Kontrola logu - pomalé NTB Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

macwix
Level 1
Level 1
Příspěvky: 57
Registrován: listopad 10
Pohlaví: Muž

Kontrola logu - pomalé NTB

Příspěvekod macwix » 03 bře 2019 16:09

Ahoj,
prosím o kontrolu logu, mám velice zpomalený notebook.
Děkuji moc.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:05:07, on 3. 3. 2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17037)

FIREFOX: 65.0.2 (x86 cs)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
C:\Users\mamka Blanka\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll
O4 - HKLM\..\Run: [abDocsDllLoader] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKLM\..\Run: [ACSW21EN] "C:\Program Files (x86)\ACD Systems\ACDSee\21.0\acdIDInTouch2.exe"
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [AVGUI.exe] "C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ACDSeeCommander20] C:\Program Files (x86)\ACD Systems\ACDSee\20.0\ACDSeeCommander20.exe
O4 - HKCU\..\Run: [ACDSeeCommanderStd20] C:\Program Files (x86)\ACD Systems\ACDSee\21.0\ACDSeeCommander21.exe
O4 - HKCU\..\Run: [ACDSeeCommander21] C:\Program Files (x86)\ACD Systems\ACDSee\21.0\ACDSeeCommander21.exe
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O8 - Extra context menu item: Download linked video with MP4 Downloader - res://C:\Program Files (x86)\Tomabo\MP4 Converter\MP4D_IE.dll/301
O8 - Extra context menu item: Download video with MP4 Downloader - res://C:\Program Files (x86)\Tomabo\MP4 Converter\MP4D_IE.dll/300
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Download Video - {7EB7296C-BEA5-444A-AAAA-1DF97CA6CB6E} - res://C:\Program Files (x86)\Tomabo\MP4 Converter\MP4D_IE.dll/300 (file missing)
O9 - Extra 'Tools' menuitem: Download video with MP4 Downloader - {7EB7296C-BEA5-444A-AAAA-1DF97CA6CB6E} - res://C:\Program Files (x86)\Tomabo\MP4 Converter\MP4D_IE.dll/300 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {971FC730-55F1-461F-83FD-B3BF5E1F039E} (AMCCtrl Class) - http://10.0.0.254/AVC_AX_742.cab
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: Intel(R) Technology Access Software Asset Manager (Intel(R) TA SAM) - Intel Corporation - C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: Intel(R) Technology Access Legacy CS Loader (Intel(R) TechnologyAccessLegacyCSLoader) - Intel(R) Corporation - C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
O23 - Service: Intel(R) Technology Access Service (Intel(R) TechnologyAccessService) - Intel(R) Corporation - C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Quick Access Service (QASvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: Quick Access RadioMgr Service (RMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12322 bytes



Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39523
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontrola logu - pomalé NTB

Příspěvekod jaro3 » 03 bře 2019 19:32

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/

Ulož si ho na svojí plochu . Klikni na „Souhlasím“ k povrzení podmínek.
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Skenování“
Po skenu se objeví log , který se otevře. ( jinak je uložen systémovem disku jako C:\AdwCleaner [C?].txt ), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware na plochu , nainstaluj a spusť ho
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Spustit skenování
- po proběhnutí skenu se ti objeví hláška vpravo dole, tak klikni na Zobrazit zprávu a vyber Export a vyber Kopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož.
-jinak se log nachází v programu po kliknutí na „Zprávy“ , nebo je uložen zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
Diallix
Level 2
Level 2
Příspěvky: 166
Registrován: říjen 08
Pohlaví: Nespecifikováno

Re: Kontrola logu - pomalé NTB

Příspěvekod Diallix » 03 bře 2019 21:58

Dobry den.

Po vykonani horeuvedenych postupov, prosim, urobte este nasledovne:


- Stiahnite nastroj FRST, 32/64 bitovy, podla vasho systemu odtialto: https://www.bleepingcomputer.com/downlo ... scan-tool/
- Ulozte program FRST na plochu.
- Spustite program FRST a v okne Whitelist oznacte chlieviky Registry, Services, Drivers, Processes, Internet a v okne Optional Scan oznacte Addition.txt.
- Pokracujte tlacidlom Scan.
- Zacne sken, ktory moze trvat istu chvilu.
- Po skene sem vlozte logy: FRST + ADDITION
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu:CyberSecurity UNIT
----
Bezpečnostná autorita fóra viry.cz Certifikát
----
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

macwix
Level 1
Level 1
Příspěvky: 57
Registrován: listopad 10
Pohlaví: Muž

Re: Kontrola logu - pomalé NTB

Příspěvekod macwix » 11 bře 2019 13:10

Ahoj oběma,
posílám výsledky.

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-03-04.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-11-2019
# Duration: 00:00:08
# OS: Windows 8.1 Connected
# Cleaned: 7
# Failed: 2


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\mamka Blanka\AppData\Roaming\Seznam.cz

***** [ Files ] *****

Deleted C:\Users\mamka Blanka\Favorites\Booking.com.url
Deleted C:\Users\mamka Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\7vu01vy5.default\invalidprefs.js

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\pokki
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM2
Deleted HKCU\Software\Seznam.cz

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Not Deleted mysearch.avg.com
Not Deleted mysearch.avg.com


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1805 octets] - [11/03/2019 12:06:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########



Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 11.03.19
Čas skenování: 12:23
Logovací soubor: 0c283950-43f0-11e9-972b-0250f224e78d.json

-Informace o softwaru-
Verze: 3.7.1.2839
Verze komponentů: 1.0.538
Aktualizovat verzi balíku komponent: 1.0.9630
Licence: Zkušební

-Systémová informace-
OS: Windows 8.1
CPU: x64
Systém souborů: NTFS
Uživatel: BLANKA\mamka Blanka

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 259733
Zjištěné hrozby: 0
Hrozby umístěné do karantény: 0
Uplynulý čas: 15 min, 44 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.03.2019 01
Ran by mamka Blanka (administrator) on BLANKA (11-03-2019 12:47:47)
Running from C:\Users\mamka Blanka\Desktop
Loaded Profiles: mamka Blanka (Available Profiles: mamka Blanka)
Platform: Windows 8.1 Connected (Update) (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) Technology Access -> Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Intel(R) Technology Access -> Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Incorporated -> Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporated -> acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Failed to access process -> MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Live Updater\updater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\SDXHelper.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\Common Files\AVG\Overseer\overseer.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [307632 2019-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90368 2014-11-20] (Acer Incorporated -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKLM-x32\...\Run: [ACSW21EN] => C:\Program Files (x86)\ACD Systems\ACDSee\21.0\acdIDInTouch2.exe [1854416 2017-10-11] (ACD Systems International Inc. -> ACD Systems)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [307632 2019-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKU\S-1-5-21-4014956357-3707534637-2810121870-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-4014956357-3707534637-2810121870-1001\...\Run: [ACDSeeCommander20] => C:\Program Files (x86)\ACD Systems\ACDSee\20.0\ACDSeeCommander20.exe
HKU\S-1-5-21-4014956357-3707534637-2810121870-1001\...\Run: [ACDSeeCommanderStd20] => C:\Program Files (x86)\ACD Systems\ACDSee\21.0\ACDSeeCommander21.exe [4814800 2017-12-01] (ACD Systems International Inc. -> )
HKU\S-1-5-21-4014956357-3707534637-2810121870-1001\...\Run: [ACDSeeCommander21] => C:\Program Files (x86)\ACD Systems\ACDSee\21.0\ACDSeeCommander21.exe [4814800 2017-12-01] (ACD Systems International Inc. -> )
HKLM\...\Drivers32: [VIDC.WMV3] => C:\Windows\SysWOW64\wmv9vcm.dll [1415680 2003-06-23] (Microsoft Corporation) [File not signed]
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-07] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> c:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll [2013-09-05] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
Startup: C:\Users\mamka Blanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2017-07-03]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{65BEBC96-D1BB-4AE8-8BEA-29862AC45D8D}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{874834F2-512C-43D4-BFBD-C6B0A248A91B}: [DhcpNameServer] 81.25.16.250 81.25.28.250

