Já chtěl log při výmazu , ne sken , případně ten script udělej ještě jednou.
// teď jsem si všiml , že si vůbec nedal adition.txt , ale 2x scan result frst..už předtím..
takže uděklej nový sken a vlož sem oba logy.
Nejdou háčky Vyřešeno
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Nejdou háčky
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Nejdou háčky
Tak už nevím. Udělal jsem znovu FRST a v Log je pouze toto a ten exe nejde spustit. Píše došlo k chybě.
- Přílohy
-
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Nejdou háčky
Smaž frst z plochy ( máš jí vůbec na ploše?) , smaž celou složku frst na C:/.
Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
ty logy se Ti musí po chvíli ukázat samy na ploše...
Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
ty logy se Ti musí po chvíli ukázat samy na ploše...
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Nejdou háčky
Tak jsem se zas dostal k PC. Snad už se to povedlo
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by mpmus (20-12-2019 10:04:01)
Running from C:\Users\mpmus\OneDrive\Plocha
Windows 10 Home Version 1903 18362.535 (X64) (2019-06-27 18:35:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3628173932-496747200-3867910086-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3628173932-496747200-3867910086-503 - Limited - Disabled)
Guest (S-1-5-21-3628173932-496747200-3867910086-501 - Limited - Disabled)
mpmus (S-1-5-21-3628173932-496747200-3867910086-1001 - Administrator - Enabled) => C:\Users\mpmus
WDAGUtilityAccount (S-1-5-21-3628173932-496747200-3867910086-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.50.2056, 18.12.2017 - AIMP DevTeam)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
eIMAGE Recovery (HKLM-x32\...\eIMAGE Recovery) (Version: 3 - OctaneSoft Ltd.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FOTOLAB CEWE fotosvet (HKLM-x32\...\FOTOLAB CEWE fotosvet) (Version: 6.4.5 - CEWE Stiftung u Co. KGaA)
Garmin BaseCamp (HKLM-x32\...\{25931634-b363-4840-9e62-4c52abaeffc3}) (Version: 4.7.0.0 - Garmin Ltd or its subsidiaries)
Garmin BaseCamp (HKLM-x32\...\{B6A0787C-1CD0-4999-B585-677C20139BA5}) (Version: 4.7.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
HappyFoto (HKLM-x32\...\{621A70CA-32A5-4F50-A66C-C9C792580415}_is1) (Version: - Happy Foto CZ)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3628173932-496747200-3867910086-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Moveslink2 (HKU\S-1-5-21-3628173932-496747200-3867910086-1001\...\72ba98056758d55b) (Version: 1.5.0.318 - Suunto)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
NVIDIA Ovladač HD audia 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation)
Odinstalace tiskárny EPSON SX535WD Series (HKLM\...\EPSON SX535WD Series) (Version: - SEIKO EPSON Corporation)
Ovládací panel NVIDIA 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 432.00 - NVIDIA Corporation) Hidden
Potplayer (HKLM-x32\...\PotPlayer) (Version: - Daum Communications Corp.)
PRO100 (HKLM-x32\...\{B3DBB43D-9451-45D0-B5A9-6413C98D091B}) (Version: 1.0.0 - Ecru)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 5.1.0.0 - ASCOMP Software GmbH)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Suuntolink (HKU\S-1-5-21-3628173932-496747200-3867910086-1001\...\Suuntolink) (Version: 2.24.3 - Suunto)
TOPO Czech PRO 2013 (HKLM-x32\...\{1278ABFC-E3E6-434B-A302-BB0E4949B87D}) (Version: 7.00 - PICODAS PRAHA, spol. s r.o.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
TurboFLOORPLAN Dum & Interiér & Zahrada Pro v12 (HKLM-x32\...\InstallShield_{74F541C8-EB78-4606-8234-0955ED803787}) (Version: 12.1 - IMSIDesign)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zemana AntiMalware verze 3.1.495 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.495 - Zemana)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.6 - ZONER software)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1804.2.61 - ZONER software)
Packages:
=========
Mapy.cz -> C:\Program Files\WindowsApps\949FFEAB.Mapy.cz_6.12.23.0_x64__refxrrjvvv3cw [2019-10-03] (Seznam.cz a.s.)
