Prosím o kontrolu logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž

Re: Prosím o kontrolu logu

Příspěvekod OTAS » 01 úno 2020 11:59

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2020
Ran by Otto (administrator) on OTTO-PC (01-02-2020 11:50:55)
Running from C:\Users\Otto\Downloads
Loaded Profiles: Otto (Available Profiles: Otto & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler64.exe
(Inmatrix LTD) [File not signed] C:\Program Files (x86)\Zoom Player\zplayer.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avpui.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\Software\Policies\...\system: [disablecmd] 0
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-17] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {043A0EE9-CA26-4648-9F8E-1437A239C896} - System32\Tasks\{71B27A0D-721D-42CE-8B83-05167AB2D7BA} => C:\Windows\system32\pcalua.exe -a "C:\Users\Otto\Downloads\zoek (3).exe" -d C:\Users\Otto\Downloads
Task: {0C6FB184-16B6-4016-B929-E5D17924CF26} - System32\Tasks\{B3C392F5-C8C3-4C3C-8804-C840AFCE3810} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {0E0960DD-44DA-481F-8B18-700CEF473EBF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-14] (Google Inc -> Google Inc.)
Task: {11D0BBE2-0359-41D6-89B5-C636A95C2017} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-12-12] (Garmin International, Inc. -> )
Task: {1D9DAE34-D095-4599-9739-02B97D18F7AD} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_Plugin.exe [1458232 2020-01-23] (Adobe Inc. -> Adobe)
Task: {284D8FF2-F281-4A92-970F-87BA553794A0} - System32\Tasks\{F17D40F3-F484-4A50-8394-0EF545CAF746} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {31B09697-86A1-4C6B-81E8-1C1C75245794} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: {4C6B03B5-6046-4DF9-A335-F862637171B2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {5B5156C3-7F2F-4F16-9397-7D21D6850DB5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {5EC3EE66-2D9F-4F58-AB98-E49621327715} - System32\Tasks\{4DD38B43-9E2A-4835-9271-6C1E819E10E5} => C:\Windows\system32\pcalua.exe -a "C:\Users\Otto\Downloads\zoek (3).exe" -d C:\Users\Otto\Downloads
Task: {639B12E9-0FA0-4798-BFF6-7F119315E56D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-23] (Adobe Inc. -> Adobe)
Task: {732DC332-C408-4542-B672-D0DA00E83CBA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9C1BC15C-96E6-4F3E-AB3E-1777C257F488} - System32\Tasks\{D43AA914-4C04-4A51-BCEB-9D2B1A3A847D} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\DVDFab\uninstall.exe" -d "C:\Program Files (x86)\DVDFab"
Task: {9DFDC742-049D-4220-B697-E124F7FC87E8} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {C3FEDB28-0FA3-48CF-BD97-42B9B381865E} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {E5D75222-B2EC-45E3-A6C0-52792F15D495} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-14] (Google Inc -> Google Inc.)
Task: {E6F7B6DA-B83E-4930-92DA-ACCDB9CDFD36} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2019-12-18] (Kaspersky Lab -> AO Kaspersky Lab)
Task: {FA09114F-0BA3-4079-8C96-FBDB1A35B34C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_pepper.exe [1453624 2020-01-23] (Adobe Inc. -> Adobe)
Task: {FF34A019-D465-4BD1-894E-47FF6CC97F5B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer]
Tcpip\..\Interfaces\{01C3FF8A-351D-4688-A431-728EF9387B19}: [DhcpNameServer]
Tcpip\..\Interfaces\{D071B99D-D6EA-4E49-B790-473DC6A753C2}: [NameServer],

Internet Explorer:
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2781758306-2679381193-3636559717-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://{searchTerms}
BHO: No Name -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-10-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\IEExt\ie_plugin.dll [2019-12-20] (Kaspersky Lab -> AO Kaspersky Lab)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-19] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\IEExt\ie_plugin.dll [2019-12-20] (Kaspersky Lab -> AO Kaspersky Lab)

FF DefaultProfile: henbtv06.default-1537355602383
FF ProfilePath: C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\henbtv06.default-1537355602383 [2020-02-01]
FF Homepage: Mozilla\Firefox\Profiles\henbtv06.default-1537355602383 -> about:home
FF NewTab: Mozilla\Firefox\Profiles\henbtv06.default-1537355602383 -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\henbtv06.default-1537355602383 -> hxxps://
FF Extension: (Google Translator for Firefox) - C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\henbtv06.default-1537355602383\Extensions\translator@zoli.bod.xpi [2018-12-08]
FF Extension: (Video DownloadHelper) - C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\henbtv06.default-1537355602383\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-12-22]
FF Extension: (No Name) - C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\henbtv06.default-1537355602383\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-12-22]
FF HKLM\...\Firefox\Extensions: [] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Ochrana Kaspersky) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\FFExt\light_plugin_firefox\addon.xpi [2019-12-20]
FF HKLM-x32\...\Firefox\Extensions: [] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_321.dll [2020-01-23] (Adobe Inc. -> )
FF Plugin:,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: -> disabled [No File]
FF Plugin-x32: -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_321.dll [2020-01-23] (Adobe Inc. -> )
FF Plugin-x32: -> disabled [No File]
FF Plugin-x32: Update;version=3 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll [2020-01-11] (Google LLC -> Google LLC)
FF Plugin-x32: Update;version=9 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll [2020-01-11] (Google LLC -> Google LLC)
FF Plugin-x32:,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]

