Prosím o kontrolu logu

Příspěvekod **jaro3** » 12 říj 2017 22:36

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

Reklama

vanaondrej10 · Příspěvekod **vanaondrej10** » 13 říj 2017 11:24

Pokud bude po tomhle pc v poho, muzu uz tedy bezpecne platit kartou na netu atd? A nemusim se bat, ze mně nekdo ukradne udaje atd?

vanaondrej10 · Příspěvekod **vanaondrej10** » 13 říj 2017 14:32

# DelFix v1.013 - Logfile created 13/10/2017 at 14:26:08
# Updated 17/04/2016 by Xplode
# Username : Ondra - ONDRA-10
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\32788R22FWJFW
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\Ondra\Downloads\adwcleaner_6.047.exe
Deleted : HKCU\console_combofixbackup
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart
Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys
Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart
Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #99 [Windows Update | 10/07/2017 14:08:46]
Deleted : RP #100 [Installed Sophos Virus Removal Tool. | 10/10/2017 16:01:08]
Deleted : RP #101 [Windows Update | 10/11/2017 06:17:00]
Deleted : RP #102 [zoek.exe restore point | 10/11/2017 17:10:13]
Deleted : RP #103 [Windows Update | 10/12/2017 11:04:23]

New restore point created !

########## - EOF - ##########

Příspěvekod **jaro3** » 13 říj 2017 19:15

Mělo by být vše OK.

pokud chceš jistotu:
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

vanaondrej10 · Příspěvekod **vanaondrej10** » 13 říj 2017 20:11

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-10-2017
Ran by Ondra (administrator) on ONDRA-10 (13-10-2017 20:09:24)
Running from C:\Users\Ondra\Desktop
Loaded Profiles: Ondra (Available Profiles: Ondra)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Thrustmaster®) C:\Program Files\Thrustmaster\FFB Racing wheel\drivers\x86\tmInstall.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HP KEYBOARDx] => C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE [710656 2010-02-11] (Hewlett-Packard)
HKLM\...\Run: [HP Remote Solution] => C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-08-25] (Hewlett-Packard)
HKLM\...\Run: [File Sanitizer] => c:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12310616 2012-03-09] (Hewlett-Packard)
HKLM\...\Run: [HPSYSDRV] => C:\Program Files\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-11] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-337637791-2363233718-2110463198-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7685808 2017-09-20] (Piriform Ltd)
Lsa: [Notification Packages] DPPassFilter scecli

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.0.15
Tcpip\..\Interfaces\{7A6D465A-E939-4EB7-9470-CE92E8A97EC9}: [DhcpNameServer] 10.0.0.138 192.168.0.15

