D C:\windows\Minidump
2019-12-21 21:42 - 2019-12-21 21:42 - 000143208 _____ C:\windows\Minidump\122119-55349-01.dmp
2019-12-21 21:08 - 2019-12-21 21:16 - 000026598 _____ C:\Users\maja\Desktop\Addition.txt
2019-12-21 20:53 - 2019-12-28 22:38 - 000025260 _____ C:\Users\maja\Desktop\FRST.txt
2019-12-21 20:51 - 2019-12-28 22:35 - 000000000 ____D C:\FRST
2019-12-21 19:57 - 2019-12-28 22:28 - 002000896 _____ (Farbar) C:\Users\maja\Desktop\FRST.exe
2019-12-11 20:19 - 2019-12-11 20:21 - 000000000 ____D C:\windows\rescache
2019-12-11 13:28 - 2019-11-15 02:58 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2019-12-11 13:22 - 2019-12-06 02:40 - 000472064 _____ (Microsoft Corporation) C:\windows\system32\EOSNotify.exe
2019-12-11 13:22 - 2019-11-28 04:33 - 000069048 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2019-12-11 13:22 - 2019-11-28 04:32 - 004061616 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2019-12-11 13:22 - 2019-11-28 04:32 - 003967416 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2019-12-11 13:22 - 2019-11-28 04:32 - 000191416 _____ (Microsoft Corporation) C:\windows\system32\halmacpi.dll
2019-12-11 13:22 - 2019-11-28 04:32 - 000191416 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2019-12-11 13:22 - 2019-11-28 04:32 - 000138192 _____ (Microsoft Corporation) C:\windows\system32\halacpi.dll
2019-12-11 13:22 - 2019-11-28 04:32 - 000137656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2019-12-11 13:22 - 2019-11-28 04:31 - 001316424 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2019-12-11 13:22 - 2019-11-28 04:29 - 000307200 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2019-12-11 13:22 - 2019-11-28 04:02 - 002407424 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2019-12-11 13:22 - 2019-11-26 21:22 - 000532192 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2019-12-11 13:22 - 2019-11-23 07:57 - 000341896 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2019-12-11 13:22 - 2019-11-21 03:16 - 000496640 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2019-12-11 13:22 - 2019-11-19 09:17 - 020290048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2019-12-11 13:22 - 2019-11-19 08:56 - 002304000 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2019-12-11 13:22 - 2019-11-19 08:49 - 000662528 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2019-12-11 13:22 - 2019-11-19 08:43 - 000668160 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2019-12-11 13:22 - 2019-11-19 08:26 - 004112384 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2019-12-11 13:22 - 2019-11-19 08:23 - 002058752 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2019-12-11 13:22 - 2019-11-19 08:22 - 001155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2019-12-11 13:22 - 2019-11-19 08:20 - 013838336 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2019-12-11 13:22 - 2019-11-19 08:05 - 004387840 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2019-12-11 13:22 - 2019-11-19 08:01 - 001331712 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2019-12-11 13:22 - 2019-11-15 03:32 - 000311008 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 001330176 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000583680 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000479232 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000215040 _____ (Microsoft Corporation) C:\windows\system32\icm32.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000111616 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000071680 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2019-12-11 13:22 - 2019-11-15 03:13 - 000448000 _____ (Microsoft Corporation) C:\windows\system32\printfilterpipelinesvc.exe
2019-12-11 13:22 - 2019-11-15 03:13 - 000025088 _____ (Microsoft Corporation) C:\windows\system32\printfilterpipelineprxy.dll
2019-12-11 13:22 - 2019-11-15 02:59 - 000033280 _____ (Microsoft Corporation) C:\windows\system32\WcsPlugInService.dll
2019-12-11 13:22 - 2019-11-15 02:55 - 000258048 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2019-12-11 13:22 - 2019-11-05 22:27 - 000137144 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2019-12-11 13:22 - 2019-10-26 01:17 - 001465344 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 001072640 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000872448 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000812544 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000644096 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000555520 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000294400 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000261632 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000254464 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000223232 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000171008 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000167936 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000141312 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000099840 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000082432 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000070144 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:04 - 000097792 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2019-12-11 13:21 - 2019-11-28 04:04 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2019-12-11 13:21 - 2019-11-28 04:04 - 000029696 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2019-12-11 13:21 - 2019-11-28 04:04 - 000016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2019-12-11 13:21 - 2019-11-28 04:04 - 000009728 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2019-12-11 13:21 - 2019-11-28 04:03 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2019-12-11 13:21 - 2019-11-28 04:02 - 000271360 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2019-12-11 13:21 - 2019-11-28 04:01 - 000262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2019-12-11 13:21 - 2019-11-28 04:01 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2019-12-11 13:21 - 2019-11-28 03:59 - 000317440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000314880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000226304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000126464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000117248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000098816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2019-12-11 13:21 - 2019-11-28 03:57 - 000055296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000053760 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\viac7.