Messenger -> C:\Program Files\WindowsApps\Facebook.317180B0BB486_196.2292.59195.0_x86__8xx8rvfyw5nnt [2019-07-15] (Facebook Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-15] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-12-03] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.16.0_x64__nfy108tqq3p12 [2019-09-30] (Thumbmunkeys Ltd) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-05-13] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [Secure Eraser] -> {2A8DEC8D-934E-4FF8-825A-05A800047649} => C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll [2016-02-03] (ASCOMP Software GmbH -> )
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-05-13] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Secure Eraser] -> {2A8DEC8D-934E-4FF8-825A-05A800047649} => C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll [2016-02-03] (ASCOMP Software GmbH -> )
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-01-07 15:38 - 2014-09-09 12:30 - 000603648 _____ () [File not signed] C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2019-05-17 16:54 - 2012-11-12 14:15 - 000558592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2019-05-17 16:54 - 2012-10-22 16:19 - 000219648 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enpres.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-01-06 17:43 - 2019-11-17 17:07 - 000000841 ____N C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3628173932-496747200-3867910086-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.20.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{0BEA436D-2978-4718-BB09-1B7BC8FA6164}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4E8ED21E-92B9-4D99-8B9A-BE18D885FF30}] => (Allow) LPort=1900
FirewallRules: [{B6B4F8AF-0B00-447B-8492-FC1164849FAB}] => (Allow) LPort=2869
FirewallRules: [{8F99A760-7668-4AED-B6C8-7812E6050447}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B845EF11-2B19-4203-B620-85AF6CCDE8B0}] => (Allow) C:\Program Files (x86)\iibiMuRxEo.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{91C53597-CF24-45DC-9667-646B067F2383}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{371ED633-669B-4AAC-983C-AD4DDCD332BE}] => (Allow) C:\Program Files (x86)\DAUM\PotPlayer\PotPlayerMini.exe (Daum Communications Corp. -> Daum Communications)
FirewallRules: [Daum PotPlayer(PotPlayerMini.exe)] => (Allow) C:\Program Files (x86)\DAUM\PotPlayer\PotPlayerMini.exe (Daum Communications Corp. -> Daum Communications)
FirewallRules: [{3214A953-EDB5-4571-BE2B-9732F7F1F374}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [UDP Query User{F00377D3-89AC-4AF5-8AFE-9BD0C0643058}C:\users\mpmus\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mpmus\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{47E09F68-55C2-4B2C-9C44-A3530B37AF0A}C:\users\mpmus\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mpmus\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{28C9ED06-40A9-42ED-9D07-3475C8575451}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{095B1518-26E3-463E-A488-49C7730E6DA3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{73BC15C8-0FA7-4E7D-9C1D-0DC789F80B3C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
20-11-2019 16:44:29 JRT Pre-Junkware Removal
03-12-2019 17:41:06 Restore Point Created by FRST
04-12-2019 17:48:14 Restore Point Created by FRST
04-12-2019 17:58:06 Restore Point Created by FRST
04-12-2019 19:09:38 Restore Point Created by FRST
05-12-2019 11:30:17 Restore Point Created by FRST
12-12-2019 15:49:50 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/20/2019 09:58:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4828,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/19/2019 09:54:27 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4712,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/19/2019 09:37:00 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3536,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/19/2019 09:29:43 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1236,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/19/2019 08:47:56 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11240,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/19/2019 07:46:15 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7004,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/15/2019 07:32:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10916,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/15/2019 07:22:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12620,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (12/05/2019 11:33:01 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba SysMain byla ukončena s následující chybou:
Parametr není správný.
Error: (12/05/2019 11:30:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (12/05/2019 11:30:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wireless Keyboard 850 Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/05/2019 11:30:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/05/2019 11:30:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.
Error: (12/04/2019 07:10:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.
Error: (12/04/2019 07:10:22 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WSearch se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (12/04/2019 07:09:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Windows Defender:
===================================
Date: 2019-12-19 09:53:09.383
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CA573443-A14B-405A-8EB4-F43E22E897DC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-12-05 11:30:21.970
Description:
Řízený přístup ke složkám zablokoval pro C:\Users\mpmus\OneDrive\Plocha\FRST64.exe možnost upravit %userprofile%\OneDrive\Plocha\.
Čas detekce: 2019-12-05T10:30:21.970Z
Uživatel: DESKTOP-I3KG49D\mpmus
Cesta: %userprofile%\OneDrive\Plocha\
Název procesu: C:\Users\mpmus\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: 1.305.3350.0
Verze modulu: 1.1.16500.1
Verze produktu: 4.18.1910.4
Date: 2019-12-05 11:20:56.165
Description:
Řízený přístup ke složkám zablokoval pro C:\Users\mpmus\OneDrive\Plocha\FRST64.exe možnost upravit %userprofile%\OneDrive\Plocha\.
Čas detekce: 2019-12-05T10:20:56.165Z
Uživatel: DESKTOP-I3KG49D\mpmus
Cesta: %userprofile%\OneDrive\Plocha\
Název procesu: C:\Users\mpmus\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: 1.305.3350.0
Verze modulu: 1.1.16500.1
Verze produktu: 4.18.1910.4
Date: 2019-12-05 11:20:49.802
Description:
Řízený přístup ke složkám zablokoval pro C:\Users\mpmus\OneDrive\Plocha\FRST64.exe možnost upravit %userprofile%\OneDrive\Plocha\.
Čas detekce: 2019-12-05T10:20:49.801Z
Uživatel: DESKTOP-I3KG49D\mpmus
Cesta: %userprofile%\OneDrive\Plocha\
Název procesu: C:\Users\mpmus\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: 1.305.3350.0
Verze modulu: 1.1.16500.1
Verze produktu: 4.18.1910.4
Date: 2019-12-05 11:20:43.457
Description:
Řízený přístup ke složkám zablokoval pro C:\Users\mpmus\OneDrive\Plocha\FRST64.exe možnost upravit %userprofile%\OneDrive\Plocha\.