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-337637791-2363233718-2110463198-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-337637791-2363233718-2110463198-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-337637791-2363233718-2110463198-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-337637791-2363233718-2110463198-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
BHO: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-09] (Hewlett-Packard)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-09-28] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-10-11] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2017-09-30] (Microsoft Corporation)
BHO: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files\Free Download Manager\iefdm2.dll [2017-04-09] (FreeDownloadManager.ORG)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-28] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-28] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-28] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-28] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-28] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2015-11-07] [not signed]
FF HKU\S-1-5-21-337637791-2363233718-2110463198-1001\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files\Free Download Manager\Firefox\Extension
FF Extension: (Free Download Manager extension) - C:\Program Files\Free Download Manager\Firefox\Extension [2017-06-23]
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-28] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-28] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default [2017-10-13]
CHR Extension: (Prezentace) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-11]
CHR Extension: (YouTube) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-11]
CHR Extension: (Handy Tab) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\clgckgfbhciacomhlchmgdnplmdiadbj [2017-10-11]
CHR Extension: (Avast SafePrice) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-10-12]
CHR Extension: (Tabulky) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-11]
CHR Extension: (Avast Online Security) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-11]
CHR Extension: (Gmail) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-11]
CHR Extension: (Chrome Media Router) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-11]
CHR HKLM\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5828816 2017-10-11] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-11] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4939976 2017-09-08] (Microsoft Corporation)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [276248 2012-04-03] (Intel Corporation)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [349520 2012-03-28] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\system32\flcdlock.exe [477056 2012-02-01] (Hewlett-Packard Company)
R2 HPFSService; c:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [372824 2012-03-09] (Hewlett-Packard)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4430792 2017-08-07] (Malwarebytes)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2012-03-22] () [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [1719552 2017-02-15] (PDF Complete Inc)
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 tmInstall; C:\Program Files\Thrustmaster\FFB Racing wheel\drivers\x86\tmInstall.EXE [106144 2016-11-28] (Thrustmaster®)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [21096 2009-07-13] (The Within Network, LLC)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [255624 2017-10-11] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [157416 2017-10-11] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [276736 2017-10-11] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [50384 2017-10-11] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [42856 2017-10-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [124952 2017-10-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [99560 2017-10-11] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [70864 2017-10-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777952 2017-10-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [499560 2017-10-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [149824 2017-10-11] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [297840 2017-10-11] (AVAST Software)
R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1570304 2012-10-18] (Atheros Communications, Inc.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv.sys [51512 2012-01-31] (Hewlett-Packard Company)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [221112 2017-10-13] (Malwarebytes)
R3 MEI; C:\Windows\system32\drivers\HECI.sys [46080 2012-04-11] (Intel Corporation)
R0 MfeEpeOpal; C:\Windows\system32\Drivers\MfeEpeOpal.sys [72264 2012-03-22] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\system32\Drivers\MfeEpePc.sys [110408 2012-03-22] (McAfee, Inc.)
S3 tmhidusb; C:\Windows\System32\DRIVERS\tmhidusb.sys [164512 2016-11-28] (Thrustmaster)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [25448 2009-07-13] ()
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-13 20:09 - 2017-10-13 20:10 - 000015389 _____ C:\Users\Ondra\Desktop\FRST.txt
2017-10-13 20:09 - 2017-10-13 20:09 - 000000000 ____D C:\FRST
2017-10-13 20:08 - 2017-10-13 20:08 - 001797632 _____ (Farbar) C:\Users\Ondra\Desktop\FRST.exe
2017-10-13 20:08 - 2017-10-13 20:08 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-10-13 14:15 - 2017-10-13 14:15 - 000000927 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-10-13 14:15 - 2017-10-13 14:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-10-13 14:15 - 2017-10-13 14:15 - 000000000 ____D C:\Program Files\CCleaner
2017-10-12 15:37 - 2017-10-12 15:37 - 000032079 _____ C:\Users\Ondra\Downloads\capek_loupeznik.jpeg
2017-10-12 15:10 - 2017-10-12 15:10 - 002092544 _____ C:\Users\Ondra\Downloads\karel capek.ppt
2017-10-12 15:04 - 2017-10-12 15:04 - 000000000 ____D C:\Users\Ondra\AppData\Local\PDFC
2017-10-11 19:39 - 2017-10-12 13:29 - 000000000 ____D C:\Windows\erdnt
2017-10-11 19:23 - 2017-10-11 19:23 - 000000000 ____D C:\ProgramData\HPQLOG
2017-10-11 19:20 - 2017-10-11 19:09 - 000024064 _____ C:\Windows\zoek-delete.exe
2017-10-11 18:27 - 2017-09-13 17:13 - 004001512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2017-10-11 18:27 - 2017-09-13 17:13 - 003945704 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-10-11 18:27 - 2017-09-13 17:13 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-10-11 18:27 - 2017-09-13 17:13 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-10-11 18:27 - 2017-09-13 17:10 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-10-11 18:27 - 2017-09-13 17:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-10-11 18:27 - 2017-09-13 17:09 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2017-10-11 18:27 - 2017-09-13 17:09 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-10-11 18:27 - 2017-09-13 17:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2017-10-11 18:27 - 2017-09-13 17:09 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-10-11 18:27 - 2017-09-13 17:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2017-10-11 18:27 - 2017-09-13 17:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-10-11 18:27 - 2017-09-13 17:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-10-11 18:27 - 2017-09-13 17:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-10-11 18:27 - 2017-09-13 17:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-10-11 18:27 - 2017-09-13 17:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-10-11 18:27 - 2017-09-13 17:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-10-11 18:27 - 2017-09-13 17:09 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-10-11 18:27 - 2017-09-13 17:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2017-10-11 18:27 - 2017-09-13 17:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2017-10-11 18:27 - 2017-09-13 17:09 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-10-11 18:27 - 2017-09-13 17:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-10-11 18:27 - 2017-09-13 17:09 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-10-11 18:27 - 2017-09-13 17:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-10-11 18:27 - 2017-09-13 17:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-10-11 18:27 - 2017-09-13 17:08 - 001062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-10-11 18:27 - 2017-09-13 17:08 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-10-11 