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000052736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000052224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000036352 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000035328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\npfs.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2019-12-11 13:21 - 2019-11-28 03:57 - 000015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-12-11 13:21 - 2019-11-19 09:11 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2019-12-11 13:21 - 2019-11-19 09:11 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2019-12-11 13:21 - 2019-11-19 08:59 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2019-12-11 13:21 - 2019-11-19 08:58 - 000341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2019-12-11 13:21 - 2019-11-19 08:58 - 000047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2019-12-11 13:21 - 2019-11-19 08:57 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2019-12-11 13:21 - 2019-11-19 08:53 - 000047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2019-12-11 13:21 - 2019-11-19 08:52 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2019-12-11 13:21 - 2019-11-19 08:50 - 000476160 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2019-12-11 13:21 - 2019-11-19 08:49 - 000620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2019-12-11 13:21 - 2019-11-19 08:49 - 000115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2019-12-11 13:21 - 2019-11-19 08:49 - 000104960 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2019-12-11 13:21 - 2019-11-19 08:40 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2019-12-11 13:21 - 2019-11-19 08:36 - 000073216 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2019-12-11 13:21 - 2019-11-19 08:36 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2019-12-11 13:21 - 2019-11-19 08:35 - 000091136 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2019-12-11 13:21 - 2019-11-19 08:33 - 000168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2019-12-11 13:21 - 2019-11-19 08:33 - 000076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2019-12-11 13:21 - 2019-11-19 08:31 - 000279040 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2019-12-11 13:21 - 2019-11-19 08:30 - 000130048 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2019-12-11 13:21 - 2019-11-19 08:24 - 000230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2019-12-11 13:21 - 2019-11-19 08:23 - 000696320 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2019-12-11 13:21 - 2019-11-19 08:23 - 000692224 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2019-12-11 13:21 - 2019-11-19 08:00 - 000710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 001425920 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 000380928 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 000010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2019-12-11 13:21 - 2019-11-15 03:04 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll
2019-12-11 13:21 - 2019-11-15 02:59 - 000034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2019-12-04 13:25 - 2019-12-04 13:25 - 000031032 _____ (The OpenVPN Project) C:\windows\system32\Drivers\phantomtap.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-28 22:23 - 2009-07-14 05:34 - 000016160 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-28 22:23 - 2009-07-14 05:34 - 000016160 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-28 22:08 - 2009-07-14 05:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-12-27 22:52 - 2017-09-28 17:23 - 000001187 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-12-27 22:52 - 2017-09-28 17:23 - 000001187 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2019-12-27 22:52 - 2017-09-28 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-12-27 22:25 - 2012-01-05 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2019-12-27 22:25 - 2012-01-05 20:53 - 000000000 ____D C:\Program Files\Asus
2019-12-27 21:33 - 2012-01-05 20:56 - 000000000 ____D C:\windows\system32\Macromed
2019-12-27 21:24 - 2009-07-14 05:33 - 000357888 _____ C:\windows\system32\FNTCACHE.DAT
2019-12-24 13:06 - 2012-06-18 18:39 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-24 13:06 - 2012-06-18 18:39 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-24 13:06 - 2012-06-18 18:39 - 000002129 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-12-24 12:51 - 2012-06-18 18:15 - 000088256 _____ C:\Users\maja\AppData\Local\GDIPFONTCACHEV1.DAT
2019-12-24 12:49 - 2009-07-14 03:37 - 000000000 ____D C:\windows\inf
2019-12-24 11:56 - 2019-05-11 13:40 - 000000000 ____D C:\Users\maja\AppData\Local\Spotify
2019-12-24 11:36 - 2019-05-11 13:39 - 000000000 ____D C:\Users\maja\AppData\Roaming\Spotify
2019-12-21 21:47 - 2013-07-22 20:40 - 424082409 _____ C:\windows\MEMORY.DMP
2019-12-18 21:13 - 2018-01-09 20:44 - 000004174 _____ C:\windows\system32\Tasks\Avast Emergency Update
2019-12-18 09:31 - 2011-02-16 18:02 - 000693138 _____ C:\windows\system32\perfh005.dat
2019-12-18 09:31 - 2011-02-16 18:02 - 000149892 _____ C:\windows\system32\perfc005.dat
2019-12-18 09:31 - 2009-07-27 11:11 - 001641976 _____ C:\windows\system32\PerfStringBackup.INI
2019-12-14 00:32 - 2012-06-18 18:38 - 000003376 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-14 00:32 - 2012-06-18 18:38 - 000003248 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-11 17:06 - 2013-09-18 14:21 - 000000000 ____D C:\windows\system32\MRT
2019-12-11 16:49 - 2012-06-19 20:53 - 126061744 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2019-12-02 20:37 - 2009-07-14 05:53 - 000032584 _____ C:\windows\Tasks\SCHEDLGU.TXT
2019-12-01 11:04 - 2012-06-18 18:37 - 000000000 ____D C:\Program Files\Google
2019-11-29 00:45 - 2019-07-28 11:03 - 000000000 ____D C:\Users\maja\AppData\Roaming\vlc
==================== Files in the root of some directories ========