Internet Explorer:
==================
HKU\S-1-5-21-4014956357-3707534637-2810121870-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
SearchScopes: HKU\S-1-5-21-4014956357-3707534637-2810121870-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4014956357-3707534637-2810121870-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4014956357-3707534637-2810121870-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4014956357-3707534637-2810121870-1001 -> {58F5E6E3-D497-4491-92CD-40AB21FE63A5} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-02] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {971FC730-55F1-461F-83FD-B3BF5E1F039E} hxxp://10.0.0.254/AVC_AX_742.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 7vu01vy5.default
FF ProfilePath: C:\Users\mamka Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\7vu01vy5.default [2019-03-11]
FF NewTab: Mozilla\Firefox\Profiles\7vu01vy5.default -> about:newtab
FF HKLM-x32\...\Firefox\Extensions: [{8B1E27AE-119E-456b-B22E-08C61FACB097}] - C:\Program Files (x86)\Tomabo\MP4 Converter\MP4D_FF.xpi
FF Extension: (MP4 Downloader Extension) - C:\Program Files (x86)\Tomabo\MP4 Converter\MP4D_FF.xpi [2016-07-26] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-02-12] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-12] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\mamka Blanka\AppData\Local\Google\Chrome\User Data\Default [2019-03-03]
CHR Extension: (Prezentace) - C:\Users\mamka Blanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-18]
CHR Extension: (Dokumenty) - C:\Users\mamka Blanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-24]
CHR Extension: (Disk Google) - C:\Users\mamka Blanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-04-24]
CHR Extension: (YouTube) - C:\Users\mamka Blanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-04-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\mamka Blanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\mamka Blanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-18]
CHR Extension: (Gmail) - C:\Users\mamka Blanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\mamka Blanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-03]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [357360 2019-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [6807360 2019-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-04-18] (Acer Incorporated -> Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-01] (Microsoft Corporation -> Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated -> Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 Intel(R) TA SAM; C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-08-12] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [153296 2016-04-26] (Intel(R) Technology Access -> Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [478416 2016-04-26] (Intel(R) Technology Access -> Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-03-17] (Acer Incorporated -> Acer Incorporate)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-04-28] (Acer Incorporated -> Acer Incorporate)
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-04-28] (Acer Incorporated -> Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-25] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2014-08-15] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-08-15] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [37368 2019-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [205656 2019-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [226448 2019-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [196848 2019-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgblog.sys [320960 2019-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [58008 2019-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [42552 2019-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [167560 2019-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [112568 2019-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [88208 2019-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1034184 2019-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [474712 2019-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [217040 2019-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [380208 2019-03-11] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 BrSerIb; C:\Windows\system32\DRIVERS\BrSerIb.sys [95344 2012-07-31] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BrUsbSIb; C:\Windows\system32\DRIVERS\BrUsbSIb.sys [21872 2012-06-22] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [3729920 2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated -> Acer Incorporated)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-03-11] (Malwarebytes Corporation -> Malwarebytes)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel(R) Technology Access -> Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel(R) Technology Access -> Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated -> Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [461528 2013-12-20] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated -> Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-08-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [237400 2014-08-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2014-08-15] (Microsoft Windows -> Microsoft Corporation)
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-11 12:47 - 2019-03-11 12:50 - 000024339 _____ C:\Users\mamka Blanka\Desktop\FRST.txt
2019-03-11 12:47 - 2019-03-11 12:47 - 000000000 ____D C:\FRST
2019-03-11 12:45 - 2019-03-11 12:45 - 002434560 _____ (Farbar) C:\Users\mamka Blanka\Desktop\FRST64.exe
2019-03-11 12:39 - 2019-03-11 12:39 - 000001656 _____ C:\Users\mamka Blanka\Desktop\malware.txt
2019-03-11 12:22 - 2019-03-11 12:22 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-03-11 12:22 - 2019-03-11 12:22 - 000000000 ____D C:\Users\mamka Blanka\AppData\Local\mbamtray
2019-03-11 12:22 - 2019-03-11 12:22 - 000000000 ____D C:\Users\mamka Blanka\AppData\Local\mbam
2019-03-11 12:21 - 2019-03-11 12:21 - 000001887 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-03-11 12:21 - 2019-03-11 12:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-03-11 12:21 - 2019-03-11 12:21 - 000000000 ____D C:\Program Files\Malwarebytes
2019-03-11 12:21 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-03-11 12:12 - 2019-03-11 12:12 - 000001821 _____ C:\Users\mamka Blanka\Desktop\AdwCleaner[C00].txt
2019-03-11 12:04 - 2019-03-11 12:08 - 000000000 ____D C:\AdwCleaner
2019-03-11 11:59 - 2019-03-11 12:00 - 007316688 _____ (Malwarebytes) C:\Users\mamka Blanka\Desktop\AdwCleaner.exe
2019-03-11 11:39 - 2019-03-11 11:40 - 000448512 _____ (OldTimer Tools) C:\Users\mamka Blanka\Desktop\TFC.exe
2019-03-11 11:29 - 2019-03-11 11:29 - 000050688 _____ (Atribune.org) C:\Users\mamka Blanka\Downloads\ATF-Cleaner.exe
2019-03-09 15:42 - 2019-03-09 15:42 - 000120626 _____ C:\Users\mamka Blanka\Downloads\Dokument bez názvu(1).pdf
2019-03-09 07:57 - 2019-03-09 07:57 - 000002466 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-03-09 07:57 - 2019-03-09 07:57 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-03-09 07:57 - 2019-03-09 07:57 - 000002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-03-09 07:57 - 2019-03-09 07:57 - 000002432 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-03-09 07:57 - 2019-03-09 07:57 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-03-09 07:57 - 2019-03-09 07:57 - 000002358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-03-09 07:57 - 2019-03-09 07:57 - 000002354 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-03-09 07:57 - 2019-03-09 07:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-03-03 16:02 - 2019-03-03 16:02 - 000388608 _____ (Trend Micro Inc.) C:\Users\mamka Blanka\Desktop\HijackThis.exe
2019-02-22 19:48 - 2019-02-22 21:36 - 1151542731 _____ C:\Users\mamka Blanka\Downloads\Spion, ktery mi dal kopacky 2018 CZ Dabing.mp4
2019-02-20 16:27 - 2019-02-20 16:27 - 002174798 _____ C:\Users\mamka Blanka\Downloads\017.BMP