CHR Profile: C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default [2020-02-01]
CHR Notifications: Default -> hxxps://
CHR HomePage: Default -> hxxps://
CHR StartupUrls: Default -> "hxxp://"
CHR Extension: (Překladač Google) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-01-28]
CHR Extension: (Prezentace) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-28]
CHR Extension: (Dokumenty) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-28]
CHR Extension: (Disk Google) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-01-28]
CHR Extension: (YouTube) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-28]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2020-01-28]
CHR Extension: (Adobe Acrobat) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-01-28]
CHR Extension: (Ochrana Kaspersky) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2020-02-01]
CHR Extension: (Tabulky) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-01-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-28]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-01-28]
CHR Extension: (Gmail) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-01-28]
CHR Extension: (Chrome Media Router) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-01-28]
CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps:// ... pfhbdgnpbk
CHR HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps:// ... pfhbdgnpbk

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
S4 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-11-25] (Huawei Software Technologies Co., LTD. -> )
S3 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aftap0901; C:\Windows\System32\DRIVERS\aftap0901.sys [48624 2018-06-15] (AnchorFree Inc -> The OpenVPN Project)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [339808 2017-12-05] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [531584 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [79696 2019-12-20] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [145304 2019-12-20] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [251512 2019-10-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [516216 2019-09-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1123664 2019-10-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [998016 2019-10-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
R1 klwfp; C:\Windows\System32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [211048 2019-12-20] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-01-02] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1049432 2017-12-05] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R2 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [202592 2017-12-05] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 tnd; C:\Windows\System32\DRIVERS\tnd.sys [581464 2017-12-05] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [301408 2017-12-05] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S1 amsdk; \??\C:\Windows\system32\drivers\amsdk.sys [X]
U3 aswbdisk; no ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-01 11:50 - 2020-02-01 11:51 - 000020111 _____ C:\Users\Otto\Downloads\FRST.txt
2020-02-01 11:48 - 2020-02-01 11:51 - 000000000 ____D C:\FRST
2020-02-01 11:48 - 2020-02-01 11:48 - 002581504 _____ (Farbar) C:\Users\Otto\Desktop\FRST64.exe
2020-01-30 12:37 - 2020-01-30 12:37 - 000019302 _____ C:\Users\Otto\Downloads\Mystic Prophecy - Metal Division 2CD -
2020-01-30 12:37 - 2020-01-30 12:37 - 000000000 ____D C:\Users\Otto\Downloads\Mystic Prophecy - Metal Division (2CD) (2020)
2020-01-30 12:05 - 2020-01-30 12:05 - 000039978 _____ C:\Users\Otto\Documents\cc_20200130_120519.reg
2020-01-30 12:05 - 2020-01-30 12:05 - 000002276 _____ C:\Users\Otto\Documents\cc_20200130_120531.reg
2020-01-30 10:50 - 2020-01-30 10:50 - 000000000 ____D C:\Users\Otto\Downloads\backups
2020-01-30 08:02 - 2020-01-30 08:02 - 000119808 _____ C:\Users\Otto\Documents\Cestovní náhrady Leden 2020.xls
2020-01-29 15:15 - 2020-01-30 11:56 - 000000000 ____D C:\Users\Otto\AppData\Local\AMSDK
2020-01-29 15:14 - 2020-01-29 15:14 - 012741568 _____ (Zemana Ltd. ) C:\Users\Otto\Downloads\AntiMalware_Setup.exe
2020-01-28 21:41 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2020-01-28 21:08 - 2020-01-28 21:08 - 000003120 _____ C:\Windows\system32\Tasks\{71B27A0D-721D-42CE-8B83-05167AB2D7BA}
2020-01-28 21:08 - 2020-01-28 21:08 - 000003120 _____ C:\Windows\system32\Tasks\{4DD38B43-9E2A-4835-9271-6C1E819E10E5}
2020-01-28 21:02 - 2020-01-30 12:03 - 000000000 ____D C:\Users\Otto\AppData\Local\CrashDumps
2020-01-28 20:55 - 2020-01-28 20:55 - 000001724 _____ C:\Users\Otto\Documents\mmmmm.txt
2020-01-24 13:00 - 2020-01-28 17:59 - 000000000 ____D C:\Users\Otto\AppData\Local\Adobe
2020-01-24 12:45 - 2020-01-24 12:45 - 000000000 ____D C:\Users\Otto\AppData\Local\mbamtray
2020-01-24 12:42 - 2020-01-24 12:42 - 001924728 _____ (Malwarebytes) C:\Users\Otto\Downloads\MBSetup.exe
2020-01-17 16:21 - 2020-01-17 16:22 - 000000000 ____D C:\ProgramData\Ashampoo
2020-01-17 16:21 - 2020-01-17 16:21 - 000001303 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 21.lnk
2020-01-17 16:21 - 2020-01-17 16:21 - 000001303 _____ C:\ProgramData\Desktop\Ashampoo Burning Studio 21.lnk
2020-01-17 16:21 - 2020-01-17 16:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2020-01-17 16:19 - 2020-01-17 16:19 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2020-01-17 16:16 - 2020-01-17 16:18 - 226005215 _____ C:\Users\Otto\Downloads\Ashampoo Burning Studio
2020-01-16 12:05 - 2020-01-16 12:06 - 016693784 _____ C:\Users\Otto\Downloads\Revo Uninstaller Pro 4.2.3.rar
2020-01-14 16:00 - 2020-01-14 16:45 - 000000000 ____D C:\Users\Otto\Desktop\foto mé
2020-01-12 17:09 - 2020-01-14 16:47 - 000000000 ____D C:\Users\Otto\Desktop\FOTKY Míša
2020-01-12 16:52 - 2020-01-12 17:06 - 000013304 _____ C:\Users\Otto\Desktop\INVENTURA 2019.xlsx
2020-01-12 16:04 - 2020-01-12 16:04 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2020-01-12 16:04 - 2020-01-12 16:04 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2020-01-12 15:59 - 2020-01-12 16:02 - 000000000 ____D C:\Users\Otto\Desktop\Andrea
2020-01-11 15:23 - 2020-01-14 16:45 - 000000000 ____D C:\Users\Otto\Desktop\Nová složka (2)
2020-01-11 14:02 - 2020-01-11 14:03 - 005901814 _____ C:\Users\Otto\Downloads\D_TEST_2019_02.pdf
2020-01-11 14:02 - 2020-01-11 14:02 - 004977698 _____ C:\Users\Otto\Downloads\D_TEST_2019_01.pdf
2020-01-11 13:47 - 2020-01-11 13:47 - 000000000 ____D C:\Users\Otto\Downloads\dTest 2019 06
2020-01-11 13:30 - 2020-01-11 13:31 - 000000000 ____D C:\Users\Otto\Downloads\dTest 2019 12
2020-01-10 10:02 - 2020-01-10 10:02 - 000001890 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2020-01-10 10:02 - 2020-01-10 10:02 - 000001890 _____ C:\ProgramData\Desktop\Garmin Express.lnk
2020-01-10 09:49 - 2020-01-10 09:49 - 000579688 _____ C:\Users\Otto\Downloads\Výpis z ú_tu stavebního spo_ení_0.pdf
2020-01-02 17:37 - 2020-01-02 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ConvertXtoVideo Ultimate
2020-01-02 17:36 - 2020-01-02 17:36 - 050147492 _____ ( ) C:\Users\Otto\Downloads\VSO ConvertXtoVideo Ultimate
2020-01-02 17:07 - 2020-01-02 17:07 - 000000950 _____ C:\Users\Otto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk
2020-01-02 17:07 - 2020-01-02 17:07 - 000000000 ____D C:\Program Files\4KDownload