2012-07-13 20:47 - 2012-08-01 18:15 - 000004608 _____ () C:\Users\maja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-12-24 14:02
==================== End of FRST.txt ========================
Ran by maja (administrator) on MAJA-PC (ASUSTeK COMPUTER INC. 1025C) (28-12-2019 22:28:59)
Running from C:\Users\maja\Desktop
Loaded Profiles: maja (Available Profiles: maja)
Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe
(ASUSTeK Computer Inc. -> ) C:\Windows\System32\AsusService.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\Asus\InstantOn for EPC\InsOnSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\Asus\InstantOn for EPC\InsOnWMI.exe
(AVAST Software -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avscan.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avscan.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\update.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Optimizer Host\Avira.OptimizerHost.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google) C:\Users\maja\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\maja\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTel\diagtrackrunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\lpksetup.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\lpksetup.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\sipnotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Panasonic Corporation -> Panasonic Corporation) C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
(VideACE Technology Co. -> ) C:\ExpressGateUtil\VAWinAgent.exe
(VideACE Technology Co. -> ) C:\ExpressGateUtil\VAWinService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [GfxServiceInstall] => C:\windows\system32\GfxCUIServiceInstall.vbs [131 2011-12-13] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [HotkeyMon] => C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe [101800 2011-08-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] => C:\Program Files\ASUS\HotkeyService\HotkeyService.exe [1263024 2011-08-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
HKLM\...\Run: [SuperHybridEngine] => C:\Program Files\ASUS\SHE\SuperHybridEngine.exe [425400 2011-12-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
HKLM\...\Run: [LiveUpdate] => AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
HKLM\...\Run: [CapsHook] => C:\Program Files\ASUS\CapsHook\CapsHook.exe [445344 2010-11-15] (ASUSTeK Computer Inc. -> ASUS)
HKLM\...\Run: [Eee Docking] => C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [417456 2011-07-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
HKLM\...\Run: [VizorHtmlDialog.exe] => C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [1123664 2010-10-08] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [112632 2010-10-12] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [218448 2010-10-20] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [VAWinAgent] => C:\ExpressGateUtil\VAWinAgent.exe [45448 2011-08-19] (VideACE Technology Co. -> )
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11004520 2011-09-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [1813800 2011-03-10] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4767304 2013-03-07] (AVAST Software -> AVAST Software)
HKLM\...\Run: [iSeriesCharge] => C:\Program Files\ASUS\USBChargeSetting\iSeriesCharge.exe [99792 2012-06-28] (ASUSTeK Computer Inc. -> AsusTek Computer Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) [File not signed]
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [228120 2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira System Speedup User Starter] => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [330008 2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\MountPoints2: {d976b0aa-b975-11e1-9f16-c86000283925} - "F:\WD SmartWare.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-24] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-06-18]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files\Asus\AsusVibe\AsusVibeLauncher.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HD Writer.lnk [2012-06-19]
ShortcutTarget: HD Writer.lnk -> C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Panasonic Corporation -> Panasonic Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09CBE58F-7236-4B7D-9261-B4B0F4821A46} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27855480 2019-12-24] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {20C6F29C-6775-48F4-92AC-CE7B1F5E9136} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [179584 2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {5CF3F392-A911-4BAF-8020-B4E549587B66} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-03-05] (Google Inc -> Google Inc.)
Task: {803560C3-6BA7-4816-B0FF-C208273EB071} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-03-05] (Google Inc -> Google Inc.)
Task: {849DEB90-FE9E-431D-A87B-D37375950FF9} - System32\Tasks\{D4D9D4B7-8E7C-424B-90CB-E18EA14828C7} => C:\windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {AFE1D72C-6B24-4D1D-9927-FEAFEB2921F7} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2736056 2018-08-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {BA28B958-0B12-4DD4-A9AB-8AD07F128258} - System32\Tasks\{C43DE92B-354B-4856-BE42-D11A724BCF31} => C:\windows\system32\pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {EBEEC802-4B42-4A82-BDC6-9D7212346996} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-03-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F8F5F944-72BC-4E79-A7E1-1F4A9424DDC4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1455456 2017-12-06] (AVAST Software s.r.o. -> AVAST Software)
Task: {FEE42346-ACBD-489F-9ADE-00B031BD207B} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files\Avira\Antivirus\avgnt.exe [2757672 2019-11-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{2B4FF6E6-1428-4111-A16E-2BF526659DB9}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{A18BAFC2-B3D5-4792-BE2B-3CA83C1C94B3}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{E3B31B79-9E60-4487-87D9-B541BB568345}: [DhcpNameServer] 192.168.1.1 10.24.0.23
Internet Explorer:
==================