Čas detekce: 2019-12-05T10:20:43.456Z
Uživatel: DESKTOP-I3KG49D\mpmus
Cesta: %userprofile%\OneDrive\Plocha\
Název procesu: C:\Users\mpmus\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: 1.305.3350.0
Verze modulu: 1.1.16500.1
Verze produktu: 4.18.1910.4
Date: 2019-12-04 18:02:54.030
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.3332.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
CodeIntegrity:
===================================
Date: 2019-12-20 10:03:05.532
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-20 10:03:04.623
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-20 10:03:01.253
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-20 10:02:59.634
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-20 10:02:59.288
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-20 10:02:58.733
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-20 10:02:58.235
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-20 10:02:57.832
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P3.10 08/30/2017
Motherboard: ASRock A320M-HDV
Processor: AMD Ryzen 3 1300X Quad-Core Processor
Percentage of memory in use: 38%
Total physical RAM: 8125.1 MB
Available physical RAM: 4966.55 MB
Total Virtual: 8637.1 MB
Available Virtual: 4931.38 MB
==================== Drives ================================
Drive c: (SSD_Windows) (Fixed) (Total:110.39 GB) (Free:58.54 GB) NTFS
Drive d: (HDD_1TB) (Fixed) (Total:931.51 GB) (Free:691.71 GB) NTFS
Drive e: (HDD_Pracovní) (Fixed) (Total:465.76 GB) (Free:91.87 GB) NTFS
Drive f: (Transcend 500GB) (Fixed) (Total:465.76 GB) (Free:258.19 GB) NTFS
\\?\Volume{365404e6-e053-4bbd-a4c9-464a57272c18}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{98a06007-017f-41e9-9212-077bc28c85e8}\ () (Fixed) (Total:0.8 GB) (Free:0.41 GB) NTFS
\\?\Volume{bdf8228a-2751-42c8-b79e-e4566e492fb5}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 7841F661)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 972732EE)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 3 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by mpmus (20-12-2019 10:04:01)
Running from C:\Users\mpmus\OneDrive\Plocha
Windows 10 Home Version 1903 18362.535 (X64) (2019-06-27 18:35:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3628173932-496747200-3867910086-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3628173932-496747200-3867910086-503 - Limited - Disabled)
Guest (S-1-5-21-3628173932-496747200-3867910086-501 - Limited - Disabled)
mpmus (S-1-5-21-3628173932-496747200-3867910086-1001 - Administrator - Enabled) => C:\Users\mpmus
WDAGUtilityAccount (S-1-5-21-3628173932-496747200-3867910086-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.50.2056, 18.12.2017 - AIMP DevTeam)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
eIMAGE Recovery (HKLM-x32\...\eIMAGE Recovery) (Version: 3 - OctaneSoft Ltd.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FOTOLAB CEWE fotosvet (HKLM-x32\...\FOTOLAB CEWE fotosvet) (Version: 6.4.5 - CEWE Stiftung u Co. KGaA)
Garmin BaseCamp (HKLM-x32\...\{25931634-b363-4840-9e62-4c52abaeffc3}) (Version: 4.7.0.0 - Garmin Ltd or its subsidiaries)
Garmin BaseCamp (HKLM-x32\...\{B6A0787C-1CD0-4999-B585-677C20139BA5}) (Version: 4.7.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
HappyFoto (HKLM-x32\...\{621A70CA-32A5-4F50-A66C-C9C792580415}_is1) (Version: - Happy Foto CZ)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3628173932-496747200-3867910086-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Moveslink2 (HKU\S-1-5-21-3628173932-496747200-3867910086-1001\...\72ba98056758d55b) (Version: 1.5.0.318 - Suunto)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
NVIDIA Ovladač HD audia 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation)
Odinstalace tiskárny EPSON SX535WD Series (HKLM\...\EPSON SX535WD Series) (Version: - SEIKO EPSON Corporation)
Ovládací panel NVIDIA 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 432.00 - NVIDIA Corporation) Hidden
Potplayer (HKLM-x32\...\PotPlayer) (Version: - Daum Communications Corp.)
PRO100 (HKLM-x32\...\{B3DBB43D-9451-45D0-B5A9-6413C98D091B}) (Version: 1.0.0 - Ecru)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 5.1.0.0 - ASCOMP Software GmbH)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Suuntolink (HKU\S-1-5-21-3628173932-496747200-3867910086-1001\...\Suuntolink) (Version: 2.24.3 - Suunto)
TOPO Czech PRO 2013 (HKLM-x32\...\{1278ABFC-E3E6-434B-A302-BB0E4949B87D}) (Version: 7.00 - PICODAS PRAHA, spol. s r.o.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
TurboFLOORPLAN Dum & Interiér & Zahrada Pro v12 (HKLM-x32\...\InstallShield_{74F541C8-EB78-4606-8234-0955ED803787}) (Version: 12.1 - IMSIDesign)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zemana AntiMalware verze 3.1.495 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.495 - Zemana)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.6 - ZONER software)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1804.2.61 - ZONER software)
Packages:
=========
Mapy.cz -> C:\Program Files\WindowsApps\949FFEAB.Mapy.cz_6.12.23.0_x64__refxrrjvvv3cw [2019-10-03] (Seznam.cz a.s.)