18:27 - 2017-09-13 17:08 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-10-11 18:27 - 2017-09-13 17:08 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-10-11 18:27 - 2017-09-13 17:08 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-10-11 18:27 - 2017-09-13 17:08 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-10-11 18:27 - 2017-09-13 17:08 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-10-11 18:27 - 2017-09-13 17:08 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-10-11 18:27 - 2017-09-13 17:08 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-10-11 18:27 - 2017-09-13 16:53 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2017-10-11 18:27 - 2017-09-13 16:50 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-10-11 18:27 - 2017-09-13 16:50 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-10-11 18:27 - 2017-09-13 16:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-10-11 18:27 - 2017-09-13 16:50 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-10-11 18:27 - 2017-09-13 16:50 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-10-11 18:27 - 2017-09-13 16:48 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-10-11 18:27 - 2017-09-13 16:46 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-10-11 18:27 - 2017-09-13 16:46 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-10-11 18:27 - 2017-09-13 16:46 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-10-11 18:27 - 2017-09-13 16:46 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-10-11 18:27 - 2017-09-13 16:46 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-10-11 18:27 - 2017-09-13 16:46 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-10-11 18:27 - 2017-09-13 16:46 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-10-11 18:27 - 2017-09-09 01:47 - 000347344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-10-11 18:27 - 2017-09-08 17:14 - 001213672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-10-11 18:27 - 2017-09-08 17:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-10-11 18:27 - 2017-09-08 17:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-10-11 18:27 - 2017-09-08 17:10 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-10-11 18:27 - 2017-09-08 17:09 - 001400320 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-10-11 18:27 - 2017-09-08 17:09 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-10-11 18:27 - 2017-09-08 17:09 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-10-11 18:27 - 2017-09-08 17:09 - 000306688 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-10-11 18:27 - 2017-09-08 17:09 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-10-11 18:27 - 2017-09-08 17:09 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-10-11 18:27 - 2017-09-08 17:09 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-10-11 18:27 - 2017-09-08 17:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-10-11 18:27 - 2017-09-08 17:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-10-11 18:27 - 2017-09-08 17:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-10-11 18:27 - 2017-09-08 16:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-10-11 18:27 - 2017-09-08 16:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-10-11 18:27 - 2017-09-08 16:50 - 002402304 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-10-11 18:27 - 2017-09-08 16:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2017-10-11 18:27 - 2017-09-08 16:20 - 000345088 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2017-10-11 18:27 - 2017-09-08 16:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2017-10-11 18:27 - 2017-09-07 21:27 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-10-11 18:27 - 2017-09-07 21:26 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-10-11 18:27 - 2017-09-07 21:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-10-11 18:27 - 2017-09-07 21:10 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-10-11 18:27 - 2017-09-07 21:10 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-10-11 18:27 - 2017-09-07 21:10 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-10-11 18:27 - 2017-09-07 21:09 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-10-11 18:27 - 2017-09-07 21:04 - 020267008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-10-11 18:27 - 2017-09-07 21:03 - 002292736 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-10-11 18:27 - 2017-09-07 21:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-10-11 18:27 - 2017-09-07 21:02 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-10-11 18:27 - 2017-09-07 20:59 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-10-11 18:27 - 2017-09-07 20:58 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-10-11 18:27 - 2017-09-07 20:58 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-10-11 18:27 - 2017-09-07 20:58 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-10-11 18:27 - 2017-09-07 20:58 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-10-11 18:27 - 2017-09-07 20:52 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-11 18:27 - 2017-09-07 20:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-10-11 18:27 - 2017-09-07 20:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-10-11 18:27 - 2017-09-07 20:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-11 18:27 - 2017-09-07 20:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-10-11 18:27 - 2017-09-07 20:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-10-11 18:27 - 2017-09-07 20:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-10-11 18:27 - 2017-09-07 20:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-10-11 18:27 - 2017-09-07 20:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-10-11 18:27 - 2017-09-07 20:29 - 004547072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-10-11 18:27 - 2017-09-07 20:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-10-11 18:27 - 2017-09-07 20:26 - 000694784 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-10-11 18:27 - 2017-09-07 20:26 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-10-11 18:27 - 2017-09-07 20:25 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-10-11 18:27 - 2017-09-07 20:25 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-10-11 18:27 - 2017-09-07 20:17 - 013677568 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-10-11 18:27 - 2017-09-07 20:01 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-10-11 18:27 - 2017-09-07 19:57 - 001316864 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-10-11 18:27 - 2017-09-07 19:57 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-10-11 18:27 - 2017-09-07 17:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2017-10-11 18:27 - 2017-09-07 16:48 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-10-11 18:27 - 2017-09-07 16:48 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-10-11 18:27 - 2017-09-07 16:48 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-10-11 18:27 - 2017-08-19 17:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-10-11 18:27 - 2017-08-19 17:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-10-11 18:27 - 2017-08-19 17:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-10-11 18:27 - 2017-08-19 16:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-10-11 18:27 - 2017-08-19 16:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-10-11 18:27 - 2017-08-14 19:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-10-11 18:27 - 2017-08-14 19:35 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2017-10-11 18:27 - 2017-08-13 23:35 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-10-11 13:10 - 2017-10-11 13:10 - 000002077 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-10-11 13:10 - 2017-10-11 13:10 - 000000000 ____D C:\Users\Ondra\AppData\Roaming\AVAST Software
2017-10-11 13:10 - 2017-10-11 13:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-10-11 13:10 - 2017-10-11 13:09 - 000921280 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll
2017-10-11 13:10 - 2017-10-11 13:09 - 000777952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-10-11 13:10 - 2017-10-11 13:09 - 000499560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-10-11 13:10 - 2017-10-11 13:09 - 000304816 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-10-11 13:10 - 2017-10-11 13:09 - 000297840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-10-11 13:10 - 2017-10-11 13:09 - 000276736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys