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3898336196-934405070-3867738441-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3898336196-934405070-3867738441-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
FireFox:
========
FF ProfilePath: C:\Users\maja\AppData\Roaming\Mozilla\Firefox\Profiles\2KeyyKzg.default [2019-12-24]
FF Extension: (Avira Password Manager) - C:\Users\maja\AppData\Roaming\Mozilla\Firefox\Profiles\2KeyyKzg.default\Extensions\passwordmanager@avira.com [2019-12-24]
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension
FF Extension: (Trend Micro NSC Firefox Extension) - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension [2012-01-05] [Legacy] [not signed]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) [File not signed]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Notifications: Default -> hxxp://youzeek.com; hxxps://www.youtube.com
CHR Profile: C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default [2019-12-28]
CHR Extension: (Avira Safe Shopping) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2019-12-27]
CHR Extension: (Vyhledávání Google) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-09]
CHR Extension: (avast! WebRep) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2013-04-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-27]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-25]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Amsp; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [196320 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [1210168 2019-11-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [484768 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [484768 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [567872 2019-11-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ASUS InstantOn; C:\Program Files\ASUS\InstantOn for EPC\InsOnSrv.exe [92800 2011-12-01] (ASUSTeK Computer Inc. -> ASUS)
R2 AsusService; C:\windows\system32\AsusService.exe [224680 2011-08-09] (ASUSTeK Computer Inc. -> )
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software -> AVAST Software)
S2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [612944 2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989536 2019-12-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraPhantomVPN; C:\Program Files\Avira\VPN\Avira.VpnService.exe [381424 2019-12-04] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraUpdaterService; C:\Program Files\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [146224 2019-10-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 DCDhcpService; C:\Program Files\WiSharing\DCDhcpService.exe [108544 2011-09-16] (Atheros Communication Inc.) [File not signed]
R2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [161104 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [91464 2011-03-26] (VideACE Technology Co. -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1713536 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiDriver; C:\windows\System32\DRIVERS\AiDriver.sys [14720 2012-05-07] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R1 AsIO; C:\windows\System32\drivers\AsIO.sys [11456 2010-06-28] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11832 2010-08-03] (ASUSTeK Computer Inc. -> )
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-03-07] (AVAST Software -> AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [66336 2013-03-07] (AVAST Software -> AVAST Software)
R1 aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [60656 2013-03-07] (AVAST Software -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49248 2013-03-07] (AVAST Software -> )
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [765736 2013-03-07] (AVAST Software -> AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [368176 2013-03-07] (AVAST Software -> AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [62376 2013-03-07] (AVAST Software -> AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [164736 2013-03-07] (AVAST Software -> )
R3 athr; C:\windows\System32\DRIVERS\athr.sys [2205696 2011-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [50728 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [156160 2019-12-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [171568 2019-09-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [36688 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [60360 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\windows\System32\Drivers\avusbflt.sys [33280 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 dsNcAdpt; C:\windows\System32\DRIVERS\dsNcAdpt.sys [27648 2014-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Juniper Networks)
R3 ETD; C:\windows\System32\DRIVERS\ETD.sys [118568 2011-03-10] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] (ASUSTeK Computer Inc. -> )
R3 phantomtap; C:\windows\System32\DRIVERS\phantomtap.sys [31032 2019-12-04] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R1 tmactmon; C:\windows\System32\DRIVERS\tmactmon.sys [80464 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmcomm; C:\windows\System32\DRIVERS\tmcomm.sys [189520 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmevtmgr; C:\windows\System32\DRIVERS\tmevtmgr.sys [64080 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmtdi; C:\windows\System32\DRIVERS\tmtdi.sys [92112 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
S3 DETECT PS2: ; \??\C:\Program Files\ASUS\LiveUpdate\DetectSys.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-28 22:28 - 2019-12-28 22:28 - 000000000 ____D C:\Users\maja\Desktop\FRST-OlderVersion
2019-12-27 22:27 - 2019-12-27 22:27 - 000000000 ____D C:\Users\maja\AppData\Local\Avira
2019-12-27 21:54 - 2019-12-27 22:22 - 000000000 ____D C:\AdwCleaner
2019-12-27 21:49 - 2019-12-27 21:49 - 008237744 _____ (Malwarebytes) C:\Users\maja\Desktop\adwcleaner_8.0.1.exe
2019-12-27 21:40 - 2019-12-27 21:40 - 000000000 ____D C:\windows\system32\Tasks\Avira
2019-12-27 21:32 - 2019-12-27 21:32 - 020799544 _____ (Adobe) C:\windows\system32\FlashPlayerInstaller.exe
2019-12-24 14:11 - 2019-12-24 14:11 - 000000000 ____D C:\windows\system32\GPUCache
2019-12-24 14:10 - 2019-12-24 14:10 - 000000000 ____D C:\Users\maja\AppData\Local\CEF
2019-12-24 13:07 - 2019-12-24 13:07 - 000003268 _____ C:\windows\system32\Tasks\Avira_Antivirus_Systray