Messenger -> C:\Program Files\WindowsApps\Facebook.317180B0BB486_196.2292.59195.0_x86__8xx8rvfyw5nnt [2019-07-15] (Facebook Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-15] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-12-03] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.16.0_x64__nfy108tqq3p12 [2019-09-30] (Thumbmunkeys Ltd) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-05-13] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [Secure Eraser] -> {2A8DEC8D-934E-4FF8-825A-05A800047649} => C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll [2016-02-03] (ASCOMP Software GmbH -> )
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-05-13] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Secure Eraser] -> {2A8DEC8D-934E-4FF8-825A-05A800047649} => C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll [2016-02-03] (ASCOMP Software GmbH -> )
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-01-07 15:38 - 2014-09-09 12:30 - 000603648 _____ () [File not signed] C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2019-05-17 16:54 - 2012-11-12 14:15 - 000558592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2019-05-17 16:54 - 2012-10-22 16:19 - 000219648 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enpres.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-01-06 17:43 - 2019-11-17 17:07 - 000000841 ____N C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3628173932-496747200-3867910086-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.20.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{0BEA436D-2978-4718-BB09-1B7BC8FA6164}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4E8ED21E-92B9-4D99-8B9A-BE18D885FF30}] => (Allow) LPort=1900
FirewallRules: [{B6B4F8AF-0B00-447B-8492-FC1164849FAB}] => (Allow) LPort=2869
FirewallRules: [{8F99A760-7668-4AED-B6C8-7812E6050447}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B845EF11-2B19-4203-B620-85AF6CCDE8B0}] => (Allow) C:\Program Files (x86)\iibiMuRxEo.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{91C53597-CF24-45DC-9667-646B067F2383}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{371ED633-669B-4AAC-983C-AD4DDCD332BE}] => (Allow) C:\Program Files (x86)\DAUM\PotPlayer\PotPlayerMini.exe (Daum Communications Corp. -> Daum Communications)
FirewallRules: [Daum PotPlayer(PotPlayerMini.exe)] => (Allow) C:\Program Files (x86)\DAUM\PotPlayer\PotPlayerMini.exe (Daum Communications Corp. -> Daum Communications)
FirewallRules: [{3214A953-EDB5-4571-BE2B-9732F7F1F374}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [UDP Query User{F00377D3-89AC-4AF5-8AFE-9BD0C0643058}C:\users\mpmus\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mpmus\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{47E09F68-55C2-4B2C-9C44-A3530B37AF0A}C:\users\mpmus\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mpmus\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{28C9ED06-40A9-42ED-9D07-3475C8575451}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{095B1518-26E3-463E-A488-49C7730E6DA3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{73BC15C8-0FA7-4E7D-9C1D-0DC789F80B3C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
20-11-2019 16:44:29 JRT Pre-Junkware Removal
03-12-2019 17:41:06 Restore Point Created by FRST
04-12-2019 17:48:14 Restore Point Created by FRST
04-12-2019 17:58:06 Restore Point Created by FRST
04-12-2019 19:09:38 Restore Point Created by FRST
05-12-2019 11:30:17 Restore Point Created by FRST
12-12-2019 15:49:50 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/20/2019 09:58:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4828,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/19/2019 09:54:27 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4712,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/19/2019 09:37:00 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3536,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/19/2019 09:29:43 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1236,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/19/2019 08:47:56 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11240,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/19/2019 07:46:15 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7004,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/15/2019 07:32:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10916,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/15/2019 07:22:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12620,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (12/05/2019 11:33:01 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba SysMain byla ukončena s následující chybou:
Parametr není správný.
Error: (12/05/2019 11:30:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (12/05/2019 11:30:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wireless Keyboard 850 Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/05/2019 11:30:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/05/2019 11:30:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.
Error: (12/04/2019 07:10:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.
Error: (12/04/2019 07:10:22 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WSearch se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (12/04/2019 07:09:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Windows Defender:
===================================
Date: 2019-12-19 09:53:09.383
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CA573443-A14B-405A-8EB4-F43E22E897DC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-12-05 11:30:21.970
Description:
Řízený přístup ke složkám zablokoval pro C:\Users\mpmus\OneDrive\Plocha\FRST64.exe možnost upravit %userprofile%\OneDrive\Plocha\.
Čas detekce: 2019-12-05T10:30:21.970Z
Uživatel: DESKTOP-I3KG49D\mpmus
Cesta: %userprofile%\OneDrive\Plocha\
Název procesu: C:\Users\mpmus\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: 1.305.3350.0
Verze modulu: 1.1.16500.1
Verze produktu: 4.18.1910.4
Date: 2019-12-05 11:20:56.165
Description:
Řízený přístup ke složkám zablokoval pro C:\Users\mpmus\OneDrive\Plocha\FRST64.exe možnost upravit %userprofile%\OneDrive\Plocha\.
Čas detekce: 2019-12-05T10:20:56.165Z
Uživatel: DESKTOP-I3KG49D\mpmus
Cesta: %userprofile%\OneDrive\Plocha\
Název procesu: C:\Users\mpmus\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: 1.305.3350.0
Verze modulu: 1.1.16500.1
Verze produktu: 4.18.1910.4
Date: 2019-12-05 11:20:49.802
Description:
Řízený přístup ke složkám zablokoval pro C:\Users\mpmus\OneDrive\Plocha\FRST64.exe možnost upravit %userprofile%\OneDrive\Plocha\.
Čas detekce: 2019-12-05T10:20:49.801Z
Uživatel: DESKTOP-I3KG49D\mpmus
Cesta: %userprofile%\OneDrive\Plocha\
Název procesu: C:\Users\mpmus\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: 1.305.3350.0
Verze modulu: 1.1.16500.1
Verze produktu: 4.18.1910.4
Date: 2019-12-05 11:20:43.457
Description:
Řízený přístup ke složkám zablokoval pro C:\Users\mpmus\OneDrive\Plocha\FRST64.exe možnost upravit %userprofile%\OneDrive\Plocha\.