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-01 11:51 - 2019-04-01 10:34 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-02-01 11:45 - 2018-09-17 12:29 - 000000000 ____D C:\ProgramData\Zoom Player
2020-02-01 11:40 - 2009-07-14 05:45 - 000010288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-02-01 11:40 - 2009-07-14 05:45 - 000010288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-02-01 11:27 - 2019-11-02 18:13 - 000032768 _____ C:\Windows\SysWOW64\antimalware.unwanted_products.browser_extension_registry.kvdb-shm
2020-02-01 11:27 - 2019-11-02 18:13 - 000032768 _____ C:\Windows\SysWOW64\antimalware.patch_management.product_registry.kvdb-shm
2020-02-01 11:26 - 2019-11-02 18:13 - 000032768 _____ C:\Windows\SysWOW64\antimalware.unwanted_products.product_registry.kvdb-shm
2020-02-01 11:25 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-30 12:38 - 2017-03-25 21:03 - 000000000 ____D C:\Users\Otto\AppData\Roaming\uTorrent
2020-01-30 12:06 - 2018-04-26 19:57 - 000000000 ____D C:\Program Files\WinRAR
2020-01-30 12:03 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-01-30 12:01 - 2017-03-24 18:33 - 000002786 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-01-30 11:56 - 2018-02-28 19:27 - 000067389 _____ C:\Windows\ZAM.krnl.trace
2020-01-30 11:13 - 2009-07-26 19:41 - 000668542 _____ C:\Windows\system32\perfh005.dat
2020-01-30 11:13 - 2009-07-26 19:41 - 000141202 _____ C:\Windows\system32\perfc005.dat
2020-01-30 11:13 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2020-01-30 08:04 - 2017-03-26 00:59 - 000023701 _____ C:\Windows\BRRBCOM.INI
2020-01-29 15:15 - 2018-01-02 18:53 - 000000000 ____D C:\Users\Otto\AppData\Local\Zemana
2020-01-28 19:38 - 2017-03-24 18:03 - 000000000 ____D C:\Users\Otto
2020-01-27 06:51 - 2018-10-31 15:29 - 000000000 ____D C:\ProgramData\RogueKiller
2020-01-24 12:26 - 2017-03-30 20:10 - 000000000 ____D C:\Users\Otto\AppData\Temp
2020-01-24 11:43 - 2017-03-25 21:51 - 000000000 ____D C:\Users\Otto\Documents\Programy
2020-01-24 09:51 - 2019-11-02 18:13 - 000379072 _____ C:\Windows\SysWOW64\antimalware.patch_management.product_registry.kvdb-wal
2020-01-23 15:33 - 2018-03-19 22:28 - 000004482 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-23 15:33 - 2018-01-27 20:36 - 000004410 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-01-23 15:33 - 2017-10-30 22:33 - 000004494 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-01-23 15:33 - 2017-10-08 15:33 - 000000000 ____D C:\Windows\system32\Macromed
2020-01-23 15:33 - 2017-04-07 20:55 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-01-23 15:33 - 2017-04-07 20:55 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-01-23 15:33 - 2017-04-07 20:55 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-01-23 11:02 - 2017-03-25 16:41 - 000000000 ____D C:\Users\Otto\AppData\LocalLow\Mozilla
2020-01-22 15:21 - 2019-08-19 09:51 - 000000000 ____D C:\Users\Otto\Desktop\Nová složka
2020-01-17 17:04 - 2019-10-14 17:54 - 000002000 _____ C:\Users\Public\Desktop\Google Slides.lnk
2020-01-17 17:04 - 2019-10-14 17:54 - 000002000 _____ C:\ProgramData\Desktop\Google Slides.lnk
2020-01-17 17:04 - 2019-10-14 17:54 - 000001998 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2020-01-17 17:04 - 2019-10-14 17:54 - 000001998 _____ C:\ProgramData\Desktop\Google Sheets.lnk
2020-01-17 17:04 - 2019-10-14 17:54 - 000001988 _____ C:\Users\Public\Desktop\Google Docs.lnk
2020-01-17 17:04 - 2019-10-14 17:54 - 000001988 _____ C:\ProgramData\Desktop\Google Docs.lnk
2020-01-17 17:00 - 2017-05-02 15:39 - 000000000 ____D C:\Users\Otto\Documents\ConvertXtoVideo Ultimate
2020-01-17 16:38 - 2018-06-14 16:50 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-17 16:38 - 2018-06-14 16:50 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-17 16:38 - 2018-06-14 16:50 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-17 16:32 - 2017-03-24 18:46 - 000000000 ____D C:\Users\UpdatusUser
2020-01-17 16:24 - 2019-01-19 23:41 - 000000000 ____D C:\Users\Otto\AppData\Roaming\Ashampoo
2020-01-16 22:04 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2020-01-16 22:03 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2020-01-16 12:09 - 2017-03-26 01:23 - 000000000 ____D C:\ProgramData\VS Revo Group
2020-01-16 12:06 - 2018-09-14 15:29 - 000001077 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2020-01-16 12:06 - 2018-09-14 15:29 - 000001077 _____ C:\ProgramData\Desktop\Revo Uninstaller Pro.lnk
2020-01-16 12:06 - 2018-09-14 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2020-01-16 12:01 - 2019-04-01 10:34 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2020-01-14 16:21 - 2019-11-02 18:13 - 000020632 _____ C:\Windows\SysWOW64\antimalware.unwanted_products.product_registry.kvdb-wal
2020-01-12 16:18 - 2018-06-14 16:50 - 000003390 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-12 16:18 - 2018-06-14 16:50 - 000003262 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-12 16:18 - 2017-03-27 19:34 - 000003556 _____ C:\Windows\system32\Tasks\GarminUpdaterTask
2020-01-12 15:55 - 2019-11-08 17:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-01-12 15:55 - 2017-03-25 16:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-11 14:57 - 2017-04-20 17:44 - 000000000 ____D C:\Program Files (x86)\Google
2020-01-10 10:03 - 2017-03-27 19:35 - 000000000 ____D C:\Program Files (x86)\Garmin
2020-01-10 10:02 - 2017-03-27 19:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2020-01-10 10:02 - 2017-03-27 19:35 - 000000000 ____D C:\ProgramData\Garmin
2020-01-02 17:43 - 2017-04-14 16:05 - 000000000 ____D C:\Users\Otto\AppData\Roaming\Vso