2019-02-19 16:47 - 2019-02-19 16:47 - 000362928 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2019-02-17 18:58 - 2019-02-17 21:45 - 1510562788 _____ C:\Users\mamka Blanka\Downloads\Přání smrti 2018 (CZ dabing).mp4
2019-02-16 09:54 - 2019-02-16 11:53 - 1312372017 _____ C:\Users\mamka Blanka\Downloads\Upgrade 2018 CZ Dabing.mp4
2019-02-10 11:11 - 2019-02-10 11:11 - 000001222 _____ C:\Users\mamka Blanka\Desktop\Scan data z tiskárny.lnk
2019-02-10 10:22 - 2019-02-10 10:22 - 000083074 _____ C:\Users\mamka Blanka\Downloads\Predavaci_protokol.pdf
2019-02-10 10:22 - 2019-02-10 10:22 - 000077229 _____ C:\Users\mamka Blanka\Downloads\Cestne_prohlaseni.pdf
2019-02-10 10:21 - 2019-02-10 10:21 - 000070074 _____ C:\Users\mamka Blanka\Downloads\Plna_moc_CEZ_distribuce.pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-11 12:47 - 2016-11-18 07:33 - 000000000 ____D C:\Users\mamka Blanka\AppData\LocalLow\Mozilla
2019-03-11 12:45 - 2015-12-15 07:37 - 006052352 ___SH C:\Users\mamka Blanka\Downloads\Thumbs.db
2019-03-11 12:22 - 2015-07-29 11:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-11 12:15 - 2014-12-09 18:19 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4014956357-3707534637-2810121870-1001
2019-03-11 12:11 - 2015-04-27 14:38 - 000000000 __RDO C:\Users\mamka Blanka\OneDrive
2019-03-11 12:09 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-11 12:09 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-03-11 11:55 - 2015-01-24 13:57 - 007411200 ___SH C:\Users\mamka Blanka\Desktop\Thumbs.db
2019-03-11 11:33 - 2016-08-19 09:48 - 000000000 ____D C:\Users\mamka Blanka\AppData\Local\ACD Systems
2019-03-11 11:02 - 2016-10-14 06:54 - 000000000 ____D C:\Users\mamka Blanka\Desktop\Mp3
2019-03-11 08:35 - 2017-04-23 06:45 - 000380208 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2019-03-10 21:23 - 2017-07-26 08:30 - 000003182 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4014956357-3707534637-2810121870-1001
2019-03-10 21:22 - 2017-01-26 09:50 - 000002387 _____ C:\Users\mamka Blanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2019-03-09 23:48 - 2014-12-09 18:12 - 000000000 ____D C:\Users\mamka Blanka
2019-03-09 15:45 - 2017-02-02 20:07 - 000000000 ____D C:\Users\mamka Blanka\Desktop\NvN
2019-03-09 12:54 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2019-03-09 08:09 - 2013-08-22 16:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-09 08:05 - 2016-11-17 21:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-03-09 08:05 - 2014-12-26 17:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-09 07:54 - 2014-08-15 16:27 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-03-07 08:23 - 2018-04-18 07:28 - 000002208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-07 08:23 - 2018-04-18 07:28 - 000002167 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-05 16:55 - 2018-09-13 08:27 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-03-05 16:55 - 2017-12-21 11:14 - 000003386 _____ C:\Windows\System32\Tasks\{F2437D35-B638-4C65-97A1-0B1AA94624A1}
2019-03-05 16:55 - 2015-03-31 13:13 - 000003094 _____ C:\Windows\System32\Tasks\{9BF22518-26A5-42C6-950B-8F778881B9DF}
2019-03-05 16:55 - 2015-03-10 12:59 - 000003086 _____ C:\Windows\System32\Tasks\{41C49F0C-EC94-400A-AB14-4727A9746D32}
2019-03-05 16:55 - 2015-01-23 13:05 - 000003116 _____ C:\Windows\System32\Tasks\{7FC763E8-3D48-495A-BF6F-4FABA3858CC4}
2019-03-05 16:55 - 2014-08-15 16:26 - 000003268 _____ C:\Windows\System32\Tasks\UbtFrameworkService
2019-03-05 16:54 - 2018-04-18 07:27 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-05 16:54 - 2018-04-18 07:27 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-05 16:54 - 2018-03-13 13:51 - 000004538 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-05 16:54 - 2017-10-20 09:17 - 000003228 _____ C:\Windows\System32\Tasks\klcp_update
2019-03-05 16:54 - 2017-09-23 16:27 - 000003704 _____ C:\Windows\System32\Tasks\Java Platform SE Auto Updater
2019-03-05 16:54 - 2017-04-23 06:46 - 000004174 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2019-03-05 16:54 - 2017-01-08 18:00 - 000003512 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-blanka.bejrova@seznam.cz
2019-03-05 16:54 - 2016-05-06 06:38 - 000003442 _____ C:\Windows\System32\Tasks\BacKGroundAgent
2019-03-05 16:54 - 2015-09-11 10:38 - 000003746 _____ C:\Windows\System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d
2019-03-05 16:54 - 2015-09-11 10:38 - 000003500 _____ C:\Windows\System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon
2019-03-05 16:54 - 2015-04-18 12:19 - 000004372 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-03-05 16:54 - 2015-02-28 08:37 - 000003718 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2019-03-05 16:54 - 2015-02-28 08:37 - 000003476 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2019-03-05 16:54 - 2014-08-15 16:34 - 000003336 _____ C:\Windows\System32\Tasks\AcerCloud
2019-03-05 16:54 - 2014-08-15 16:21 - 000003016 _____ C:\Windows\System32\Tasks\Quick Access Quick Launcher
2019-03-05 16:54 - 2014-08-15 16:21 - 000002896 _____ C:\Windows\System32\Tasks\Quick Access
2019-03-05 16:54 - 2014-08-15 16:17 - 000002930 _____ C:\Windows\System32\Tasks\Power Management
2019-03-05 16:54 - 2014-08-15 16:14 - 000002904 _____ C:\Windows\System32\Tasks\Launch Manager
2019-03-05 16:54 - 2014-08-15 15:13 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4014956357-3707534637-2810121870-500
2019-03-05 16:54 - 2014-06-03 11:21 - 000004402 _____ C:\Windows\System32\Tasks\ALUAgent
2019-03-05 16:54 - 2014-06-03 11:21 - 000003628 _____ C:\Windows\System32\Tasks\ALU
2019-03-05 09:54 - 2017-10-17 08:25 - 000000000 ____D C:\Users\mamka Blanka\AppData\Roaming\Tomabo
2019-03-02 20:31 - 2017-03-19 18:44 - 000000000 ____D C:\Users\mamka Blanka\Desktop\tomas
2019-03-02 20:29 - 2014-12-09 18:13 - 000000000 ____D C:\Users\mamka Blanka\AppData\Local\Packages
2019-03-02 20:28 - 2018-06-26 18:47 - 000000000 ____D C:\Users\mamka Blanka\Desktop\Domácnost
2019-03-02 20:26 - 2017-02-02 20:08 - 000000000 ____D C:\Users\mamka Blanka\Desktop\RD
2019-03-02 20:25 - 2018-04-01 10:57 - 000000000 ____D C:\Users\mamka Blanka\Desktop\Build
2019-03-02 20:25 - 2016-10-30 19:51 - 000000000 ____D C:\Users\mamka Blanka\Desktop\Obchod
2019-03-02 20:22 - 2017-02-02 20:05 - 000000000 ____D C:\Users\mamka Blanka\Desktop\Energie
2019-03-01 18:33 - 2014-12-26 17:27 - 000001179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-02-22 17:16 - 2016-07-11 16:04 - 000191488 ___SH C:\Users\mamka Blanka\Documents\Thumbs.db
2019-02-19 16:49 - 2017-04-23 06:45 - 000474712 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2019-02-19 16:47 - 2019-01-20 19:58 - 000226448 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2019-02-19 16:47 - 2019-01-19 10:07 - 000320960 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgblog.sys
2019-02-19 16:47 - 2019-01-19 10:07 - 000196848 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2019-02-19 16:47 - 2019-01-19 10:07 - 000058008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2019-02-19 16:47 - 2019-01-19 10:07 - 000037368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys
2019-02-19 16:47 - 2018-10-24 09:39 - 000042552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2019-02-19 16:47 - 2017-11-28 15:51 - 000205656 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2019-02-19 16:47 - 2017-04-23 06:45 - 001034184 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2019-02-19 16:47 - 2017-04-23 06:45 - 000217040 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2019-02-19 16:47 - 2017-04-23 06:45 - 000167560 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2019-02-19 16:47 - 2017-04-23 06:45 - 000112568 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2019-02-19 16:47 - 2017-04-23 06:45 - 000088208 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2019-02-13 11:21 - 2017-08-03 14:30 - 000000000 _____ C:\Windows\system32\last.dump
2019-02-12 09:35 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-02-12 09:35 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\Macromed