2017-10-11 13:10 - 2017-10-11 13:09 - 000255624 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2017-10-11 13:10 - 2017-10-11 13:09 - 000157416 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys
2017-10-11 13:10 - 2017-10-11 13:09 - 000149824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-10-11 13:10 - 2017-10-11 13:09 - 000124952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-10-11 13:10 - 2017-10-11 13:09 - 000099560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-10-11 13:10 - 2017-10-11 13:09 - 000070864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-10-11 13:10 - 2017-10-11 13:09 - 000050384 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys
2017-10-11 13:10 - 2017-10-11 13:09 - 000042856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-10-11 13:05 - 2017-10-11 14:07 - 000000000 ____D C:\ProgramData\AVAST Software
2017-10-11 13:05 - 2017-10-11 13:05 - 000000000 ____D C:\Program Files\AVAST Software
2017-10-11 11:36 - 2017-10-11 18:39 - 000024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-10-11 10:01 - 2017-10-11 10:02 - 000000000 ____D C:\ProgramData\RogueKiller
2017-10-10 18:33 - 2017-10-13 17:02 - 000000000 ____D C:\Users\Ondra\Desktop\OMSI
2017-10-10 18:02 - 2017-10-10 18:02 - 000000000 ____D C:\ProgramData\Sophos
2017-10-10 18:02 - 2017-10-10 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2017-10-10 18:02 - 2017-10-10 18:02 - 000000000 ____D C:\Program Files\Sophos
2017-10-10 17:18 - 2017-10-10 17:18 - 000000000 ____D C:\Users\Ondra\AppData\LocalLow\U-Play online
2017-10-10 16:35 - 2017-10-10 16:35 - 000001457 _____ C:\Users\Ondra\Desktop\YoutubersLife.lnk
2017-10-10 16:35 - 2017-10-10 16:35 - 000000000 ____D C:\Users\Ondra\Documents\U-Play online
2017-10-10 16:29 - 2017-10-10 16:35 - 000000000 ____D C:\Program Files\YoutubersLife.v1.0.4
2017-10-10 13:42 - 2017-10-13 19:42 - 000221112 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-10-10 13:41 - 2017-10-10 13:41 - 000002022 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-10-10 13:41 - 2017-10-10 13:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-10-10 13:41 - 2017-10-10 13:41 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-10-10 13:41 - 2017-10-04 13:15 - 000059904 _____ C:\Windows\system32\Drivers\mbae.sys
2017-10-10 13:25 - 2017-10-13 14:31 - 000000000 ____D C:\Users\Ondra\Desktop\Vyčištění PC
2017-10-09 16:26 - 2017-10-09 16:26 - 000007731 _____ C:\Users\Ondra\AppData\Local\recently-used.xbel
2017-10-09 15:44 - 2017-10-09 15:44 - 000000923 _____ C:\Users\Public\Desktop\Barvy.lnk
2017-10-09 15:44 - 2017-10-09 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Barvy
2017-10-09 15:44 - 2017-10-09 15:44 - 000000000 ____D C:\Program Files\Barvy
2017-10-08 13:51 - 2017-10-08 13:51 - 000000000 ____D C:\Users\Ondra\Documents\MEGAsync
2017-10-08 13:51 - 2017-10-08 13:51 - 000000000 ____D C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2017-10-07 15:58 - 2017-10-07 15:58 - 000000000 ____D C:\HP_TOOLS_mountHPSF
2017-09-30 17:53 - 2017-09-30 17:53 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2017-09-17 11:20 - 2017-09-17 11:20 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-17 11:01 - 2017-09-27 17:07 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-17 11:01 - 2017-09-27 17:07 - 000002131 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-13 14:31 - 2017-08-19 17:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-13 14:31 - 2017-08-16 17:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-09-13 14:31 - 2017-08-15 17:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-13 14:31 - 2017-08-14 19:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2017-09-13 14:31 - 2017-08-14 19:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2017-09-13 14:31 - 2017-08-14 19:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2017-09-13 14:31 - 2017-08-14 19:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2017-09-13 14:31 - 2017-08-13 23:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2017-09-13 14:31 - 2017-08-11 08:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000781824 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000377344 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 08:10 - 000066048 _____ C:\Windows\system32\PrintBrmUi.exe
2017-09-13 14:31 - 2017-08-11 08:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-13 14:31 - 2017-08-11 08:09 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-13 14:31 - 2017-08-11 08:09 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-09-13 14:31 - 2017-08-11 08:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-13 14:31 - 2017-08-11 08:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-09-13 14:31 - 2017-08-11 07:58 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-09-13 14:31 - 2017-08-11 07:55 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-13 14:31 - 2017-08-11 07:55 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-13 14:31 - 2017-08-11 07:55 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 07:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 07:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 14:31 - 2017-08-11 07:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-13 14:31 - 2017-07-07 17:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-13 20:09 - 2015-11-07 01:26 - 000668542 _____ C:\Windows\system32\perfh005.dat
2017-10-13 20:09 - 2015-11-07 01:26 - 000141202 _____ C:\Windows\system32\perfc005.dat
2017-10-13 20:09 - 2010-11-20 23:01 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-13 20:09 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2017-10-13 20:02 - 2009-07-14 06:34 - 000016768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-13 20:02 - 2009-07-14 06:34 - 000016768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-13 19:42 - 2015-11-07 01:59 - 000000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-10-13 19:42 - 2015-11-07 01:59 - 000000000 ____D C:\ProgramData\PDFC
2017-10-13 19:42 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-13 15:44 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\rescache
2017-10-13 14:16 - 2017-08-04 12:03 - 000000000 ____D C:\Users\Ondra\AppData\Roaming\uTorrent
2017-10-13 14:16 - 2017-04-13 09:52 - 000000000 ____D C:\Users\Ondra\AppData\Local\CrashDumps
2017-10-13 14:16 - 2011-02-10 23:16 - 000000000 ____D C:\Windows\Panther
2017-10-12 15:39 - 2017-08-10 09:37 - 000000000 ____D C:\Users\Ondra\Desktop\Plocha
2017-10-12 13:33 - 2009-07-14 04:04 - 000000215 _____ C:\Windows\system.ini
2017-10-12 13:27 - 2017-04-30 11:50 - 000000000 ___RD C:\Program Files\Skype
2017-10-12 13:12 - 2009-07-14 06:33 - 000458488 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-11 19:19 - 2017-03-03 17:35 - 000000000 ____D C:\Users\Ondra
2017-10-11 19:19 - 2009-07-14 04:37 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-10-11 13:05 - 2017-04-29 09:44 - 000001912 _____ C:\Windows\epplauncher.mif
2017-10-09 16:26 - 2017-03-18 16:11 - 000000000 ____D C:\Users\Ondra\.gimp-2.8
2017-10-09 16:17 - 2017-03-18 16:16 - 000000000 ____D C:\Users\Ondra\AppData\Local\gtk-2.0
2017-10-09 15:35 - 2017-04-29 11:28 - 000000000 ____D C:\Users\Ondra\AppData\Roaming\Apple Computer
2017-10-08 13:51 - 2017-05-22 16:03 - 000000000 ____D C:\Users\Ondra\AppData\Local\MEGAsync
2017-10-08 13:48 - 2017-05-22 16:05 - 000000000 ___RD C:\Users\Ondra\Documents\MEGA
2017-10-07 16:04 - 2017-03-03 17:50 - 000000000 ____D C:\Windows10Upgrade
2017-10-07 15:58 - 2017-04-29 11:28 - 000000000 ____D C:\Users\Ondra\AppData\Local\Apple Computer
2017-10-07 15:57 - 2017-08-29 12:05 - 000000000 ____D C:\Windows\UXBackup
2017-10-07 11:46 - 2017-08-29 12:01 - 000000000 ____D C:\Program Files\UX Pack
2017-10-07 11:46 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\Cursors
2017-10-07 11:45 - 2009-07-14 04:37 - 000000000 __RSD C:\Windows\Media
2017-10-01 10:00 - 2017-04-13 15:41 - 000047104 ___SH C:\Users\Ondra\Documents\Thumbs.db
2017-09-30 17:54 - 2017-03-05 14:58 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-30 17:53 - 2009-07-14 04:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-09-30 17:48 - 2017-03-05 14:48 - 000000000 ____D C:\Program Files\Microsoft Office
2017-09-25 15:54 - 2017-08-22 11:42 - 000000000 ____D C:\Users\Ondra\AppData\Roaming\vlc
2017-09-23 16:52 - 2017-08-04 15:39 - 000000000 ____D C:\Counter-Strike 1.6
2017-09-23 12:48 - 2017-03-05 14:33 - 000125952 _____ C:\Users\Ondra\AppData\Local\GDIPFONTCACHEV1.DAT
2017-09-17 11:01 - 2017-03-05 14:35 - 000000000 ____D C:\Program Files\Google
2017-09-17 10:59 - 2017-04-26 20:17 - 000000000 ____D C:\Users\Ondra\AppData\Local\Deployment