==================== Files in the root of some directories ========

2017-06-10 16:17 - 2018-09-26 18:16 - 000099384 _____ () C:\Users\Otto\AppData\Roaming\inst.exe
2017-04-14 16:05 - 2018-09-26 18:16 - 000007859 _____ () C:\Users\Otto\AppData\Roaming\
2017-04-14 16:05 - 2018-09-26 18:16 - 000001167 _____ () C:\Users\Otto\AppData\Roaming\pcouffin.inf
2017-04-14 16:05 - 2018-09-26 18:16 - 000082816 _____ (VSO Software) C:\Users\Otto\AppData\Roaming\pcouffin.sys
2017-12-17 15:03 - 2017-12-17 15:03 - 000007667 _____ () C:\Users\Otto\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž

Re: Prosím o kontrolu logu

Příspěvekod OTAS » 01 úno 2020 12:00

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2020
Ran by Otto (01-02-2020 11:52:04)
Running from C:\Users\Otto\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2017-03-24 17:03:07)
Boot Mode: Normal

==================== Accounts: =============================

Administrator (S-1-5-21-2781758306-2679381193-3636559717-500 - Administrator - Disabled)
Guest (S-1-5-21-2781758306-2679381193-3636559717-501 - Limited - Disabled)
Otto (S-1-5-21-2781758306-2679381193-3636559717-1000 - Administrator - Enabled) => C:\Users\Otto
UpdatusUser (S-1-5-21-2781758306-2679381193-3636559717-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Internet Security (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DYD Youtube Source (remove only) (HKLM-x32\...\3DYD Youtube Source) (Version: - )
4K Video Downloader 4.10 (HKLM\...\{29F889EE-CD6A-48B7-8197-9E37E54336C9}) (Version: - Open Media LLC)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: - Adobe)
Aktualizace NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
ANT Drivers Installer x64 (HKLM\...\{0919C970-C55E-4322-AD6E-D561EC8C01EC}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ANT Drivers Installer x64 (HKLM\...\{99B72734-4395-42D0-ADFD-A9722A7AD7B0}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apowersoft Video Konvertor V4.7.2 (HKLM-x32\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.7.2 - APOWERSOFT LIMITED)
Ashampoo Burning Studio 21 (HKLM-x32\...\{91B33C97-3390-FD9A-8E0F-3F6BA7865E46}_is1) (Version: 21.3.0 - Ashampoo GmbH & Co. KG)
Backup and Sync from Google (HKLM\...\{825F60D9-2633-4D52-B2B0-5DA143433BBC}) (Version: 3.48.8668.1933 - Google, Inc.)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bass Audio Decoder (remove only) (HKLM-x32\...\Bass Audio Decoder) (Version: - )
Brother MFL-Pro Suite DCP-J105 (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
DCoder Image Source (remove only) (HKLM-x32\...\DCoder Image Source) (Version: - )
DeezLoader 3.0.1 (only current user) (HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\...\8675f592-6f7d-534e-a92f-1cdf755ecc58) (Version: 3.0.1 - ExtendLord)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
Elevated Installer (HKLM-x32\...\{EDCD0A1B-09BE-493A-B871-13F86760A5D0}) (Version: - Garmin Ltd or its subsidiaries) Hidden
EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 8.0.2 - Poikosoft)
FreeRapid Downloader (HKLM-x32\...\FreeRapid Downloader0.9u4) (Version: 0.9u4 - Vity)
Garmin Express (HKLM-x32\...\{0a5a7c12-97db-47da-874c-cfeeeac5676f}) (Version: - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{DD4EE84A-E101-4F03-A881-AF498F68811C}) (Version: - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{A336EAA0-135A-4338-B628-BA8DBB3BCA60}) (Version: - Garmin Ltd or its subsidiaries) Hidden
Garmin POI Loader (HKLM-x32\...\{68ca17aa-815c-4a71-8894-39e537ecb526}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin POILoader (HKLM-x32\...\{9EC5D99E-F5E5-4B88-AAAC-EA810E52CD4A}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Inpaint 7.2 (HKLM\...\{5808866F-D115-46B2-8123-BB6801968101}_is1) (Version: - Teorex)
Kaspersky Internet Security (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: - Kaspersky) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: - Kaspersky)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: - Kaspersky Lab)
LAV Filters 0.74.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.74.1 - Hendrik Leppkes)
MadVR (remove only) (HKLM-x32\...\MadVR) (Version: - )
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{46EA439E-2D16-49B6-AA80-00DE992FE7CE}) (Version: 7601 - Microsoft)
Mozilla Firefox 72.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.1 (x64 cs)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
NVIDIA Ovladače grafiky 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation)
Ovládací panel NVIDIA 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 309.08 - NVIDIA Corporation) Hidden
PhotoInstrument 7.3 (HKLM-x32\...\{5A7A2AED-781B-45DC-AAF6-EAA3A9370C83}}_is1) (Version: - Fatykhov Timur)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Revo Uninstaller Pro 4.2.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.2.3 - VS Revo Group, Ltd.)
RogueKiller version (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: - Adlice Software)
VSO ConvertXtoVideo Ultimate 2 (HKLM-x32\...\{{3852A371-F5ED-491A-86C3-998CD0688D4A}_is1) (Version: - VSO Software)
VSO ConvertXtoVideo Ultimate (HKLM-x32\...\VSO ConvertXtoVideo Ultimate_is1) (Version: -
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 - Garmin)
WinRAR v.5.70 Final (HKLM-x32\...\WinRAR v.5.70 Final) (Version: v.5.70 Final - Libbi)
Zoner Photo Studio X CZ v.19.1809.2.93 (HKLM-x32\...\Zoner Photo Studio X CZ v.19.1809.2.93) (Version: v.19.1809.2.93 - Libbi)
Zoom Player (remove only) (HKLM-x32\...\ZoomPlayer) (Version: 14.5 - Inmatrix LTD)
Zoom Player Czech language (remove only) (HKLM-x32\...\ZoomPlayer_Czech) (Version: - )