==================== Files in the root of some directories =======

2017-02-05 11:44 - 2017-02-05 11:50 - 000000132 _____ () C:\Users\mamka Blanka\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2017-10-20 09:18 - 2017-12-30 11:28 - 000003584 _____ () C:\Users\mamka Blanka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-04-06 15:19 - 2018-04-06 15:19 - 000005324 _____ () C:\Users\mamka Blanka\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-09 21:06

==================== End of FRST.txt ============================

macwix
Level 1
Level 1
Příspěvky: 57
Registrován: listopad 10
Pohlaví: Muž

Re: Kontrola logu - pomalé NTB

Příspěvekod macwix » 11 bře 2019 13:12


Additional
scan result of Farbar Recovery Scan Tool (x64) Version: 09.03.2019 01
Ran by mamka Blanka (11-03-2019 12:51:28)
Running from C:\Users\mamka Blanka\Desktop
Windows 8.1 Connected (Update) (X64) (2014-12-09 17:11:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4014956357-3707534637-2810121870-500 - Administrator - Disabled)
Guest (S-1-5-21-4014956357-3707534637-2810121870-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4014956357-3707534637-2810121870-1003 - Limited - Enabled)
mamka Blanka (S-1-5-21-4014956357-3707534637-2810121870-1001 - Administrator - Enabled) => C:\Users\mamka Blanka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.05.2003 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.06.2001.3 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.07.2001.5 - Acer Incorporated)
ACDSee Photo Studio Standard 2018 (HKLM\...\{A1E4FA4A-2B1F-453F-820D-3268632A8434}) (Version: 21.1.0.791 - ACD Systems International Inc.)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8105 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.04.2007 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8104 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3014.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AGEIA PhysX v7.11.13 (HKLM-x32\...\{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}) (Version: 7.11.13 - AGEIA Technologies, Inc.)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.17.2002.1 - Acer Incorporated)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.2.3079 - AVG Technologies)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-J5910DW (HKLM-x32\...\{830F55B6-4398-4B72-A0D8-66397B902C0E}) (Version: 1.1.1.0 - Brother Industries, Ltd.)
Data_Manager (HKLM-x32\...\{73D7ED85-C875-11D9-8904-000C76EFEA2C}) (Version: 1.00.0000 - NOVUM)
Duke Nukem 3D Twentieth Anniversary World Tour (HKLM-x32\...\Duke Nukem 3D Twentieth Anniversary World Tour_is1) (Version: - )
FOTOLAB CEWE fotosvet (HKLM-x32\...\FOTOLAB CEWE fotosvet) (Version: 6.3.5 - CEWE Stiftung u Co. KGaA)
GoldWave v6.24 (HKLM\...\GoldWave v6.24) (Version: 6.24 - GoldWave Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{5454083B-1308-4485-BF17-1110000D8301}) (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Inkscape 0.91 (HKLM-x32\...\Inkscape) (Version: 0.91 - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{810dff4d-564d-47da-b8bc-a3729815aab7}) (Version: 1.9.1.1008 - Intel Corporation)
Intel(R) Technology Access Software Asset Manager (HKLM-x32\...\{C1C74874-4E6F-49B8-BBCD-D43E277D8D28}) (Version: 3.4.1942 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
K-Lite Codec Pack 13.6.0 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.6.0 - KLCP)
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Machinarium (HKLM-x32\...\Machinarium) (Version: CZ/14.02.2010 - Amanita Design, s.r.o.)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Mercedes-Benz Truck Racing (HKLM-x32\...\Mercedes-Benz Truck Racing) (Version: - )
Microsoft GIF Animator (HKLM-x32\...\GIF Animator) (Version: - )
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.11328.20146 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4014956357-3707534637-2810121870-1001\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version: - )
Mozilla Firefox 65.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 65.0.2 (x86 cs)) (Version: 65.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 65.0.2.6995 - Mozilla)
MP4 Converter 3 (HKLM-x32\...\MP4 Converter_is1) (Version: - Tomabo)
MPC-HC 1.7.7 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.7 - MPC-HC Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11328.20146 - Microsoft Corporation) Hidden
Operation Flashpoint uninstall (HKLM-x32\...\Operation Flashpoint) (Version: - )
Polda II (HKLM-x32\...\Polda II_is1) (Version: - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21245 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7209 - Realtek Semiconductor Corp.)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.66 - Nullsoft, Inc)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4014956357-3707534637-2810121870-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\mamka Blanka\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-4014956357-3707534637-2810121870-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2019-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-08-28] (ACD Systems International -> ACD Systems International Inc.)
ContextMenuHandlers1: [Tomabo.MP4Converter] -> {67A979E9-C5A6-4C0F-B0B7-FB516406FA9E} => C:\Program Files (x86)\Tomabo\MP4 Converter\MP4C_WS.dll [2015-07-21] (Tomabo) [File not signed]
ContextMenuHandlers1: [Tomabo.MP4Player] -> {DA4F8B8B-91CF-43AD-BB0B-B52BF770DA3E} => C:\Program Files (x86)\Tomabo\MP4 Converter\MP4P_WS.dll [2015-07-21] (Tomabo) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2019-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [Tomabo.MP4Converter] -> {67A979E9-C5A6-4C0F-B0B7-FB516406FA9E} => C:\Program Files (x86)\Tomabo\MP4 Converter\MP4C_WS.dll [2015-07-21] (Tomabo) [File not signed]
ContextMenuHandlers6: [Tomabo.MP4Player] -> {DA4F8B8B-91CF-43AD-BB0B-B52BF770DA3E} => C:\Program Files (x86)\Tomabo\MP4 Converter\MP4P_WS.dll [2015-07-21] (Tomabo) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04F51471-BF82-42B4-9F11-32C5B4EDA753} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe (Acer Incorporated -> Acer Incorporate)
Task: {0FB49DA0-F312-4039-8D90-9A08ABDE8823} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {161305AA-AEC9-4004-8CD6-90DC7D595127} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {1DFF96C6-EF76-42AD-A2AE-61A6E8BAB5F8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {346FBF2D-9036-414A-9320-11178EE35162} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe (Intel(R) Software -> Intel Corporation)
Task: {3C031726-176B-4DEC-89A8-8918E609837B} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe (Acer Incorporated -> Acer Incorporated)
Task: {3FE9453C-33D0-47CC-A5ED-D07962551EE5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {43B56D30-1933-4547-8247-CA0FCB081C66} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe (Acer Incorporated -> Acer Incorporated)
Task: {4968707D-551D-4AEE-A01E-1987C26CD438} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {4ADDD265-87E6-4DC8-9DC2-090EAB46B2C7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {4B73B177-0F35-4FEC-95B2-8B326CE4A51C} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {552B0003-CEB3-4E7D-AE6C-CE54FAC5F66B} - System32\Tasks\{41C49F0C-EC94-400A-AB14-4727A9746D32} => C:\Windows\system32\pcalua.exe -a C:\Games\Mafia\Game.exe -d C:\Games\Mafia
Task: {57F3385A-75F6-4DE7-9D1D-A669B5556CC7} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7614FB99-041A-444D-97EE-C7EBFF675EE6} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe (Acer Incorporated -> Acer Incorporated)
Task: {77E1D2EC-F88B-4EE7-B433-C99E8D608DBB} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-blanka.bejrova@seznam.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {8145EA94-6EEF-48BB-99B6-88E89E859BAB} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (Intel(R) Update Manager -> Intel Corporation)
Task: {8FDF0366-8DBC-4F6D-A0BA-172E59001C2E} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe (Acer Incorporated -> Acer Incorporated)
Task: {99228687-A687-4CF7-A1AF-A25B7EC39B59} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe (Acer Incorporated -> Acer Incorporate)
Task: {A02AD9B0-A6AB-4346-9C9B-F9EBFB27F031} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle America, Inc. -> Oracle Corporation)
Task: {A598537F-2329-486E-B656-8D903C94025B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (Intel(R) Update Manager -> Intel Corporation)
Task: {A9E0F4CF-025E-4F5B-AF42-5C8D4AA5DA5F} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe () [File not signed]
Task: {AB16530A-D5C3-4C99-B441-62F323C19B75} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {AC790962-B0D3-4B61-83A8-C7C54189833D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {B05D941D-0A08-417F-A47B-F7F83F172614} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe (Acer Incorporated -> )
Task: {B1931396-0000-4057-9EF5-4D22F0577A45} - System32\Tasks\{9BF22518-26A5-42C6-950B-8F778881B9DF} => C:\Windows\system32\pcalua.exe -a C:\Games\Mafia\MafiaCon.exe -d C:\Games\Mafia
Task: {BFACF73C-8D57-4CC0-96A1-9BA73E8C56DC} - System32\Tasks\{F2437D35-B638-4C65-97A1-0B1AA94624A1} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe" -c --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Task: {C1CC5470-D1B0-48DD-84EA-F0C61E4A5381} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe (Acer Incorporated -> TODO: <Company name>)
Task: {C79F8756-D0A7-4EAE-BC9F-38F24E4C761C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {D74603A2-685D-43D2-8FC2-410A46D746E8} - System32\Tasks\{7FC763E8-3D48-495A-BF6F-4FABA3858CC4} => C:\Windows\system32\pcalua.exe -a C:\Games\Resurrection\fores.exe -d C:\Games\Resurrection
Task: {DCABAF57-8683-46C2-91C1-C126617AB9B6} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {DF560C6B-60D9-4807-9405-647CA39072F0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E5346F80-E237-4045-94B1-F7E147FFB8B0} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {E5EC29AA-5C20-4F94-B7FA-D3919FD613EF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F0B132C0-EA59-48BD-A605-E08B4F2CDDDE} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe (Acer Incorporated -> )
Task: {F2C28BD5-EA0A-4F52-9E05-5E6520E915F1} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe (Acer Incorporated -> Acer Incorporate)
Task: {FCE5AF0F-B604-4AC7-93A4-5AF4738E0C26} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\mamka Blanka\Desktop\ÚČTO 2015 DOSBOX.LNK -> C:\UCTO2015\U8.BAT ()