2019-12-24 13:07 - 2019-12-24 13:07 - 000000000 ____H C:\windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2019-12-24 13:03 - 2019-03-20 18:50 - 000033280 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avusbflt.sys
2019-12-24 13:02 - 2019-12-02 10:26 - 000156160 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2019-12-24 13:02 - 2019-09-19 09:07 - 000171568 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2019-12-24 13:02 - 2019-06-07 14:09 - 000050728 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avdevprot.sys
2019-12-24 13:02 - 2019-03-20 18:50 - 000060360 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2019-12-24 13:02 - 2019-03-20 18:50 - 000036688 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2019-12-24 12:54 - 2019-12-24 12:56 - 000000000 ____D C:\Users\Public\PrivacyPal Sessions
2019-12-24 12:46 - 2019-12-24 12:46 - 000000000 ____D C:\Users\Public\Speedup Sessions
2019-12-24 12:45 - 2019-12-24 12:45 - 000003664 _____ C:\windows\system32\Tasks\AviraSystemSpeedupUpdate
2019-12-24 12:39 - 2019-12-24 12:39 - 000000000 ____D C:\Users\maja\AppData\Roaming\Mozilla
2019-12-24 12:38 - 2019-12-24 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-12-24 12:38 - 2019-12-24 12:57 - 000000000 ____D C:\Program Files\Avira
2019-12-24 12:38 - 2019-12-24 12:38 - 000001146 _____ C:\Users\Public\Desktop\Avira.lnk
2019-12-24 12:38 - 2019-12-24 12:38 - 000001146 _____ C:\ProgramData\Desktop\Avira.lnk
2019-12-24 12:37 - 2019-12-24 12:57 - 000000000 ____D C:\ProgramData\Avira
2019-12-24 12:37 - 2019-12-24 12:37 - 000000000 ____D C:\ProgramData\Package Cache
2019-12-21 21:48 - 2019-12-21 21:48 - 000143208 _____ C:\windows\Minidump\122119-64241-01.dmp
2019-12-21 21:42 - 2019-12-21 21:48 - 000000000 ____D C:\windows\Minidump
2019-12-21 21:42 - 2019-12-21 21:42 - 000143208 _____ C:\windows\Minidump\122119-55349-01.dmp
2019-12-21 21:08 - 2019-12-21 21:16 - 000026598 _____ C:\Users\maja\Desktop\Addition.txt
2019-12-21 20:53 - 2019-12-28 22:38 - 000025260 _____ C:\Users\maja\Desktop\FRST.txt
2019-12-21 20:51 - 2019-12-28 22:35 - 000000000 ____D C:\FRST
2019-12-21 19:57 - 2019-12-28 22:28 - 002000896 _____ (Farbar) C:\Users\maja\Desktop\FRST.exe
2019-12-11 20:19 - 2019-12-11 20:21 - 000000000 ____D C:\windows\rescache
2019-12-11 13:28 - 2019-11-15 02:58 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2019-12-11 13:22 - 2019-12-06 02:40 - 000472064 _____ (Microsoft Corporation) C:\windows\system32\EOSNotify.exe
2019-12-11 13:22 - 2019-11-28 04:33 - 000069048 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2019-12-11 13:22 - 2019-11-28 04:32 - 004061616 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2019-12-11 13:22 - 2019-11-28 04:32 - 003967416 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2019-12-11 13:22 - 2019-11-28 04:32 - 000191416 _____ (Microsoft Corporation) C:\windows\system32\halmacpi.dll
2019-12-11 13:22 - 2019-11-28 04:32 - 000191416 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2019-12-11 13:22 - 2019-11-28 04:32 - 000138192 _____ (Microsoft Corporation) C:\windows\system32\halacpi.dll
2019-12-11 13:22 - 2019-11-28 04:32 - 000137656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2019-12-11 13:22 - 2019-11-28 04:31 - 001316424 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2019-12-11 13:22 - 2019-11-28 04:29 - 000307200 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2019-12-11 13:22 - 2019-11-28 04:02 - 002407424 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2019-12-11 13:22 - 2019-11-26 21:22 - 000532192 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2019-12-11 13:22 - 2019-11-23 07:57 - 000341896 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2019-12-11 13:22 - 2019-11-21 03:16 - 000496640 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2019-12-11 13:22 - 2019-11-19 09:17 - 020290048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2019-12-11 13:22 - 2019-11-19 08:56 - 002304000 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2019-12-11 13:22 - 2019-11-19 08:49 - 000662528 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2019-12-11 13:22 - 2019-11-19 08:43 - 000668160 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2019-12-11 13:22 - 2019-11-19 08:26 - 004112384 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2019-12-11 13:22 - 2019-11-19 08:23 - 002058752 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2019-12-11 13:22 - 2019-11-19 08:22 - 001155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2019-12-11 13:22 - 2019-11-19 08:20 - 013838336 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2019-12-11 13:22 - 2019-11-19 08:05 - 004387840 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2019-12-11 13:22 - 2019-11-19 08:01 - 001331712 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2019-12-11 13:22 - 2019-11-15 03:32 - 000311008 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 001330176 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000583680 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000479232 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000215040 _____ (Microsoft Corporation) C:\windows\system32\icm32.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000111616 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000071680 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2019-12-11 13:22 - 2019-11-15 03:13 - 000448000 _____ (Microsoft Corporation) C:\windows\system32\printfilterpipelinesvc.exe
2019-12-11 13:22 - 2019-11-15 03:13 - 000025088 _____ (Microsoft Corporation) C:\windows\system32\printfilterpipelineprxy.dll
2019-12-11 13:22 - 2019-11-15 02:59 - 000033280 _____ (Microsoft Corporation) C:\windows\system32\WcsPlugInService.dll