Čas detekce: 2019-12-05T10:20:43.456Z
Uživatel: DESKTOP-I3KG49D\mpmus
Cesta: %userprofile%\OneDrive\Plocha\
Název procesu: C:\Users\mpmus\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: 1.305.3350.0
Verze modulu: 1.1.16500.1
Verze produktu: 4.18.1910.4
Date: 2019-12-04 18:02:54.030
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.3332.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
CodeIntegrity:
===================================
Date: 2019-12-20 10:03:05.532
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-20 10:03:04.623
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-20 10:03:01.253
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-20 10:02:59.634
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-20 10:02:59.288
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-20 10:02:58.733
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-20 10:02:58.235
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-20 10:02:57.832
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P3.10 08/30/2017
Motherboard: ASRock A320M-HDV
Processor: AMD Ryzen 3 1300X Quad-Core Processor
Percentage of memory in use: 38%
Total physical RAM: 8125.1 MB
Available physical RAM: 4966.55 MB
Total Virtual: 8637.1 MB
Available Virtual: 4931.38 MB
==================== Drives ================================
Drive c: (SSD_Windows) (Fixed) (Total:110.39 GB) (Free:58.54 GB) NTFS
Drive d: (HDD_1TB) (Fixed) (Total:931.51 GB) (Free:691.71 GB) NTFS
Drive e: (HDD_Pracovní) (Fixed) (Total:465.76 GB) (Free:91.87 GB) NTFS
Drive f: (Transcend 500GB) (Fixed) (Total:465.76 GB) (Free:258.19 GB) NTFS
\\?\Volume{365404e6-e053-4bbd-a4c9-464a57272c18}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{98a06007-017f-41e9-9212-077bc28c85e8}\ () (Fixed) (Total:0.8 GB) (Free:0.41 GB) NTFS
\\?\Volume{bdf8228a-2751-42c8-b79e-e4566e492fb5}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 7841F661)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 972732EE)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 3 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Re: Nejdou háčky
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2019
Ran by mpmus (administrator) on DESKTOP-I3KG49D (20-12-2019 10:03:15)
Running from C:\Users\mpmus\OneDrive\Plocha
Loaded Profiles: mpmus (Available Profiles: mpmus)
Platform: Windows 10 Home Version 1903 18362.535 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\mpmus\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\mpmus\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20356.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20356.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTE.EXE
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTE.EXE
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTE.EXE
(Suunto Oy -> ) C:\Users\mpmus\AppData\Local\Suuntolink\app-2.24.3\resources\app\LaunchAgents\SuuntolinkLauncher.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3628173932-496747200-3867910086-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-02-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3628173932-496747200-3867910086-1001\...\Run: [SuuntolinkLauncher] => C:\Users\mpmus\AppData\Local\Suuntolink\app-2.24.3\resources\app\LaunchAgents\SuuntolinkLauncher.exe [1298544 2019-09-30] (Suunto Oy -> )
HKU\S-1-5-21-3628173932-496747200-3867910086-1001\...\Run: [EPLTarget\P0000000000000003] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE [241280 2019-05-17] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3628173932-496747200-3867910086-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE [241280 2019-05-17] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3628173932-496747200-3867910086-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE [241280 2019-05-17] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3628173932-496747200-3867910086-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [458456 2014-12-19] (ZONER software, a.s. -> ZONER software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-19] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0C072205-22D2-4696-8374-E8BD40B130F5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {39BA8B93-9F6A-4ABD-945F-DA141282AE20} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-09] (Google Inc -> Google Inc.)
Task: {46F515DB-04AD-42C4-BCEF-EF5BE0F980CA} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [659520 2019-11-04] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {55691A20-1E6B-46FD-B4D8-F6C0521DD798} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-02-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BB0E4CCC-43B1-4C46-B8DF-119F033B63FF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
Task: {EF6D143D-B425-4D41-A612-457E3B9B1F5E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {FD576412-C65C-436F-A2C9-B965E8CD70C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-09] (Google Inc -> Google Inc.)
Task: {FF5DB587-BD90-41EB-9505-C15F73ED88F4} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.20.1 8.8.8.8
Tcpip\..\Interfaces\{96214b12-95a5-4248-b8cc-8bf752124d8f}: [DhcpNameServer] 192.168.20.1 8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-3628173932-496747200-3867910086-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID= ... A5BC7E10B0
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\mpmus\Downloads
FireFox:
========
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.cz/","hxxps://images.google.cz/","hxxps://uloz.to/","hxxps://www.youtube.com/?gl=CZ&hl=cs","hxxps://obchod.valka.cz/","hxxps://tracker.cztorrent.net/","hxxps://www.facebook.com/","hxxps://best.aliexpress.com/","hxxps://www.modelforum.cz/","hxxps://tracker.cztorrent.net/torrents","hxxps://www.mn-modelar.cz/","hxxps://mapy.cz/","hxxp://www.movescount.com/cs/gear/gear3660766-Suunto_Traverse","hxxps://www.bike-forum.cz/forum/prehled/aktualni"
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Profile: C:\Users\mpmus\AppData\Local\Google\Chrome\User Data\Default [2019-12-20]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\mpmus\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2019-11-17]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\mpmus\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2019-11-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\mpmus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-17]
CHR Extension: (Chrome Media Router) - C:\Users\mpmus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-12]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-20] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [24424 2016-08-12] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243056 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2019-11-17] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-02-16] (Disc Soft Ltd -> Disc Soft Ltd)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-12-20] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys [22094728 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [946696 2016-11-21] (Realtek Semiconductor Corp. -> Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-13] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-20 10:02 - 2019-12-20 10:03 - 000000000 ____D C:\FRST
2019-12-20 09:49 - 2019-12-20 09:49 - 000000000 ___HD C:\OneDriveTemp