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2781758306-2679381193-3636559717-1000_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> C:\Program Files\Zoner Photo Studio X CZ\Program64\SHELLEXT.DLL (ZONER software, a.s. -> ZONER software)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-12-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-12-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-12-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => -> No File
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [EzCd] -> [CC]{E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => -> No File
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-12-22] (Google LLC -> Google)
ContextMenuHandlers1: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-12-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-12-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [EzCd] -> [CC]{E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => -> No File
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-12-22] (Google LLC -> Google)
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-12-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [ZPShellExt] -> [CC]{ABE00001-0123-ABED-1248-0248ADFA1909} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-12-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers1_S-1-5-21-2781758306-2679381193-3636559717-1000: [ZONERMenu] -> [CC]{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => -> No File
ContextMenuHandlers2_S-1-5-21-2781758306-2679381193-3636559717-1000: [ZONERMenu] -> [CC]{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => -> No File
ContextMenuHandlers4_S-1-5-21-2781758306-2679381193-3636559717-1000: [ZONERMenu] -> [CC]{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2010-03-24 12:15 - 2010-03-24 12:15 - 000047104 _____ () [File not signed] C:\Program Files (x86)\Bass Audio Decoder\bass_tak.dll
2011-02-11 11:26 - 2011-02-11 11:26 - 000237568 _____ () [File not signed] C:\Program Files (x86)\Bass Audio Decoder\OptimFROG.dll
2015-11-17 09:06 - 2015-11-17 09:06 - 000150528 _____ () [File not signed] C:\Program Files (x86)\Zoom Player\VideoGrabberDS_x86.dll
2017-11-04 15:16 - 2017-11-04 15:16 - 000173056 _____ () [File not signed] C:\Program Files (x86)\Zoom Player\zpaudiovis.dll
2006-11-19 12:06 - 2006-11-19 12:06 - 000019456 _____ () [File not signed] C:\Program Files (x86)\Zoom Player\zpresampler.dll
2017-03-26 01:12 - 2005-04-22 05:36 - 000143360 ____R () [File not signed] C:\Windows\system32\BrSNMP64.dll
2017-12-17 19:16 - 2012-10-19 13:02 - 000087040 ____R (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll
2013-02-24 20:40 - 2013-02-24 20:40 - 000233984 _____ (hxxp:// [File not signed] C:\Program Files (x86)\Bass Audio Decoder\
2018-01-16 12:52 - 2018-01-16 12:52 - 000694272 _____ (Inmatrix LTD) [File not signed] C:\Program Files (x86)\Zoom Player\DownloadPlugins\Torrents.dll
2019-01-03 13:54 - 2019-01-03 13:54 - 000502272 _____ (Inmatrix LTD) [File not signed] C:\Program Files (x86)\Zoom Player\MediaNavPlugins\Playlist.dll
2019-01-08 12:14 - 2019-01-08 12:14 - 000598528 _____ (Inmatrix LTD) [File not signed] C:\Program Files (x86)\Zoom Player\MediaNavPlugins\RSS_Feed.dll
2019-01-03 13:57 - 2019-01-03 13:57 - 000468480 _____ (Inmatrix LTD) [File not signed] C:\Program Files (x86)\Zoom Player\MediaNavPlugins\Run_application.dll
2019-01-03 13:54 - 2019-01-03 13:54 - 000530944 _____ (Inmatrix LTD) [File not signed] C:\Program Files (x86)\Zoom Player\MediaNavPlugins\YouTube_Channel.dll
2019-01-03 13:54 - 2019-01-03 13:54 - 000530944 _____ (Inmatrix LTD) [File not signed] C:\Program Files (x86)\Zoom Player\MediaNavPlugins\YouTube_Search.dll
2019-01-03 13:54 - 2019-01-03 13:54 - 000685568 _____ (Inmatrix LTD) [File not signed] C:\Program Files (x86)\Zoom Player\MediaNavPlugins\YouTube_Trending.dll
2018-12-16 13:07 - 2018-12-16 13:07 - 000559104 _____ (Inmatrix LTD) [File not signed] C:\Program Files (x86)\Zoom Player\Scrapers\theaudiodb.dll
2019-01-13 12:43 - 2019-01-13 12:43 - 000619008 _____ (Inmatrix LTD) [File not signed] C:\Program Files (x86)\Zoom Player\Scrapers\themoviedb.dll
2017-03-09 14:17 - 2017-03-09 14:17 - 001045504 _____ (Inmatrix LTD) [File not signed] C:\Program Files (x86)\Zoom Player\SubPlugins\
2012-10-16 14:17 - 2012-10-16 14:17 - 000149720 _____ (MaresWEB) [File not signed] C:\Program Files (x86)\Bass Audio Decoder\bass_aac.dll