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarg ... -pos=Metro

==================== Loaded Modules (Whitelisted) ==============

2014-02-26 06:17 - 2014-02-26 06:17 - 000319104 _____ (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
2013-07-02 04:08 - 2013-07-02 04:08 - 000733696 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
2015-02-08 10:53 - 2015-02-08 10:53 - 000501248 _____ (iMatix Corporation) [File not signed] C:\Program Files\Intel Corporation\Intel(R) Technology Access\libzmq-v120-mt-3_2_4.dll
2015-07-07 10:44 - 2015-07-07 10:44 - 000088064 _____ () [File not signed] C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2015-02-08 11:20 - 2015-02-08 11:20 - 000111840 _____ (Intel(R) Technology Access -> NT Kernel Resources) [File not signed] C:\Program Files\Intel Corporation\Intel(R) Technology Access\ndisapi.dll
2018-06-11 11:37 - 2012-07-05 12:32 - 000084480 _____ (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll
2018-06-11 11:37 - 2005-04-22 05:36 - 000143360 _____ () [File not signed] C:\Windows\system32\BrSNMP64.dll
2014-02-26 06:18 - 2014-02-26 06:18 - 000291456 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll
2014-02-26 06:18 - 2014-02-26 06:18 - 000033408 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\CommApi.dll
2014-02-26 06:18 - 2014-02-26 06:18 - 000034432 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ipc.dll
2014-02-26 06:18 - 2014-02-26 06:18 - 000115328 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\utils.dll
2014-02-26 06:18 - 2014-02-26 06:18 - 000027264 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\TCPConnection.dll
2017-10-17 08:24 - 2015-07-21 13:50 - 000055296 _____ (Tomabo) [File not signed] C:\Program Files (x86)\Tomabo\MP4 Converter\MP4P_WS.dll
2017-10-17 08:24 - 2015-07-21 13:50 - 000055296 _____ (Tomabo) [File not signed] C:\Program Files (x86)\Tomabo\MP4 Converter\MP4C_WS.dll
2014-02-26 06:18 - 2014-02-26 06:18 - 000203392 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\FolderViewImpl.dll
2014-02-26 06:17 - 2014-02-26 06:17 - 000134784 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
2014-02-26 06:18 - 2014-02-26 06:18 - 000063104 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ModuleManager.dll
2014-02-26 06:14 - 2014-02-26 06:14 - 000011264 _____ () [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-26 06:14 - 2014-02-26 06:14 - 000063488 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\RfcommLib\rfcommlib.dll
2014-02-26 06:13 - 2014-02-26 06:13 - 000210432 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Audio\audio.dll
2014-02-26 06:18 - 2014-02-26 06:18 - 000083072 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Handsfree.dll
2014-02-26 06:14 - 2014-02-26 06:14 - 000091136 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\L2capLib\l2caplib.dll
2014-02-26 06:14 - 2014-02-26 06:14 - 000087552 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\SesMgr\sesmgr.dll
2014-02-26 06:09 - 2014-02-26 06:09 - 000097792 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\goep\goep.dll
2014-02-26 06:13 - 2014-02-26 06:13 - 000162304 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\BasicPrintProfile\BPP.dll
2014-02-26 06:14 - 2014-02-26 06:14 - 000177152 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\BIP\BIP.dll
2014-02-26 06:11 - 2014-02-26 06:11 - 000086016 _____ () [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-26 06:11 - 2014-02-26 06:11 - 000029696 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\HCRP\Hcrp.dll
2014-02-26 06:12 - 2014-02-26 06:12 - 000308224 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\LE\LE.dll
2014-02-26 06:18 - 2014-02-26 06:18 - 000126592 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\gatts.DLL
2014-02-26 06:18 - 2014-02-26 06:18 - 000085632 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\GattI.dll
2014-02-26 06:12 - 2014-02-26 06:12 - 000142848 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\HealthDevice\HDP.dll
2014-02-26 06:13 - 2014-02-26 06:13 - 000421888 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll
2014-02-26 06:18 - 2014-02-26 06:18 - 001067648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\OutlookLib.dll
2014-02-26 06:12 - 2014-02-26 06:12 - 000018432 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\DID\DId.dll
2014-02-26 06:11 - 2014-02-26 06:11 - 000035840 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\FAX\Fax.dll
2014-02-26 06:13 - 2014-02-26 06:13 - 000096256 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\GapSdp\GapSdp.dll
2014-02-26 06:13 - 2014-02-26 06:13 - 000067072 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\pbap\pbap.dll
2014-02-26 06:13 - 2014-02-26 06:13 - 000055296 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\spp\spp.dll
2014-02-26 06:14 - 2014-02-26 06:14 - 000066048 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\OppOperation\OppOperation.dll
2014-02-26 06:13 - 2014-02-26 06:13 - 000097280 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\sap\sap.dll
2014-02-26 06:12 - 2014-02-26 06:12 - 000064512 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Sync\Sync.dll
2014-02-26 06:17 - 2014-02-26 06:17 - 000012928 _____ (Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2018-06-11 14:09 - 2012-06-06 14:31 - 003076096 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
2018-06-11 14:09 - 2012-06-05 14:56 - 000266240 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
2018-06-11 14:08 - 2009-02-27 15:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2018-06-11 14:09 - 2012-01-11 13:39 - 000626688 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2018-06-11 14:09 - 2011-02-28 10:32 - 000208896 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2018-06-11 14:09 - 2012-04-23 14:03 - 000380928 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2018-06-11 14:09 - 2010-09-29 16:07 - 000180224 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BroSNMP.dll
2019-03-11 12:21 - 2019-02-01 10:56 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-03-11 12:21 - 2019-02-01 10:56 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-03-11 12:21 - 2019-02-01 10:56 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-03-11 12:21 - 2019-02-01 10:56 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-03-11 12:21 - 2019-02-01 10:56 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-03-11 12:21 - 2019-02-01 10:56 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-03-11 12:21 - 2019-02-01 10:55 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-03-11 12:21 - 2019-02-01 10:56 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-03-11 12:21 - 2019-02-01 10:56 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-03-11 12:21 - 2019-02-01 10:56 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-03-11 12:21 - 2019-02-01 10:56 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-03-11 12:21 - 2019-02-01 10:56 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-03-11 12:21 - 2019-02-01 10:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-03-11 12:21 - 2019-02-01 10:56 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-03-11 12:21 - 2019-02-01 10:56 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-03-11 12:21 - 2019-02-01 10:56 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-03-11 12:21 - 2019-02-01 10:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-03-11 12:21 - 2019-02-01 10:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-03-11 12:21 - 2019-02-01 10:56 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2017-01-26 09:36 - 2017-01-26 09:36 - 000000000 ____LMicrosoft Corporation C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\AppVIsvSubsystems32.dll