2019-12-20 09:48 - 2019-12-20 09:48 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-12-15 12:00 - 2019-12-19 09:43 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-15 12:00 - 2019-12-19 09:43 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-12 16:01 - 2019-12-12 16:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-12-12 16:01 - 2019-10-04 16:55 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-12-12 16:01 - 2019-10-04 16:55 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-12-12 16:01 - 2019-10-04 16:55 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-12-12 16:01 - 2019-10-04 16:55 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-12-12 16:01 - 2019-10-04 16:54 - 001006800 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-12-12 16:01 - 2019-10-04 16:54 - 001006800 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-12-12 16:01 - 2019-10-04 16:54 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-12-12 16:01 - 2019-10-04 16:54 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-12-12 16:00 - 2019-10-04 16:54 - 011059640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-12-12 16:00 - 2019-10-04 16:54 - 009492896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-12-12 16:00 - 2019-10-04 16:54 - 000552328 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-12-12 16:00 - 2019-10-04 16:54 - 000456632 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 002041784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 001721816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443200.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 001543424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 001472200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 001468504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443200.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 001164160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 001135816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 000914336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 000822232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 000676824 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 000633728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 000544160 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 000523520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 000055448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2019-12-12 16:00 - 2019-10-04 16:52 - 040412760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-12-12 16:00 - 2019-10-04 16:52 - 035269832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-12-12 16:00 - 2019-10-04 16:52 - 020194712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-12-12 16:00 - 2019-10-04 16:52 - 017471576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-12-12 16:00 - 2019-10-04 16:52 - 005425808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-12-12 16:00 - 2019-10-04 16:52 - 004768160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-12-12 16:00 - 2019-10-04 16:51 - 004342528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-12 15:56 - 2019-12-12 15:56 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-12 15:56 - 2019-12-12 15:56 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-12 15:56 - 2019-12-12 15:56 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-20 10:03 - 2019-11-17 17:29 - 000093243 _____ C:\WINDOWS\ZAM.krnl.trace
2019-12-20 10:03 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-20 09:53 - 2019-06-27 19:37 - 002610702 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-20 09:53 - 2019-06-27 16:19 - 000763952 _____ C:\WINDOWS\system32\perfh019.dat
2019-12-20 09:53 - 2019-06-27 16:19 - 000152804 _____ C:\WINDOWS\system32\perfc019.dat
2019-12-20 09:53 - 2019-03-19 12:55 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-20 09:53 - 2019-03-19 12:55 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-20 09:53 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-20 09:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2019-12-20 09:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-20 09:49 - 2019-01-06 18:26 - 000000000 ___RD C:\Users\mpmus\OneDrive
2019-12-20 09:48 - 2019-06-27 19:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-20 09:48 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-12-20 09:48 - 2019-01-06 18:17 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-19 09:43 - 2019-11-17 17:29 - 000002522 _____ C:\WINDOWS\system32\Tasks\AMHelper
2019-12-19 09:43 - 2019-06-27 19:35 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-12-19 09:43 - 2019-06-27 19:35 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3628173932-496747200-3867910086-1001
2019-12-19 09:43 - 2019-06-27 19:35 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-12-19 09:43 - 2019-06-27 19:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2019-12-19 08:20 - 2019-06-27 19:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-19 07:38 - 2019-02-09 18:03 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-19 07:38 - 2019-01-06 18:33 - 000000000 ____D C:\Program Files\CCleaner
2019-12-15 11:57 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-13 13:09 - 2019-01-06 18:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-12-13 12:59 - 2019-01-06 18:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-13 12:59 - 2019-01-06 18:24 - 000000000 ___RD C:\Users\mpmus\3D Objects
2019-12-13 12:58 - 2019-06-27 19:29 - 000438800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-12 18:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-12 18:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-12 18:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-12 18:02 - 2019-01-06 18:17 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-12-12 16:02 - 2019-01-23 16:26 - 000000000 ____D C:\Users\mpmus\AppData\Local\CrashDumps
2019-12-12 16:02 - 2019-01-06 18:17 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-12-12 16:01 - 2019-01-06 18:17 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-12-12 16:00 - 2019-01-07 17:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-12 15:58 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-12 15:58 - 2019-01-07 17:40 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-12 15:58 - 2019-01-06 18:24 - 000000000 ____D C:\Users\mpmus\AppData\Local\Packages
==================== Files in the root of some directories ========
1601-01-03 21:26 - 1601-01-03 21:26 - 000078336 _____ (Microsoft Corporation) C:\Program Files (x86)\iibiMuRxEo.exe
2019-02-09 17:44 - 2019-02-09 17:44 - 000000003 _____ () C:\Users\mpmus\AppData\Local\wbem.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by mpmus (administrator) on DESKTOP-I3KG49D (20-12-2019 10:03:15)
Running from C:\Users\mpmus\OneDrive\Plocha
Loaded Profiles: mpmus (Available Profiles: mpmus)
Platform: Windows 10 Home Version 1903 18362.535 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\mpmus\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\mpmus\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20356.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20356.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTE.EXE
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTE.EXE
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTE.EXE
(Suunto Oy -> ) C:\Users\mpmus\AppData\Local\Suuntolink\app-2.24.3\resources\app\LaunchAgents\SuuntolinkLauncher.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3628173932-496747200-3867910086-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-02-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3628173932-496747200-3867910086-1001\...\Run: [SuuntolinkLauncher] => C:\Users\mpmus\AppData\Local\Suuntolink\app-2.24.3\resources\app\LaunchAgents\SuuntolinkLauncher.exe [1298544 2019-09-30] (Suunto Oy -> )
HKU\S-1-5-21-3628173932-496747200-3867910086-1001\...\Run: [EPLTarget\P0000000000000003] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE [241280 2019-05-17] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3628173932-496747200-3867910086-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE [241280 2019-05-17] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3628173932-496747200-3867910086-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE [241280 2019-05-17] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3628173932-496747200-3867910086-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [458456 2014-12-19] (ZONER software, a.s. -> ZONER software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-19] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0C072205-22D2-4696-8374-E8BD40B130F5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {39BA8B93-9F6A-4ABD-945F-DA141282AE20} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-09] (Google Inc -> Google Inc.)
Task: {46F515DB-04AD-42C4-BCEF-EF5BE0F980CA} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [659520 2019-11-04] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {55691A20-1E6B-46FD-B4D8-F6C0521DD798} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-02-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BB0E4CCC-43B1-4C46-B8DF-119F033B63FF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
Task: {EF6D143D-B425-4D41-A612-457E3B9B1F5E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {FD576412-C65C-436F-A2C9-B965E8CD70C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-09] (Google Inc -> Google Inc.)