==================== Files in the root of some directories =======

2017-10-09 16:26 - 2017-10-09 16:26 - 000007731 _____ () C:\Users\Ondra\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-10 09:29

==================== End of FRST.txt ============================

vanaondrej10 · Příspěvekod **vanaondrej10** » 13 říj 2017 20:12

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-10-2017
Ran by Ondra (13-10-2017 20:10:23)
Running from C:\Users\Ondra\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2017-03-03 15:35:57)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-337637791-2363233718-2110463198-500 - Administrator - Disabled)
Guest (S-1-5-21-337637791-2363233718-2110463198-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-337637791-2363233718-2110463198-1003 - Limited - Enabled)
Ondra (S-1-5-21-337637791-2363233718-2110463198-1001 - Administrator - Enabled) => C:\Users\Ondra

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-337637791-2363233718-2110463198-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
Adobe Flash Player 11 ActiveX (HKLM\...\{8DB09D25-8E79-4F23-854D-02B95062A5B2}) (Version: 11.2.202.222 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.6 (HKLM\...\{213D5223-CD40-4B7B-B292-6D5242AE5039}) (Version: 5.6.0 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{2A2C8640-5402-428A-909A-0236CB2B77C7}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software)
Bandicam (HKLM\...\Bandicam) (Version: 3.3.3.1209 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - Bandicam.com)
Barvy 4.1 (HKLM\...\Barvy_is1) (Version: - Vlastimil Burian)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Camtasia Studio 8 (HKLM\...\{80AE23DF-71A4-4E3F-B931-F93AB5DF0BDD}) (Version: 8.4.2.1768 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
Contents (HKLM\...\{C7251103-EA39-4BCD-B5A0-819651AA35ED}) (Version: 20.0.0.137 - Corel Corporation) Hidden
Convert MOV to AVI 1.0 (HKLM\...\{A39EA3C8-7BF3-4FA7-9A67-3D3611BAE59E}_is1) (Version: - convertmovtoavi.com)
Corel Update Manager (HKLM\...\{C74D7586-ADF5-452B-8C76-464C66B8B095}) (Version: 2.4.244 - Corel corporation) Hidden
Corel VideoStudio Ultimate X10 (HKLM\...\_{F66B7119-9BE1-4982-A96D-4DB070A70B81}) (Version: X10.0.0.137 - Corel Corporation)
Counter-Strike 1.6 v42 (HKU\S-1-5-21-337637791-2363233718-2110463198-1001\...\Counter-Strike 1.6_is1) (Version: - Valve)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 7.0.0.4 - Hewlett-Packard Company)
DirectX for Managed Code Update (Summer 2004) (HKLM\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
Drive Encryption For HP ProtectTools (HKLM\...\{27F1E086-5691-4EB8-8BA1-5CBA87D67EB5}) (Version: 7.0.28.30376 - Hewlett-Packard Company)
FFB Racing Wheel drivers (HKLM\...\{28B758EA-5C83-48B1-B352-C70F12C73F5A}) (Version: 4.TTRS.2016 - Thrustmaster)
File Sanitizer For HP ProtectTools (HKLM\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 7.0.0.4 - Hewlett-Packard Company)
FL Studio 12 (HKLM\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM\...\FL Studio ASIO) (Version: - Image-Line)
Free Download Manager 3.9.7 (HKLM\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HandBrake 1.0.7 (HKLM\...\HandBrake) (Version: 1.0.7 - )
Hewlett-Packard ACLM.NET v1.1.2.0 (HKLM\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Desktop Keyboard (HKLM\...\HP Keyboard_is1) (Version: 1.0.0.13 - Hewlett-Packard)
HP Odometer (HKLM\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 7.0.0.1187 - Hewlett-Packard Company)
HP Setup (HKLM\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP Support Information (HKLM\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
ICA (HKLM\...\{F66B7119-9BE1-4982-A96D-4DB070A70B81}) (Version: 20.0.0.137 - Corel Corporation) Hidden
iCloud (HKLM\...\{AFA154E8-2D57-4789-AB2D-9761E6AC5988}) (Version: 6.2.3.17 - Apple Inc.)
IL Download Manager (HKLM\...\IL Download Manager) (Version: - Image-Line)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)
IPM_VS_Pro (HKLM\...\{7735CE89-92C9-4809-B06B-81D3E093E07D}) (Version: 20.0 - Corel Corporation) Hidden
iTunes (HKLM\...\{BE5DD9B6-9DF7-4163-A39E-E2141C7A7488}) (Version: 12.6.2.20 - Apple Inc.)
LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.) Hidden
LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.)
Malwarebytes verze 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
MEGAsync (HKLM\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.8431.2079 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-337637791-2363233718-2110463198-1001\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.4.2 (HKLM\...\{1901BAF7-7E78-4041-BC88-D0EE5DD1DFD9}_is1) (Version: 1.4.2 - Sam Rodberg)
Norton Internet Security (HKLM\...\{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}) (Version: 19.0.0.128 - Symantec Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
opensource (HKLM\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
PDF Complete Corporate Edition (HKLM\...\PDF Complete) (Version: 4.2.11 - PDF Complete, Inc)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Podpora aplikací Apple (32bitová) (HKLM\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Pomocník s aktualizací Windows 10 (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation)
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.6207 - CyberLink Corp.) Hidden
Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.6207 - CyberLink Corp.)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6463 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.5119 - CyberLink Corp.) Hidden