2017-01-26 09:36 - 2017-01-26 09:36 - 000000000 ____LMicrosoft Corporation C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\c2r32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2018-12-04 09:42 - 000000753 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Acer\Remote Files\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-4014956357-3707534637-2810121870-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "ACSW21EN"
HKU\S-1-5-21-4014956357-3707534637-2810121870-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-4014956357-3707534637-2810121870-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4014956357-3707534637-2810121870-1001\...\StartupApproved\Run: => "ACDSeeCommanderStd20"
HKU\S-1-5-21-4014956357-3707534637-2810121870-1001\...\StartupApproved\Run: => "ACDSeeCommander21"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{80A01594-CD1A-4241-9429-E0C6A9B903BB}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{AAC8262B-110B-4178-904D-063C1864B1E2}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{26A8B188-7D33-42A0-A9F5-6A58617F021D}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E9AE6366-D060-48A6-BAF4-B835CD2583E9}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{87ED9ACD-B8CB-4A45-B687-B003F3C789F3}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2C36CBF0-5C5B-4D74-93E1-D2E6F848C61B}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CF6513B0-270B-4F84-8FBE-4943356EEEBE}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No File
FirewallRules: [{1A39100C-CEB1-4D46-A3F2-A71A6C335C44}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No File
FirewallRules: [{B3482CEE-2856-4413-8D8C-1C70109EA854}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{C3ED90F2-9B5B-4864-B616-99EC58D8D519}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{E7A74308-66A3-4618-A81C-DBF8A6E3124B}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{849B5404-77D7-4D6E-8266-4779638E3DFB}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{1FDCC36B-4625-4C52-B41A-CF6EB2CFC646}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe (Acer Incorporated -> Acer Incorporated)
FirewallRules: [{D51200AA-2C3D-4DF7-8E6F-05D80CF2C647}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe (Acer Incorporated -> Acer Incorporated)
FirewallRules: [{2DF4A98D-AB4A-4041-902D-8F6C2AA2A7C3}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe (Acer Incorporated -> Acer Incorporated)
FirewallRules: [{8A6A284C-E22F-4E72-84B1-BCCE122CF36E}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe (Acer Incorporated -> Acer Incorporated)
FirewallRules: [{F4411469-584D-44A9-B151-B24B8D1037A3}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{613C49D7-E2F9-49C8-A1CE-7300CE624112}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{0F4E318C-D9BF-4138-AF98-1FE75B83064A}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe No File
FirewallRules: [{160D2C97-1908-4D20-B61E-BC3282D4C601}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe No File
FirewallRules: [{193D9620-2F29-41C9-8F5A-27CFDBB94718}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe No File
FirewallRules: [{4F0EFD9F-6A5E-47CA-977D-45B95AD117D2}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe No File
FirewallRules: [{15264802-7510-4528-B3C8-FD71E9B2062E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{49AAEA00-0B94-48C8-B71C-66EB5BD0470D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{38FFBBF7-38BF-4FA3-A11F-AEE044CB42BB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{B43F5BAE-EF41-4166-9F2C-3E9E42C2105B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{F789B320-A7FD-480C-95D4-BB10B7EBB310}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{ACED7A65-CA92-424D-8814-820FDD5A3E9C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{172BC1CF-C54B-4410-A3CA-95EA4F239A6B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{E2091434-CB70-47E5-9D27-2FC2D7BF7ABE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{F94540B8-4BCC-4B38-9139-D191E0C0CA92}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{10AF825F-528C-41BE-9353-409B2ACC85D7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{533F0738-4F4E-4A90-BF4B-EB6857AE3EFA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{65E73C0C-5D65-4AC2-B473-77DE61499655}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{F49528FC-4DA8-4155-B836-1829DBCD0C5F}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{9F5F6F43-40D8-4E4E-B0B8-3EEEEDC2BB84}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{82071B6B-BE20-4BAB-B66E-80CEA44B2E57}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [UDP Query User{EB5F6A0F-D697-40C7-96F7-85B7C4FCEA72}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [{21B7E631-D2E6-4C37-98EE-2D91EB860ED7}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{15D5CB0A-EE97-41B9-84A7-F3209F4E28DF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{480471BB-5B16-46E4-BC38-99D9546388D8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{6037FE3D-3C5F-488D-8CF6-A184EB59065E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{4F83D499-BE14-468A-9CBD-C38CB9189DFC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{8B8D4BE3-517E-4498-BE11-F924F6348A70}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{047A5E8C-5A35-42BA-9A90-E5E11A6F1AF9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5CA2BB20-6ED3-4C21-9E39-CACE84FE1DA7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9117A4B7-901D-46A1-B98B-B2DBB7A9EF34}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP - Installer for ACDSee Commander Standard 2018] => (Allow) C:\Program Files (x86)\ACD Systems\ACDSee\21.0\ACDSeeCommander21.exe (ACD Systems International Inc. -> )
FirewallRules: [UDP - Installer for ACDSee Commander Standard 2018] => (Allow) C:\Program Files (x86)\ACD Systems\ACDSee\21.0\ACDSeeCommander21.exe (ACD Systems International Inc. -> )
FirewallRules: [{20418562-6B53-45A5-9EBD-3A041292477D}] => (Allow) C:\Program Files (x86)\Brother\Brmfl11b\FAXRX.exe (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{193D4E60-E61A-4019-BBF3-5A46BB6F42EE}] => (Allow) C:\Program Files (x86)\Brother\Brmfl11b\FAXRX.exe (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{EA36E527-DD8C-4631-B9CD-5607E27D62A3}] => (Allow) LPort=54925
FirewallRules: [{7B9C1458-4177-499B-8A36-917366B4B36C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FBFF472E-A62F-4999-925B-B4E43C98DF72}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{77C54AA8-556C-4E56-B713-97FA1E9D66FC}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [TCP Query User{93734287-7765-478E-A0EF-BCE1B37EB152}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{12D4C549-7319-474E-B78C-CA555FDDAD6C}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C5DD2062-E7D9-44A4-B05F-7A94CD0FEC39}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{164AE06C-5639-4E6C-9A9B-CD5917B42D56}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{52447D45-72B4-4A68-85E4-B70E47C732B9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
StandardProfile\AuthorizedApplications: [C:\Program Files\River Past\Cam Do\CamDo.exe] => Enabled:River Past Cam Do
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Tomabo\MP4 Converter\MP4Downloader.exe] => Enabled:MP4 Downloader