2013-01-31 17:02 - 2013-01-31 17:02 - 000009416 _____ (MaresWEB) [File not signed] C:\Program Files (x86)\Bass Audio Decoder\bass_alac.dll
2011-08-03 16:48 - 2011-08-03 16:48 - 000033456 _____ (MaresWEB) [File not signed] C:\Program Files (x86)\Bass Audio Decoder\bass_ape.dll
2012-05-09 13:26 - 2012-05-09 13:26 - 000021112 _____ (MaresWEB) [File not signed] C:\Program Files (x86)\Bass Audio Decoder\bass_mpc.dll
2009-04-24 11:20 - 2009-04-24 11:20 - 000005960 _____ (MaresWEB) [File not signed] C:\Program Files (x86)\Bass Audio Decoder\bass_ofr.dll
2008-02-27 21:49 - 2008-02-27 21:49 - 000008536 _____ (MaresWEB) [File not signed] C:\Program Files (x86)\Bass Audio Decoder\bass_tta.dll
2011-07-08 15:45 - 2011-07-08 15:45 - 000112640 _____ (Thomas Becker, Osnabrueck) [File not signed] C:\Program Files (x86)\Bass Audio Decoder\tak_deco_lib.dll
2013-02-16 14:02 - 2013-02-16 14:02 - 000107584 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Bass Audio Decoder\bass.dll
2011-05-12 14:16 - 2011-05-12 14:16 - 000019008 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Bass Audio Decoder\basscd.dll
2009-12-09 12:40 - 2009-12-09 12:40 - 000025152 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Bass Audio Decoder\bassflac.dll
2012-08-23 14:43 - 2012-08-23 14:43 - 000054328 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Bass Audio Decoder\bassopus.dll
2012-12-05 18:27 - 2012-12-05 18:27 - 000025664 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Bass Audio Decoder\basswv.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:ADAB671B [148]
AlternateDataStreams: C:\Users\Otto\Downloads\iKupon.pdf:BDU [1]
AlternateDataStreams: C:\Users\Otto\Downloads\Přehled stavu pojistné smlouvy (1).pdf:BDU [1]
AlternateDataStreams: C:\Users\Otto\Downloads\Přehled stavu pojistné smlouvy.pdf:BDU [1]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-01-28 21:24 - 2020-01-28 21:24 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Common Files\Acronis\VirtualFile;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64;C:\Program Files (x86)\Common Files\Acronis\SnapAPI;C:\Program Files\RogueKiller;
HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Otto\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: -
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: BrHelp => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: GarminExpress => "C:\Program Files (x86)\Garmin\Express\express.exe" /minimized
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AEB25413-11C6-47F7-9D58-838C5731CDC5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6B366BD7-1EDC-4330-9B79-59545B3E4F15}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4CEF0E7E-6D09-440C-BF97-702649B8BFAC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F5D17C64-42FC-4842-86EF-758295DD3CBB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{940B0368-E343-417D-90A9-66F16E3669A0}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{13D2238A-F40C-412E-BBBD-74859E2D8017}C:\users\otto\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\otto\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{72F976B0-20B4-40C2-8748-73129E25C2F7}C:\users\otto\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\otto\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{34632808-E6E9-4539-A56A-34BA37EFE731}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{150E5750-8091-4099-90CF-B81B6B684F5D}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [TCP Query User{EF5C1776-B958-4424-B8D8-16855E36E570}C:\users\otto\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\otto\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{331EA9A8-7C1B-448C-AA3C-BF082C9330C1}C:\users\otto\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\otto\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{DB2C4F1F-13F0-4123-9B63-091240DC6520}] => (Allow) C:\Users\Otto\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{EAD0E95B-0EBA-4956-B4A9-33F1331740D1}] => (Allow) C:\Users\Otto\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{7B2C2B88-DF4D-4A23-B9EF-13C12D012687}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{89855CC8-1A4B-4A59-A56F-ADEF07005C8A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{E5EA4515-6722-4B2A-BA58-58219A68FC16}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