2019-12-11 13:22 - 2019-11-15 02:55 - 000258048 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2019-12-11 13:22 - 2019-11-05 22:27 - 000137144 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2019-12-11 13:22 - 2019-10-26 01:17 - 001465344 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 001072640 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000872448 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000812544 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000644096 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000555520 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000294400 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000261632 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000254464 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000223232 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000171008 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000167936 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000141312 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000099840 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000082432 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000070144 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:04 - 000097792 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2019-12-11 13:21 - 2019-11-28 04:04 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2019-12-11 13:21 - 2019-11-28 04:04 - 000029696 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2019-12-11 13:21 - 2019-11-28 04:04 - 000016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2019-12-11 13:21 - 2019-11-28 04:04 - 000009728 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2019-12-11 13:21 - 2019-11-28 04:03 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2019-12-11 13:21 - 2019-11-28 04:02 - 000271360 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2019-12-11 13:21 - 2019-11-28 04:01 - 000262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2019-12-11 13:21 - 2019-11-28 04:01 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2019-12-11 13:21 - 2019-11-28 03:59 - 000317440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000314880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000226304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000126464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000117248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000098816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2019-12-11 13:21 - 2019-11-28 03:57 - 000055296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000053760 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\viac7.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000052736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000052224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000036352 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000035328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\npfs.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2019-12-11 13:21 - 2019-11-28 03:57 - 000015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-12-11 13:21 - 2019-11-19 09:11 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2019-12-11 13:21 - 2019-11-19 09:11 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2019-12-11 13:21 - 2019-11-19 08:59 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2019-12-11 13:21 - 2019-11-19 08:58 - 000341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2019-12-11 13:21 - 2019-11-19 08:58 - 000047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2019-12-11 13:21 - 2019-11-19 08:57 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2019-12-11 13:21 - 2019-11-19 08:53 - 000047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2019-12-11 13:21 - 2019-11-19 08:52 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2019-12-11 13:21 - 2019-11-19 08:50 - 000476160 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2019-12-11 13:21 - 2019-11-19 08:49 - 000620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2019-12-11 13:21 - 2019-11-19 08:49 - 000115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2019-12-11 13:21 - 2019-11-19 08:49 - 000104960 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2019-12-11 13:21 - 2019-11-19 08:40 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2019-12-11 13:21 - 2019-11-19 08:36 - 000073216 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2019-12-11 13:21 - 2019-11-19 08:36 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2019-12-11 13:21 - 2019-11-19 08:35 - 000091136 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2019-12-11 13:21 - 2019-11-19 08:33 - 000168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2019-12-11 13:21 - 2019-11-19 08:33 - 000076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2019-12-11 13:21 - 2019-11-19 08:31 - 000279040 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2019-12-11 13:21 - 2019-11-19 08:30 - 000130048 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2019-12-11 13:21 - 2019-11-19 08:24 - 000230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2019-12-11 13:21 - 2019-11-19 08:23 - 000696320 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2019-12-11 13:21 - 2019-11-19 08:23 - 000692224 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2019-12-11 13:21 - 2019-11-19 08:00 - 000710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 001425920 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 000380928 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 000010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2019-12-11 13:21 - 2019-11-15 03:04 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll
2019-12-11 13:21 - 2019-11-15 02:59 - 000034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2019-12-04 13:25 - 2019-12-04 13:25 - 000031032 _____ (The OpenVPN Project) C:\windows\system32\Drivers\phantomtap.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-28 22:23 - 2009-07-14 05:34 - 000016160 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-28 22:23 - 2009-07-14 05:34 - 000016160 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-28 22:08 - 2009-07-14 05:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-12-27 22:52 - 2017-09-28 17:23 - 000001187 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-12-27 22:52 - 2017-09-28 17:23 - 000001187 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2019-12-27 22:52 - 2017-09-28 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-12-27 22:25 - 2012-01-05 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2019-12-27 22:25 - 2012-01-05 20:53 - 000000000 ____D C:\Program Files\Asus
2019-12-27 21:33 - 2012-01-05 20:56 - 000000000 ____D C:\windows\system32\Macromed
2019-12-27 21:24 - 2009-07-14 05:33 - 000357888 _____ C:\windows\system32\FNTCACHE.DAT