==================== Restore Points =========================

23-02-2019 19:45:01 Intel(R) Technology Access
25-02-2019 21:33:56 Intel(R) Technology Access
27-02-2019 12:30:55 Intel(R) Technology Access
04-03-2019 17:13:00 Intel(R) Technology Access
09-03-2019 16:53:40 Intel(R) Technology Access

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/11/2019 12:22:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamservice.exe, verze: 3.2.0.765, časové razítko: 0x5c508d96
Název chybujícího modulu: SPControllerImpl.dll, verze: 3.1.0.221, časové razítko: 0x5c4a33c0
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000020319
ID chybujícího procesu: 0x161c
Čas spuštění chybující aplikace: 0x01d4d7fcaafbf9c9
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Cesta k chybujícímu modulu: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SPControllerImpl.dll
ID zprávy: f267b401-43ef-11e9-8322-f8a963dfcb34
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/11/2019 12:00:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20413 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 5cc

Čas spuštění: 01d4d7f8dcd747a9

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: d5fc0552-43ec-11e9-8321-f8a963dfcb34

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (03/11/2019 09:12:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13375

Error: (03/11/2019 09:12:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13375

Error: (03/11/2019 09:12:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/11/2019 09:12:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12359

Error: (03/11/2019 09:12:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12359

Error: (03/11/2019 09:12:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/11/2019 12:09:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetGroup Packet Filter Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/11/2019 12:08:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba Windows Media Player Network Sharing závisí na službě Windows Search, která neuspěla při spuštění v důsledku následující chyby:
Služba nebyla spuštěna.

Error: (03/11/2019 12:08:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/11/2019 12:08:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (03/11/2019 12:08:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Quick Access Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/11/2019 12:08:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Technology Access Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (03/11/2019 12:08:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba User Experience Improvement Program byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/11/2019 12:08:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BrYNSvc byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================

Date: 2018-02-22 17:03:08.237
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-22 17:03:06.922
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-22 16:57:56.915
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-22 16:57:24.221
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-22 16:57:24.120
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-22 07:44:15.385
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-22 07:44:15.292
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-21 11:55:53.689
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 90%
Total physical RAM: 1931.2 MB
Available physical RAM: 186.9 MB
Total Virtual: 3787.2 MB
Available Virtual: 1851.55 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:448.49 GB) (Free:313.95 GB) NTFS

\\?\Volume{de402f1a-c205-44a4-abcf-bb3f931e853b}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.29 GB) NTFS
\\?\Volume{4dddc440-c9a6-4612-b5d0-b4018a15034a}\ (Push Button Reset) (Fixed) (Total:16.27 GB) (Free:2.24 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 96604FE3)

Partition: GPT.

==================== End of Addition.txt ============================

Uživatelský avatar
Diallix
Level 2
Level 2
Příspěvky: 166
Registrován: říjen 08
Pohlaví: Nespecifikováno

Re: Kontrola logu - pomalé NTB

Příspěvekod Diallix » 13 bře 2019 01:33

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
CreateRestorePoint:

C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Bonjour

SearchScopes: HKU\S-1-5-21-4014956357-3707534637-2810121870-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4014956357-3707534637-2810121870-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
FF NewTab: Mozilla\Firefox\Profiles\7vu01vy5.default -> about:newtab
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
Task: {3FE9453C-33D0-47CC-A5ED-D07962551EE5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {D74603A2-685D-43D2-8FC2-410A46D746E8} - System32\Tasks\{7FC763E8-3D48-495A-BF6F-4FABA3858CC4} => C:\Windows\system32\pcalua.exe -a C:\Games\Resurrection\fores.exe -d C:\Games\Resurrection
Task: {C79F8756-D0A7-4EAE-BC9F-38F24E4C761C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {B1931396-0000-4057-9EF5-4D22F0577A45} - System32\Tasks\{9BF22518-26A5-42C6-950B-8F778881B9DF} => C:\Windows\system32\pcalua.exe -a C:\Games\Mafia\MafiaCon.exe -d C:\Games\Mafia
Task: {552B0003-CEB3-4E7D-AE6C-CE54FAC5F66B} - System32\Tasks\{41C49F0C-EC94-400A-AB14-4727A9746D32} => C:\Windows\system32\pcalua.exe -a C:\Games\Mafia\Game.exe -d C:\Games\Mafia
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
CustomCLSID: HKU\S-1-5-21-4014956357-3707534637-2810121870-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\mamka Blanka\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
FirewallRules: [{80A01594-CD1A-4241-9429-E0C6A9B903BB}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{AAC8262B-110B-4178-904D-063C1864B1E2}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{CF6513B0-270B-4F84-8FBE-4943356EEEBE}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No File
FirewallRules: [{1A39100C-CEB1-4D46-A3F2-A71A6C335C44}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No FiLE
FirewallRules: [{B3482CEE-2856-4413-8D8C-1C70109EA854}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{C3ED90F2-9B5B-4864-B616-99EC58D8D519}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{193D9620-2F29-41C9-8F5A-27CFDBB94718}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe No File
FirewallRules: [{4F0EFD9F-6A5E-47CA-977D-45B95AD117D2}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe No File
FirewallRules: [{8B8D4BE3-517E-4498-BE11-F924F6348A70}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{047A5E8C-5A35-42BA-9A90-E5E11A6F1AF9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5CA2BB20-6ED3-4C21-9E39-CACE84FE1DA7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9117A4B7-901D-46A1-B98B-B2DBB7A9EF34}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

EmptyTemp:


Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu:CyberSecurity UNIT
----
Bezpečnostná autorita fóra viry.cz Certifikát
----
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

macwix
Level 1
Level 1
Příspěvky: 57
Registrován: listopad 10
Pohlaví: Muž

Re: Kontrola logu - pomalé NTB

Příspěvekod macwix » 16 bře 2019 14:28

Tak tady fixlog z FRST:
Díky!