30-01-2020 10:53:19 End of disinfection
30-01-2020 11:54:46 Revo Uninstaller Pro's restore point - Malwarebytes version
30-01-2020 11:56:34 Revo Uninstaller Pro's restore point - Zemana AntiMalware verze 3.1.495

==================== Faulty Device Manager Devices ============

Name: AMSDK Driver
Description: AMSDK Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Service: amsdk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: ========================

Application errors:
Error: (01/28/2020 09:02:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: malwarebytes_assistant.exe, verze:, časové razítko: 0x5df160e0
Název chybujícího modulu: malwarebytes_assistant.exe, verze:, časové razítko: 0x5df160e0
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000006f96b
ID chybujícího procesu: 0x824
Čas spuštění chybující aplikace: 0x01d5d615c4b109b4
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe
ID zprávy: 19cd9688-4209-11ea-aa8b-50465d8f71a5

Error: (01/27/2020 06:50:20 AM) (Source: MsiInstaller) (EventID: 11606) (User: Otto-PC)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.

Error: (01/27/2020 06:50:17 AM) (Source: MsiInstaller) (EventID: 11606) (User: Otto-PC)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.

Error: (01/27/2020 06:49:53 AM) (Source: MsiInstaller) (EventID: 11606) (User: Otto-PC)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.

Error: (01/27/2020 06:48:37 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.

Shromažďování dat modulu pro zápis

ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {23ce782d-543b-4c62-b128-ab24d83adea2}

Error: (01/27/2020 04:48:01 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Otto-PC)
Description: Systém Windows nemůže nalézt místní profil. Budete přihlášeni pomocí dočasného profilu. Změny profilu budou při vašem odhlášení ztraceny.

Error: (01/27/2020 04:48:01 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Otto-PC)
Description: Systém Windows zálohoval profil tohoto uživatele. Systém se automaticky pokusí použít zazálohovaný profil při příštím přihlášení uživatele.

Error: (01/27/2020 04:48:00 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: Otto-PC)
Description: Systém Windows nemůže načíst místně uložený profil. Možné příčiny této chyby zahrnují nedostatečná zabezpečovací práva nebo poškozený místní profil.

PODROBNOSTI – Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

System errors:
Error: (02/01/2020 11:26:35 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Služba WMPNetworkSvc nebyla spuštěna správně, protože u funkce CoCreateInstance (CLSID_UPnPDeviceFinder) došlo k chybě 0x80004005. Zkontrolujte, zda je spuštěná služba UPnPHost a zda je správně nainstalována součást systému Windows UPnPHost.

Error: (01/29/2020 03:17:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/28/2020 10:00:04 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Služba WMPNetworkSvc nebyla spuštěna správně, protože u funkce CoCreateInstance (CLSID_UPnPDeviceFinder) došlo k chybě 0x80004005. Zkontrolujte, zda je spuštěná služba UPnPHost a zda je správně nainstalována součást systému Windows UPnPHost.