2019-12-24 13:06 - 2012-06-18 18:39 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-24 13:06 - 2012-06-18 18:39 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-24 13:06 - 2012-06-18 18:39 - 000002129 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-12-24 12:51 - 2012-06-18 18:15 - 000088256 _____ C:\Users\maja\AppData\Local\GDIPFONTCACHEV1.DAT
2019-12-24 12:49 - 2009-07-14 03:37 - 000000000 ____D C:\windows\inf
2019-12-24 11:56 - 2019-05-11 13:40 - 000000000 ____D C:\Users\maja\AppData\Local\Spotify
2019-12-24 11:36 - 2019-05-11 13:39 - 000000000 ____D C:\Users\maja\AppData\Roaming\Spotify
2019-12-21 21:47 - 2013-07-22 20:40 - 424082409 _____ C:\windows\MEMORY.DMP
2019-12-18 21:13 - 2018-01-09 20:44 - 000004174 _____ C:\windows\system32\Tasks\Avast Emergency Update
2019-12-18 09:31 - 2011-02-16 18:02 - 000693138 _____ C:\windows\system32\perfh005.dat
2019-12-18 09:31 - 2011-02-16 18:02 - 000149892 _____ C:\windows\system32\perfc005.dat
2019-12-18 09:31 - 2009-07-27 11:11 - 001641976 _____ C:\windows\system32\PerfStringBackup.INI
2019-12-14 00:32 - 2012-06-18 18:38 - 000003376 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-14 00:32 - 2012-06-18 18:38 - 000003248 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-11 17:06 - 2013-09-18 14:21 - 000000000 ____D C:\windows\system32\MRT
2019-12-11 16:49 - 2012-06-19 20:53 - 126061744 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2019-12-02 20:37 - 2009-07-14 05:53 - 000032584 _____ C:\windows\Tasks\SCHEDLGU.TXT
2019-12-01 11:04 - 2012-06-18 18:37 - 000000000 ____D C:\Program Files\Google
2019-11-29 00:45 - 2019-07-28 11:03 - 000000000 ____D C:\Users\maja\AppData\Roaming\vlc
==================== Files in the root of some directories ========
2012-07-13 20:47 - 2012-08-01 18:15 - 000004608 _____ () C:\Users\maja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-12-24 14:02
==================== End of FRST.txt ========================
-
romcolahvac
- Návštěvník
- Příspěvky: 186
- Registrován: 23 pro 2008 00:30
Re: Prosím o preventivní kontrolu logu
A ještě bych Vás rád požádal radu, jak odstranit avast antivirus, nikterak se mi to nedaří. Chci ho odstranit, protože jsem přešel na antivirus AVIRA. Děkuji
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu logu
Otevřte poznámkový blok a zkopírujte do něj:
K odinstalaci Avastu použijte uninstaler od výrobce: https://www.avast.com/cs-cz/uninstall-utility .
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\MountPoints2: {d976b0aa-b975-11e1-9f16-c86000283925} - "F:\WD SmartWare.exe" autoplay=true
Task: {5CF3F392-A911-4BAF-8020-B4E549587B66} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-03-05] (Google Inc -> Google Inc.)
Task: {803560C3-6BA7-4816-B0FF-C208273EB071} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-03-05] (Google Inc -> Google Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3898336196-934405070-3867738441-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3898336196-934405070-3867738441-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1_S-1-5-21-3898336196-934405070-3867738441-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\ContextMenu.dll -> No File
FirewallRules: [TCP Query User{76CAC69A-71D5-423F-A4FD-BE592A3AD2DB}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [UDP Query User{036DFA49-D764-4D40-9F69-1A34D20FADF9}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [TCP Query User{5BAE9C57-28FF-4644-95D8-C85940D20359}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [UDP Query User{6E9DDEFF-FAC7-44FD-ABFD-8691E15EF4DA}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
EmptyTemp:
End
K odinstalaci Avastu použijte uninstaler od výrobce: https://www.avast.com/cs-cz/uninstall-utility .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
romcolahvac
- Návštěvník
- Příspěvky: 186
- Registrován: 23 pro 2008 00:30
Re: Prosím o preventivní kontrolu logu
Dobrý den, provedeno, zde je log. K té odinstalaci: nedaří se mi to,není jiná varianta? děkuji.
Fix result of Farbar Recovery Scan Tool (x86) Version: 28-12-2019
Ran by maja (29-12-2019 15:28:01) Run:1
Running from C:\Users\maja\Desktop
Loaded Profiles: maja (Available Profiles: maja)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\MountPoints2: {d976b0aa-b975-11e1-9f16-c86000283925} - "F:\WD SmartWare.exe" autoplay=true
Task: {5CF3F392-A911-4BAF-8020-B4E549587B66} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-03-05] (Google Inc -> Google Inc.)
Task: {803560C3-6BA7-4816-B0FF-C208273EB071} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-03-05] (Google Inc -> Google Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3898336196-934405070-3867738441-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3898336196-934405070-3867738441-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1_S-1-5-21-3898336196-934405070-3867738441-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\ContextMenu.dll -> No File
FirewallRules: [TCP Query User{76CAC69A-71D5-423F-A4FD-BE592A3AD2DB}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [UDP Query User{036DFA49-D764-4D40-9F69-1A34D20FADF9}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [TCP Query User{5BAE9C57-28FF-4644-95D8-C85940D20359}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [UDP Query User{6E9DDEFF-FAC7-44FD-ABFD-8691E15EF4DA}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => removed successfully.
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d976b0aa-b975-11e1-9f16-c86000283925} => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5CF3F392-A911-4BAF-8020-B4E549587B66}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CF3F392-A911-4BAF-8020-B4E549587B66}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{803560C3-6BA7-4816-B0FF-C208273EB071}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{803560C3-6BA7-4816-B0FF-C208273EB071}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully.
"HKU\S-1-5-21-3898336196-934405070-3867738441-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully.
"C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully.
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\Software\Classes\*\ShellEx\ContextMenuHandlers\CloudStation.SyncFolderContextMenu => removed successfully.