RocketDock 1.3.5 (HKLM\...\RocketDock_is1) (Version: - Punk Software)
Setup (HKLM\...\{DDD6A42C-474B-430A-9B19-7B66403AEE48}) (Version: 20.0.0.137 - Corel Corporation) Hidden
Share (HKLM\...\{0A0F09C2-4A6A-4524-BE2D-F0A355AACB45}) (Version: 20.0.0.137 - Corel Corporation) Hidden
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
Spotify (HKU\S-1-5-21-337637791-2363233718-2110463198-1001\...\Spotify) (Version: 1.0.60.492.gbb40dab8 - Spotify AB)
TP-LINK 150Mbps Wireless N USB Adapter Driver (HKLM\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
UxStyle Core Beta (HKLM\...\{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}) (Version: 0.2.1.1 - The Within Network, LLC)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VSClassic (HKLM\...\{AAAD0468-D205-4658-9A25-AA19C9DB1E31}) (Version: 20.0.0.137 - Corel Corporation) Hidden
VSUltimate (HKLM\...\{339A24A4-4B91-4D75-BEE8-1381F3BEFB19}) (Version: 20.0.0.137 - Corel Corporation) Hidden
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinZip 16.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CC}) (Version: 16.0.9715 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-337637791-2363233718-2110463198-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Ondra\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuthLib.dll ()
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Ondra\AppData\Local\MEGAsync\ShellExtX32.dll [2017-06-07] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Ondra\AppData\Local\MEGAsync\ShellExtX32.dll [2017-06-07] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Ondra\AppData\Local\MEGAsync\ShellExtX32.dll [2017-06-07] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-10-11] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-10-11] (AVAST Software)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ondra\AppData\Local\MEGAsync\ShellExtX32.dll [2017-06-07] ()
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams.dll [2017-07-14] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2012-02-17] (WinZip Computing, S.L.)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ondra\AppData\Local\MEGAsync\ShellExtX32.dll [2017-06-07] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-10-11] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ondra\AppData\Local\MEGAsync\ShellExtX32.dll [2017-06-07] ()
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ondra\AppData\Local\MEGAsync\ShellExtX32.dll [2017-06-07] ()
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2012-02-17] (WinZip Computing, S.L.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-04-03] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-10-11] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2012-02-17] (WinZip Computing, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0366BFBE-AC5B-4739-A7B7-E4C783DA72E4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-23] (Hewlett-Packard Company)
Task: {0BEBB1C8-74AE-43FA-8E85-CC82B48992B2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-09-28] (Microsoft Corporation)
Task: {1853A0B5-6421-4449-B60A-EBDA454BFEF5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {2C146379-6234-400E-9686-EF1C43B393F7} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files\Corel\CUH\v2\CUH.exe [2017-09-26] (Corel Corporation)
Task: {40A137DF-14B8-452E-BCB6-DA1BE175D648} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-10] (Hewlett-Packard Company)
Task: {4582AD1C-4F97-496B-B4CA-20FCA1B7E417} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-09-30] (Microsoft Corporation)
Task: {51FC66CF-D698-403C-9836-B059DA792669} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-10-11] (AVAST Software)
Task: {620D639B-344A-4D8F-BBD7-1418B91E1DB1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-07] (Adobe Systems Incorporated)
Task: {63E040FE-3A18-49BF-9582-4F7726E11B8A} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2015-08-06] (Symantec Corporation)
Task: {65591027-B06A-44F4-AFE4-E7042FCE008A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)
Task: {6DE8622C-ADBF-4838-A734-0B238D33F131} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-30] ()
Task: {6ECB9E9C-65C8-4BC2-A038-B250FF7A3548} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-10] (Hewlett-Packard Company)
Task: {74D52DCD-1182-4336-B0D1-347321551845} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
Task: {963BF8BF-8980-4AD4-BFD4-DD4AC0CCE872} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {97A3E7D6-75F0-4369-9EFD-8C4CCDFE9891} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)
Task: {AE6DB884-27A1-454F-9199-4595C335D33A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-10] (Hewlett-Packard Company)
Task: {CF8E080E-BC09-4A70-AFB5-1D4D4E399C43} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-30] ()
Task: {E2928D7F-BF29-4C50-A30E-2EB02DFF9911} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {FA033FD6-D081-4916-991B-2B76E0D12529} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-09-30] (Microsoft Corporation)
Task: {FC6DA0DB-6B08-42A9-AF66-EDB399D65084} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Ondra\Desktop\Plocha\THINGS\Тихая установка (ENG) – zástupce.lnk -> C:\Users\Ondra\Desktop\Тихая установка (ENG).cmd (No File) <==== Cyrillic

ShortcutWithArgument: C:\Users\Ondra\Desktop\Plocha\All\VideoStudio X10 Training.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.studiobacklot.tv/videostudioX10