Task: {FF5DB587-BD90-41EB-9505-C15F73ED88F4} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.20.1 8.8.8.8
Tcpip\..\Interfaces\{96214b12-95a5-4248-b8cc-8bf752124d8f}: [DhcpNameServer] 192.168.20.1 8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-3628173932-496747200-3867910086-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID= ... A5BC7E10B0
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\mpmus\Downloads
FireFox:
========
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.cz/","hxxps://images.google.cz/","hxxps://uloz.to/","hxxps://www.youtube.com/?gl=CZ&hl=cs","hxxps://obchod.valka.cz/","hxxps://tracker.cztorrent.net/","hxxps://www.facebook.com/","hxxps://best.aliexpress.com/","hxxps://www.modelforum.cz/","hxxps://tracker.cztorrent.net/torrents","hxxps://www.mn-modelar.cz/","hxxps://mapy.cz/","hxxp://www.movescount.com/cs/gear/gear3660766-Suunto_Traverse","hxxps://www.bike-forum.cz/forum/prehled/aktualni"
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Profile: C:\Users\mpmus\AppData\Local\Google\Chrome\User Data\Default [2019-12-20]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\mpmus\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2019-11-17]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\mpmus\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2019-11-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\mpmus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-17]
CHR Extension: (Chrome Media Router) - C:\Users\mpmus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-12]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-20] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [24424 2016-08-12] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243056 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2019-11-17] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-02-16] (Disc Soft Ltd -> Disc Soft Ltd)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-12-20] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys [22094728 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [946696 2016-11-21] (Realtek Semiconductor Corp. -> Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-13] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-20 10:02 - 2019-12-20 10:03 - 000000000 ____D C:\FRST
2019-12-20 09:49 - 2019-12-20 09:49 - 000000000 ___HD C:\OneDriveTemp
2019-12-20 09:48 - 2019-12-20 09:48 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-12-15 12:00 - 2019-12-19 09:43 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-15 12:00 - 2019-12-19 09:43 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-12 16:01 - 2019-12-12 16:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-12-12 16:01 - 2019-10-04 16:55 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-12-12 16:01 - 2019-10-04 16:55 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-12-12 16:01 - 2019-10-04 16:55 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-12-12 16:01 - 2019-10-04 16:55 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-12-12 16:01 - 2019-10-04 16:54 - 001006800 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-12-12 16:01 - 2019-10-04 16:54 - 001006800 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-12-12 16:01 - 2019-10-04 16:54 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-12-12 16:01 - 2019-10-04 16:54 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-12-12 16:00 - 2019-10-04 16:54 - 011059640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-12-12 16:00 - 2019-10-04 16:54 - 009492896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-12-12 16:00 - 2019-10-04 16:54 - 000552328 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-12-12 16:00 - 2019-10-04 16:54 - 000456632 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 002041784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 001721816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443200.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 001543424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 001472200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 001468504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443200.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 001164160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 001135816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 000914336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 000822232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 000676824 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 000633728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 000544160 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 000523520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-12-12 16:00 - 2019-10-04 16:53 - 000055448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2019-12-12 16:00 - 2019-10-04 16:52 - 040412760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-12-12 16:00 - 2019-10-04 16:52 - 035269832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-12-12 16:00 - 2019-10-04 16:52 - 020194712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-12-12 16:00 - 2019-10-04 16:52 - 017471576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-12-12 16:00 - 2019-10-04 16:52 - 005425808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-12-12 16:00 - 2019-10-04 16:52 - 004768160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-12-12 16:00 - 2019-10-04 16:51 - 004342528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-12 15:56 - 2019-12-12 15:56 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-12 15:56 - 2019-12-12 15:56 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-12 15:56 - 2019-12-12 15:56 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-12 15:56 - 2019-12-12 15:56 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-12 15:56 - 2019-12-12 15:56 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-12 15:56 - 2019-12-12 15:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-20 10:03 - 2019-11-17 17:29 - 000093243 _____ C:\WINDOWS\ZAM.krnl.trace
2019-12-20 10:03 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-20 09:53 - 2019-06-27 19:37 - 002610702 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-20 09:53 - 2019-06-27 16:19 - 000763952 _____ C:\WINDOWS\system32\perfh019.dat
2019-12-20 09:53 - 2019-06-27 16:19 - 000152804 _____ C:\WINDOWS\system32\perfc019.dat
2019-12-20 09:53 - 2019-03-19 12:55 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-20 09:53 - 2019-03-19 12:55 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-20 09:53 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-20 09:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2019-12-20 09:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-20 09:49 - 2019-01-06 18:26 - 000000000 ___RD C:\Users\mpmus\OneDrive
2019-12-20 09:48 - 2019-06-27 19:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-20 09:48 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-12-20 09:48 - 2019-01-06 18:17 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-19 09:43 - 2019-11-17 17:29 - 000002522 _____ C:\WINDOWS\system32\Tasks\AMHelper
2019-12-19 09:43 - 2019-06-27 19:35 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-12-19 09:43 - 2019-06-27 19:35 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3628173932-496747200-3867910086-1001
2019-12-19 09:43 - 2019-06-27 19:35 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-12-19 09:43 - 2019-06-27 19:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2019-12-19 08:20 - 2019-06-27 19:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-19 07:38 - 2019-02-09 18:03 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-19 07:38 - 2019-01-06 18:33 - 000000000 ____D C:\Program Files\CCleaner
2019-12-15 11:57 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-13 13:09 - 2019-01-06 18:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-12-13 12:59 - 2019-01-06 18:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-13 12:59 - 2019-01-06 18:24 - 000000000 ___RD C:\Users\mpmus\3D Objects
2019-12-13 12:58 - 2019-06-27 19:29 - 000438800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-12 18:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-12 18:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-12 18:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-12 18:02 - 2019-01-06 18:17 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-12-12 16:02 - 2019-01-23 16:26 - 000000000 ____D C:\Users\mpmus\AppData\Local\CrashDumps
2019-12-12 16:02 - 2019-01-06 18:17 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-12-12 16:01 - 2019-01-06 18:17 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-12-12 16:00 - 2019-01-07 17:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-12 15:58 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-12 15:58 - 2019-01-07 17:40 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-12 15:58 - 2019-01-06 18:24 - 000000000 ____D C:\Users\mpmus\AppData\Local\Packages
==================== Files in the root of some directories ========
1601-01-03 21:26 - 1601-01-03 21:26 - 000078336 _____ (Microsoft Corporation) C:\Program Files (x86)\iibiMuRxEo.exe
2019-02-09 17:44 - 2019-02-09 17:44 - 000000003 _____ () C:\Users\mpmus\AppData\Local\wbem.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Nejdou háčky
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
Kód: Vybrat vše
Start
CreateRestorePoint:
CloseProcesses:
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {39BA8B93-9F6A-4ABD-945F-DA141282AE20} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-09] (Google Inc -> Google Inc.)