Fix result of Farbar Recovery Scan Tool (x64) Version: 13.03.2019 01
Ran by mamka Blanka (16-03-2019 14:12:28) Run:1
Running from C:\Users\mamka Blanka\Desktop
Loaded Profiles: mamka Blanka & (Available Profiles: mamka Blanka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Bonjour

SearchScopes: HKU\S-1-5-21-4014956357-3707534637-2810121870-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4014956357-3707534637-2810121870-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
FF NewTab: Mozilla\Firefox\Profiles\7vu01vy5.default -> about:newtab
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
Task: {3FE9453C-33D0-47CC-A5ED-D07962551EE5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {D74603A2-685D-43D2-8FC2-410A46D746E8} - System32\Tasks\{7FC763E8-3D48-495A-BF6F-4FABA3858CC4} => C:\Windows\system32\pcalua.exe -a C:\Games\Resurrection\fores.exe -d C:\Games\Resurrection
Task: {C79F8756-D0A7-4EAE-BC9F-38F24E4C761C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {B1931396-0000-4057-9EF5-4D22F0577A45} - System32\Tasks\{9BF22518-26A5-42C6-950B-8F778881B9DF} => C:\Windows\system32\pcalua.exe -a C:\Games\Mafia\MafiaCon.exe -d C:\Games\Mafia
Task: {552B0003-CEB3-4E7D-AE6C-CE54FAC5F66B} - System32\Tasks\{41C49F0C-EC94-400A-AB14-4727A9746D32} => C:\Windows\system32\pcalua.exe -a C:\Games\Mafia\Game.exe -d C:\Games\Mafia
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
CustomCLSID: HKU\S-1-5-21-4014956357-3707534637-2810121870-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\mamka Blanka\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
FirewallRules: [{80A01594-CD1A-4241-9429-E0C6A9B903BB}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{AAC8262B-110B-4178-904D-063C1864B1E2}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{CF6513B0-270B-4F84-8FBE-4943356EEEBE}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No File
FirewallRules: [{1A39100C-CEB1-4D46-A3F2-A71A6C335C44}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No FiLE
FirewallRules: [{B3482CEE-2856-4413-8D8C-1C70109EA854}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{C3ED90F2-9B5B-4864-B616-99EC58D8D519}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{193D9620-2F29-41C9-8F5A-27CFDBB94718}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe No File
FirewallRules: [{4F0EFD9F-6A5E-47CA-977D-45B95AD117D2}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe No File
FirewallRules: [{8B8D4BE3-517E-4498-BE11-F924F6348A70}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{047A5E8C-5A35-42BA-9A90-E5E11A6F1AF9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5CA2BB20-6ED3-4C21-9E39-CACE84FE1DA7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9117A4B7-901D-46A1-B98B-B2DBB7A9EF34}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

EmptyTemp:

*****************

Processes closed successfully.
Restore point was successfully created.
C:\Program Files\Bonjour\mDNSResponder.exe => moved successfully
C:\Program Files\Bonjour => moved successfully
HKU\S-1-5-21-4014956357-3707534637-2810121870-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-4014956357-3707534637-2810121870-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"Firefox newtab" => removed successfully
HKLM\System\CurrentControlSet\Services\npf => removed successfully
npf => service removed successfully
HKLM\System\CurrentControlSet\Services\ZAM => removed successfully
ZAM => service removed successfully
HKLM\System\CurrentControlSet\Services\ZAM_Guard => removed successfully
ZAM_Guard => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3FE9453C-33D0-47CC-A5ED-D07962551EE5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FE9453C-33D0-47CC-A5ED-D07962551EE5}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D74603A2-685D-43D2-8FC2-410A46D746E8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D74603A2-685D-43D2-8FC2-410A46D746E8}" => removed successfully
C:\Windows\System32\Tasks\{7FC763E8-3D48-495A-BF6F-4FABA3858CC4} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7FC763E8-3D48-495A-BF6F-4FABA3858CC4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C79F8756-D0A7-4EAE-BC9F-38F24E4C761C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C79F8756-D0A7-4EAE-BC9F-38F24E4C761C}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B1931396-0000-4057-9EF5-4D22F0577A45}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B1931396-0000-4057-9EF5-4D22F0577A45}" => removed successfully
C:\Windows\System32\Tasks\{9BF22518-26A5-42C6-950B-8F778881B9DF} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9BF22518-26A5-42C6-950B-8F778881B9DF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{552B0003-CEB3-4E7D-AE6C-CE54FAC5F66B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{552B0003-CEB3-4E7D-AE6C-CE54FAC5F66B}" => removed successfully
C:\Windows\System32\Tasks\{41C49F0C-EC94-400A-AB14-4727A9746D32} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{41C49F0C-EC94-400A-AB14-4727A9746D32}" => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKU\S-1-5-21-4014956357-3707534637-2810121870-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{80A01594-CD1A-4241-9429-E0C6A9B903BB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AAC8262B-110B-4178-904D-063C1864B1E2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CF6513B0-270B-4F84-8FBE-4943356EEEBE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1A39100C-CEB1-4D46-A3F2-A71A6C335C44}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B3482CEE-2856-4413-8D8C-1C70109EA854}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C3ED90F2-9B5B-4864-B616-99EC58D8D519}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{193D9620-2F29-41C9-8F5A-27CFDBB94718}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4F0EFD9F-6A5E-47CA-977D-45B95AD117D2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8B8D4BE3-517E-4498-BE11-F924F6348A70}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{047A5E8C-5A35-42BA-9A90-E5E11A6F1AF9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5CA2BB20-6ED3-4C21-9E39-CACE84FE1DA7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9117A4B7-901D-46A1-B98B-B2DBB7A9EF34}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 384126298 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1261316 B
Edge => 0 B
Chrome => 5182120 B
Firefox => 1116724680 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 480420 B
NetworkService => 1056 B
mamka Blanka => 10144292 B

RecycleBin => 74403509 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:18:53 ====

Uživatelský avatar
Diallix
Level 2
Level 2
Příspěvky: 166
Registrován: říjen 08
Pohlaví: Nespecifikováno

Re: Kontrola logu - pomalé NTB

Příspěvekod Diallix » 16 bře 2019 16:49

Super, ako je na tom system?
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu:CyberSecurity UNIT
----
Bezpečnostná autorita fóra viry.cz Certifikát
----
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

macwix
Level 1
Level 1
Příspěvky: 57
Registrován: listopad 10
Pohlaví: Muž

Re: Kontrola logu - pomalé NTB  Vyřešeno

Příspěvekod macwix » 16 bře 2019 21:13

Jede to líp. Díky moc!

Uživatelský avatar
Diallix
Level 2
Level 2
Příspěvky: 166
Registrován: říjen 08
Pohlaví: Nespecifikováno

Re: Kontrola logu - pomalé NTB

Příspěvekod Diallix » 17 bře 2019 07:00

Nemate zac :]]
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu:CyberSecurity UNIT
----
Bezpečnostná autorita fóra viry.cz Certifikát
----
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Uživatelský avatar
Diallix
Level 2
Level 2
Příspěvky: 166
Registrován: říjen 08
Pohlaví: Nespecifikováno

Re: Kontrola logu - pomalé NTB

Příspěvekod Diallix » 17 bře 2019 07:00

Nemate zac :]]
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu:CyberSecurity UNIT
----
Bezpečnostná autorita fóra viry.cz Certifikát
----
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 11 hostů