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\SOFTWARE\Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237} => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{76CAC69A-71D5-423F-A4FD-BE592A3AD2DB}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{036DFA49-D764-4D40-9F69-1A34D20FADF9}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5BAE9C57-28FF-4644-95D8-C85940D20359}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6E9DDEFF-FAC7-44FD-ABFD-8691E15EF4DA}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe" => removed successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 75948563 B
Java, Flash, Steam htmlcache => 2755 B
Windows/system/drivers => 2364626204 B
Edge => 0 B
Chrome => 97352625 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 526290 B
Public => 526290 B
ProgramData => 526290 B
systemprofile => 51026658 B
LocalService => 51026658 B
NetworkService => 51163658 B
maja => 3010263811 B
RecycleBin => 0 B
EmptyTemp: => 5.3 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 15:34:06 ====
Fix result of Farbar Recovery Scan Tool (x86) Version: 28-12-2019
Ran by maja (29-12-2019 15:28:01) Run:1
Running from C:\Users\maja\Desktop
Loaded Profiles: maja (Available Profiles: maja)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\MountPoints2: {d976b0aa-b975-11e1-9f16-c86000283925} - "F:\WD SmartWare.exe" autoplay=true
Task: {5CF3F392-A911-4BAF-8020-B4E549587B66} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-03-05] (Google Inc -> Google Inc.)
Task: {803560C3-6BA7-4816-B0FF-C208273EB071} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-03-05] (Google Inc -> Google Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3898336196-934405070-3867738441-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3898336196-934405070-3867738441-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1_S-1-5-21-3898336196-934405070-3867738441-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\ContextMenu.dll -> No File
FirewallRules: [TCP Query User{76CAC69A-71D5-423F-A4FD-BE592A3AD2DB}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [UDP Query User{036DFA49-D764-4D40-9F69-1A34D20FADF9}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [TCP Query User{5BAE9C57-28FF-4644-95D8-C85940D20359}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [UDP Query User{6E9DDEFF-FAC7-44FD-ABFD-8691E15EF4DA}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => removed successfully.
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d976b0aa-b975-11e1-9f16-c86000283925} => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5CF3F392-A911-4BAF-8020-B4E549587B66}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CF3F392-A911-4BAF-8020-B4E549587B66}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{803560C3-6BA7-4816-B0FF-C208273EB071}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{803560C3-6BA7-4816-B0FF-C208273EB071}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully.
"HKU\S-1-5-21-3898336196-934405070-3867738441-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully.
"C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully.
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\Software\Classes\*\ShellEx\ContextMenuHandlers\CloudStation.SyncFolderContextMenu => removed successfully.
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\SOFTWARE\Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237} => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{76CAC69A-71D5-423F-A4FD-BE592A3AD2DB}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{036DFA49-D764-4D40-9F69-1A34D20FADF9}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5BAE9C57-28FF-4644-95D8-C85940D20359}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6E9DDEFF-FAC7-44FD-ABFD-8691E15EF4DA}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe" => removed successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 75948563 B
Java, Flash, Steam htmlcache => 2755 B
Windows/system/drivers => 2364626204 B
Edge => 0 B
Chrome => 97352625 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 526290 B
Public => 526290 B
ProgramData => 526290 B
systemprofile => 51026658 B
LocalService => 51026658 B
NetworkService => 51163658 B
maja => 3010263811 B
RecycleBin => 0 B
EmptyTemp: => 5.3 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 15:34:06 ====
-
romcolahvac
- Návštěvník
- Příspěvky: 186
- Registrován: 23 pro 2008 00:30
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu logu
Smazáno, log již bude zřejmě čistý. Ta hláška vyskakuje i po požití odinstalátoru?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
romcolahvac
- Návštěvník
- Příspěvky: 186
- Registrován: 23 pro 2008 00:30
Re: Prosím o preventivní kontrolu logu
Super. Děkuji za všechny opravy. Co tam nakonec bylo?
K obrázku: vyskakuje to právě s uninstalleru od avastu. Bez něho vůbec v ovládacích panelech kde se odebírají programy nelze najít!!!!
Děkuji za radu.
K obrázku: vyskakuje to právě s uninstalleru od avastu. Bez něho vůbec v ovládacích panelech kde se odebírají programy nelze najít!!!!
Děkuji za radu.
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu logu
AdWare OpenCandy a nějaké zbytečnosti. Zkuste ten uninstaller spustit v nouz. režimu. Tohle jsem neviděl.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
romcolahvac
- Návštěvník
- Příspěvky: 186
- Registrován: 23 pro 2008 00:30
Re: Prosím o preventivní kontrolu logu
Dobrý den, tak ani v nouzovém režimu se to nepodařilo a znovu naskočilo stejné okno. Jsem zoufalý, protože avast si žádá aktualizace a prodloužení účtu a nejde s tím nic dělat. Takže je to bludný kruh. Bylo by zapotřebí ho násilně odebrat, neexistuje nějaká cesta? Děkuji moc za radu.
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu logu
Potom je instalace Avastu poškozena zřejmě natolik, že s ní nehne ani jejich odinstalátor. Budete se muset obrátit sem: https://forum.avast.com/index.php?board=30.0 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?