Task: {FD576412-C65C-436F-A2C9-B965E8CD70C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-09] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Nejdou háčky
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by mpmus (20-12-2019 19:03:02) Run:1
Running from C:\Users\mpmus\OneDrive\Plocha
Loaded Profiles: mpmus (Available Profiles: mpmus)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {39BA8B93-9F6A-4ABD-945F-DA141282AE20} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-09] (Google Inc -> Google Inc.)
Task: {FD576412-C65C-436F-A2C9-B965E8CD70C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-09] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{39BA8B93-9F6A-4ABD-945F-DA141282AE20}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39BA8B93-9F6A-4ABD-945F-DA141282AE20}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD576412-C65C-436F-A2C9-B965E8CD70C2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD576412-C65C-436F-A2C9-B965E8CD70C2}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 46760810 B
Java, Flash, Steam htmlcache => 1110 B
Windows/system/drivers => 27002873 B
Edge => 0 B
Chrome => 479190596 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 16330 B
NetworkService => 32064 B
mpmus => 11524095 B
RecycleBin => 123979469 B
EmptyTemp: => 666.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:03:36 ====
Ran by mpmus (20-12-2019 19:03:02) Run:1
Running from C:\Users\mpmus\OneDrive\Plocha
Loaded Profiles: mpmus (Available Profiles: mpmus)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {39BA8B93-9F6A-4ABD-945F-DA141282AE20} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-09] (Google Inc -> Google Inc.)
Task: {FD576412-C65C-436F-A2C9-B965E8CD70C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-09] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{39BA8B93-9F6A-4ABD-945F-DA141282AE20}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39BA8B93-9F6A-4ABD-945F-DA141282AE20}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD576412-C65C-436F-A2C9-B965E8CD70C2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD576412-C65C-436F-A2C9-B965E8CD70C2}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 46760810 B
Java, Flash, Steam htmlcache => 1110 B
Windows/system/drivers => 27002873 B
Edge => 0 B
Chrome => 479190596 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 16330 B
NetworkService => 32064 B
mpmus => 11524095 B
RecycleBin => 123979469 B
EmptyTemp: => 666.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:03:36 ====
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Nejdou háčky
Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Nejdou háčky
Myslíš háčky čárky? Ty už jdou.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Nejdou háčky
Stáhni si zde DelFix
Další odkazy:
https://toolslib.net/downloads/viewdownload/2-delfix/
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Další odkazy:
https://toolslib.net/downloads/viewdownload/2-delfix/
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Nejdou háčky
# DelFix v1.013 - Logfile created 21/12/2019 at 07:49:26
# Updated 17/04/2016 by Xplode
# Username : mpmus - DESKTOP-I3KG49D
# Operating System : Windows 10 Home (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\mpmus\OneDrive\Plocha\Addition.txt
Deleted : C:\Users\mpmus\OneDrive\Plocha\AdwCleaner – zástupce.lnk
Deleted : C:\Users\mpmus\OneDrive\Plocha\Fixlog.txt
Deleted : C:\Users\mpmus\OneDrive\Plocha\FRST64.exe
Deleted : C:\Users\mpmus\OneDrive\Plocha\JRT – zástupce.lnk
Deleted : C:\Users\mpmus\OneDrive\Plocha\RogueKiller_portable64.exe
Deleted : C:\Users\mpmus\OneDrive\Plocha\TFC – zástupce.lnk
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
~ Cleaning system restore ...
Deleted : RP #16 [Naplánovaný kontrolní bod | 12/20/2019 12:58:43]
Deleted : RP #18 [Restore Point Created by FRST | 12/20/2019 18:03:02]
New restore point created !
########## - EOF - ##########
# Updated 17/04/2016 by Xplode
# Username : mpmus - DESKTOP-I3KG49D
# Operating System : Windows 10 Home (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\mpmus\OneDrive\Plocha\Addition.txt
Deleted : C:\Users\mpmus\OneDrive\Plocha\AdwCleaner – zástupce.lnk
Deleted : C:\Users\mpmus\OneDrive\Plocha\Fixlog.txt
Deleted : C:\Users\mpmus\OneDrive\Plocha\FRST64.exe
Deleted : C:\Users\mpmus\OneDrive\Plocha\JRT – zástupce.lnk
Deleted : C:\Users\mpmus\OneDrive\Plocha\RogueKiller_portable64.exe
Deleted : C:\Users\mpmus\OneDrive\Plocha\TFC – zástupce.lnk
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
~ Cleaning system restore ...
Deleted : RP #16 [Naplánovaný kontrolní bod | 12/20/2019 12:58:43]
Deleted : RP #18 [Restore Point Created by FRST | 12/20/2019 18:03:02]
New restore point created !
########## - EOF - ##########
Re: Nejdou háčky
Tím jsem se zbavil všeho toho smetí po tom čištění?
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 9 hostů