==================== Loaded Modules (Whitelisted) ==============

2012-03-22 02:01 - 2012-03-22 02:01 - 002367488 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve.dll
2017-10-11 13:09 - 2017-10-11 13:09 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-10-11 13:09 - 2017-10-11 13:09 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-10-11 13:09 - 2017-10-11 13:09 - 000217088 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-10-11 13:09 - 2017-10-11 13:09 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-10-11 13:09 - 2017-10-11 13:09 - 000151104 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
2017-10-13 18:24 - 2017-10-13 18:24 - 005880504 _____ () C:\Program Files\AVAST Software\Avast\defs\17101306\algo.dll
2017-10-11 13:09 - 2017-10-11 13:09 - 000700656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-10-11 13:09 - 2017-10-11 13:09 - 000241448 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-06-07 22:07 - 2017-06-07 22:07 - 000569856 _____ () C:\Users\Ondra\AppData\Local\MEGAsync\ShellExtX32.dll
2017-03-05 15:21 - 2017-03-05 15:21 - 000679624 _____ () C:\Users\Ondra\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2017-07-13 20:51 - 2017-07-13 20:51 - 001041720 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-03-16 16:09 - 2017-03-16 16:09 - 000080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-03-22 01:36 - 2012-03-22 01:36 - 001327104 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
2012-03-22 02:00 - 2012-03-22 02:00 - 002846720 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll
2012-03-22 01:34 - 2012-03-22 01:34 - 000126976 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll
2012-03-22 01:59 - 2012-03-22 01:59 - 003002368 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalEncryptionProviderPlugin.dll
2012-03-22 02:04 - 2012-03-22 02:04 - 002850816 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll
2012-03-22 02:02 - 2012-03-22 02:02 - 000053248 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalATASec4SATA.dll
2012-03-22 01:38 - 2012-03-22 01:38 - 002043904 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll
2012-03-22 01:39 - 2012-03-22 01:39 - 001949696 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll
2017-10-10 13:41 - 2017-10-04 13:15 - 001924552 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2012-04-03 11:35 - 2012-04-03 11:35 - 000094208 _____ () C:\Windows\System32\IccLibDll.dll
2017-10-11 13:09 - 2017-10-11 13:09 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-10-11 13:09 - 2017-10-11 13:09 - 000234280 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2015-11-07 01:57 - 2009-07-03 00:58 - 000406016 _____ () C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
2017-10-11 13:09 - 2017-10-11 13:09 - 000142792 _____ () c:\Program Files\AVAST Software\Avast\vaarclient.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UnsignedThemes => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UnsignedThemes => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-337637791-2363233718-2110463198-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-337637791-2363233718-2110463198-1001\...\sharepoint.com -> hxxps://zsostasovcz-files.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2017-10-12 13:33 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-337637791-2363233718-2110463198-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138 - 192.168.0.15
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk => C:\Windows\pss\TP-LINK Wireless Configuration Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Ondra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Ondra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Poslat do aplikace OneNote.lnk => C:\Windows\pss\Poslat do aplikace OneNote.lnk.Startup
MSCONFIG\startupreg: iCloudServices => "C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PDF Complete => C:\Program Files\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: RocketDock => "C:\Program Files\RocketDock\RocketDock.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\Ondra\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Ondra\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Ondra\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{94301F77-9491-40B6-9495-0A35F32C9108}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{B3AC6DE5-E045-4E86-A9C4-60E0B36EEB71}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{3BB80F10-CE99-4202-BAEA-71D3CC7C9732}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{335B7EF0-F5E5-48F3-9E70-E6EEA4A9328E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{165E7094-EA79-4600-9DD4-30E7D29782EE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{13C7F309-24BC-412A-A438-03F67A02C39F}C:\counter-strike 1.6\csko.exe] => (Allow) C:\counter-strike 1.6\csko.exe
FirewallRules: [UDP Query User{D5673167-E6CF-447C-9259-70582867B0A7}C:\counter-strike 1.6\csko.exe] => (Allow) C:\counter-strike 1.6\csko.exe
FirewallRules: [TCP Query User{5DE0594E-9067-48A4-B471-EB62ED7471E0}C:\users\ondra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ondra\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C3E8C5F5-EB47-4309-8EE8-32A3667E9F4C}C:\users\ondra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ondra\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{1E2B1FC7-7B2A-4059-9544-CDF1F0036ABC}C:\users\ondra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ondra\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D4C94513-46D9-4889-8322-300523017098}C:\users\ondra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ondra\appdata\roaming\spotify\spotify.exe
FirewallRules: [{8146ACD4-867E-4FB7-90D0-D88C6A02D08C}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{C9A013C3-5A4C-478E-93AF-F604BB826D91}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2979D179-D0F1-45F3-A232-3969311F1B4A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{9CC047FC-8495-405E-A55E-5D8391AD91AD}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{1DE48AC1-5134-488B-A887-380E7F93033E}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe
FirewallRules: [{76221A30-156A-4F03-BE11-B961EFF5F553}] => (Allow) LPort=8317
FirewallRules: [{C439B4D7-3C94-4E80-AAB0-5A7E80633C4B}] => (Allow) C:\Users\Ondra\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B0373ADF-580D-4C2B-B0D4-05CA246120D1}] => (Allow) C:\Users\Ondra\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A3F10CC1-D756-4672-A3FC-364EC13640F1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{91CBA51C-1E5C-4723-856A-1290124AD8F4}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{A89883D9-3F11-4A79-93FA-B5636B965742}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

13-10-2017 14:26:36 End of disinfection

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/13/2017 02:26:35 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.

Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {7e9b0288-ef5b-4109-b8a8-e5dd5ea0b302}

Error: (10/13/2017 02:23:28 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/13/2017 02:23:28 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/13/2017 02:23:28 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/13/2017 02:23:28 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)

Error: (10/13/2017 02:23:26 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/13/2017 02:23:26 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)

Error: (10/13/2017 02:23:26 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/13/2017 02:23:26 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=4700} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/13/2017 02:23:26 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Služba Windows Search neotevřela úložiště vlastností databázového stroje Jet.

Podrobnosti:
0x%08x (0xc0041800 - Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800))

System errors:
=============
Error: (10/13/2017 02:23:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (10/13/2017 02:23:28 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.

Error: (10/13/2017 02:15:31 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (10/13/2017 02:15:31 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (10/13/2017 02:06:06 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (10/13/2017 02:06:06 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (10/13/2017 02:04:53 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (10/13/2017 02:04:53 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (10/12/2017 09:01:39 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk5\DR5.

Error: (10/12/2017 09:01:39 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk5\DR5.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz
Percentage of memory in use: 42%
Total physical RAM: 2984.82 MB
Available physical RAM: 1726.76 MB
Total Virtual: 5967.96 MB
Available Virtual: 4717.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:459.44 GB) (Free:214.58 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:6.13 GB) (Free:0.81 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or

(Size: 465.8 GB) (Disk ID: 99AAAE4D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=459.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=6.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=101 MB) - (Type=27)

==================== End of Addition.txt ============================

vanaondrej10 · Příspěvekod **vanaondrej10** » 13 říj 2017 20:17

Mělo by tedy být vše v pohodě a kartou na netu platit můžu a podobné nebezpečné věci, jako ověřování, internetové bankovnictví?
Jinak co můj antivir? Je AVAST v pohodě? Nebo mi doporučíš nějaký lepší free antivir?
Děkuji moc za pomoc a za odpovědi na pár otázek, nechci kvůli nim zakládat nové téma :)

Příspěvekod **jaro3** » 13 říj 2017 21:11

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-337637791-2363233718-2110463198-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-337637791-2363233718-2110463198-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-337637791-2363233718-2110463198-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
CHR HKLM\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
Task: {65591027-B06A-44F4-AFE4-E7042FCE008A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)
Task: {97A3E7D6-75F0-4369-9EFD-8C4CCDFE9891} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Shortcut: C:\Users\Ondra\Desktop\Plocha\THINGS\Тихая установка (ENG) – zástupce.lnk -> C:\Users\Ondra\Desktop\Тихая установка (ENG).cmd (No File) <==== Cyrillic
HKU\S-1-5-21-337637791-2363233718-2110463198-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Po scriptu by to mělo být vše v pořádku , Avast v pohodě.

vanaondrej10 · Příspěvekod **vanaondrej10** » 13 říj 2017 22:08

Fix result of Farbar Recovery Scan Tool (x86) Version: 11-10-2017
Ran by Ondra (13-10-2017 22:04:01) Run:1
Running from C:\Users\Ondra\Desktop
Loaded Profiles: Ondra (Available Profiles: Ondra)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-337637791-2363233718-2110463198-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-337637791-2363233718-2110463198-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-337637791-2363233718-2110463198-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
CHR HKLM\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
Task: {65591027-B06A-44F4-AFE4-E7042FCE008A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)
Task: {97A3E7D6-75F0-4369-9EFD-8C4CCDFE9891} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Shortcut: C:\Users\Ondra\Desktop\Plocha\THINGS\????? ????????? (ENG) � z�stupce.lnk -> C:\Users\Ondra\Desktop\????? ????????? (ENG).cmd (No File) <==== Cyrillic
HKU\S-1-5-21-337637791-2363233718-2110463198-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-337637791-2363233718-2110463198-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-21-337637791-2363233718-2110463198-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => key removed successfully.
HKLM\Software\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKU\S-1-5-21-337637791-2363233718-2110463198-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\clgckgfbhciacomhlchmgdnplmdiadbj => key removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => key removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65591027-B06A-44F4-AFE4-E7042FCE008A} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65591027-B06A-44F4-AFE4-E7042FCE008A} => key removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{97A3E7D6-75F0-4369-9EFD-8C4CCDFE9891} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97A3E7D6-75F0-4369-9EFD-8C4CCDFE9891} => key removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
"C:\Users\Ondra\Desktop\Plocha\THINGS\????? ????????? (ENG) – zástupce.lnk" => Could not move.
HKU\S-1-5-21-337637791-2363233718-2110463198-1001\Software\Classes\regfile => key removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 12582912 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4289630 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 2657864 B
Edge => 0 B
Chrome => 410867653 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33058 B
LocalService => 0 B
NetworkService => 0 B
Ondra => 18950809 B

RecycleBin => 0 B
EmptyTemp: => 428.6 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 22:04:12 ====

vanaondrej10 · Příspěvekod **vanaondrej10** » 13 říj 2017 22:09

Už by to mělo být v pohodě?

Příspěvekod **jaro3** » 13 říj 2017 22:52

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Je..

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

vanaondrej10 · Příspěvekod **vanaondrej10** » 13 říj 2017 23:03

# DelFix v1.013 - Logfile created 13/10/2017 at 23:02:15
# Updated 17/04/2016 by Xplode
# Username : Ondra - ONDRA-10
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\Users\Ondra\Desktop\Addition.txt
Deleted : C:\Users\Ondra\Desktop\Fixlog.txt
Deleted : C:\Users\Ondra\Desktop\FRST.exe
Deleted : C:\Users\Ondra\Desktop\FRST.txt

~ Cleaning system restore ...

Deleted : RP #105 [End of disinfection | 10/13/2017 12:26:36]

New restore point created !

########## - EOF - ##########

Prosím o kontrolu logu Vyřešeno

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Kdo je online