Error: (01/28/2020 09:37:20 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/28/2020 09:37:19 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/28/2020 09:37:19 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/28/2020 09:37:18 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/28/2020 09:37:18 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


Date: 2018-06-21 20:25:28.811
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-06-21 20:25:28.718
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-06-21 12:13:10.388
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-06-21 12:13:10.295
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-04-27 20:28:45.408
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-04-27 20:28:45.345
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-04-27 20:28:45.298
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-04-27 20:28:45.236
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 0702 08/15/2012
Motherboard: ASUSTeK COMPUTER INC. P8H61-MX R2.0
Processor: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz
Percentage of memory in use: 67%
Total physical RAM: 4047.84 MB
Available physical RAM: 1329.95 MB
Total Virtual: 8093.83 MB
Available Virtual: 5158.69 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:280.73 GB) NTFS

\\?\Volume{180fac7c-10b3-11e7-a0d5-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 4965A0C3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž

Re: Prosím o kontrolu logu

Příspěvekod OTAS » 01 úno 2020 14:10

Tady v auto kelly když dám koupit tak mě to napište žlutě přidáno do košíku ale košík se na stránce neobjeví.Košík by měl být vpravo nahoře za českou vlajkou.No a ta stránka heureka už funguje po spuštění FarbarRecovery Scan Tool

Uživatelský avatar
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43072
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 01 úno 2020 20:17

Je třeba odinstalůovat vše od Avastu , máš Kaspersky.

Máš tam:
Overseer.exe je schopen sledovat aplikace a manipulovat s jinými programy. Proto je technické bezpečnostní hodnocení 15% nebezpečné .

Odinstalace této varianty: V případě problémů s overseer.exe můžete také provést následující:

navštivte webovou stránku [1] [2]
bezpečně odstranit program pomocí odinstalačního programu společnosti AVAST Software sro nebo AVG Netherlands BV (Ovládací panely ⇒ Odinstalovat program)
Důležité: Některé malware se maskují jako overseer.exe, zejména pokud jsou umístěny ve složce C: Windows nebo C: Windows System32. Proto byste měli zkontrolovat proces overseer.exe v počítači a zjistit, zda se jedná o hrozbu. Doporučujeme Správce úloh pro ověření zabezpečení počítače. To byl jeden z nejlepších stáhnutí výběrů Washington Post a PC World .

Poté udělej nový sken frst s oběma logy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž

Re: Prosím o kontrolu logu

Příspěvekod OTAS » 03 úno 2020 12:22

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by Otto (administrator) on OTTO-PC (03-02-2020 12:14:44)
Running from C:\Users\Otto\Desktop
Loaded Profiles: Otto (Available Profiles: Otto & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler64.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avpui.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\Software\Policies\...\system: [disablecmd] 0
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-17] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {043A0EE9-CA26-4648-9F8E-1437A239C896} - System32\Tasks\{71B27A0D-721D-42CE-8B83-05167AB2D7BA} => C:\Windows\system32\pcalua.exe -a "C:\Users\Otto\Downloads\zoek (3).exe" -d C:\Users\Otto\Downloads
Task: {0C6FB184-16B6-4016-B929-E5D17924CF26} - System32\Tasks\{B3C392F5-C8C3-4C3C-8804-C840AFCE3810} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {0E0960DD-44DA-481F-8B18-700CEF473EBF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-14] (Google Inc -> Google Inc.)
Task: {11D0BBE2-0359-41D6-89B5-C636A95C2017} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-12-12] (Garmin International, Inc. -> )
Task: {1D9DAE34-D095-4599-9739-02B97D18F7AD} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_Plugin.exe [1458232 2020-01-23] (Adobe Inc. -> Adobe)
Task: {284D8FF2-F281-4A92-970F-87BA553794A0} - System32\Tasks\{F17D40F3-F484-4A50-8394-0EF545CAF746} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {31B09697-86A1-4C6B-81E8-1C1C75245794} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: {4C6B03B5-6046-4DF9-A335-F862637171B2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {5B5156C3-7F2F-4F16-9397-7D21D6850DB5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {5EC3EE66-2D9F-4F58-AB98-E49621327715} - System32\Tasks\{4DD38B43-9E2A-4835-9271-6C1E819E10E5} => C:\Windows\system32\pcalua.exe -a "C:\Users\Otto\Downloads\zoek (3).exe" -d C:\Users\Otto\Downloads
Task: {639B12E9-0FA0-4798-BFF6-7F119315E56D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-23] (Adobe Inc. -> Adobe)
Task: {732DC332-C408-4542-B672-D0DA00E83CBA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9C1BC15C-96E6-4F3E-AB3E-1777C257F488} - System32\Tasks\{D43AA914-4C04-4A51-BCEB-9D2B1A3A847D} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\DVDFab\uninstall.exe" -d "C:\Program Files (x86)\DVDFab"
Task: {9DFDC742-049D-4220-B697-E124F7FC87E8} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {C3FEDB28-0FA3-48CF-BD97-42B9B381865E} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {E5D75222-B2EC-45E3-A6C0-52792F15D495} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-14] (Google Inc -> Google Inc.)
Task: {E6F7B6DA-B83E-4930-92DA-ACCDB9CDFD36} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2019-12-18] (Kaspersky Lab -> AO Kaspersky Lab)
Task: {FA09114F-0BA3-4079-8C96-FBDB1A35B34C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_pepper.exe [1453624 2020-01-23] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer]
Tcpip\..\Interfaces\{01C3FF8A-351D-4688-A431-728EF9387B19}: [DhcpNameServer]
Tcpip\..\Interfaces\{D071B99D-D6EA-4E49-B790-473DC6A753C2}: [NameServer],

Internet Explorer:
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2781758306-2679381193-3636559717-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://{searchTerms}
BHO: No Name -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-10-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\IEExt\ie_plugin.dll [2019-12-20] (Kaspersky Lab -> AO Kaspersky Lab)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-19] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\IEExt\ie_plugin.dll [2019-12-20] (Kaspersky Lab -> AO Kaspersky Lab)

FF DefaultProfile: henbtv06.default-1537355602383
FF ProfilePath: C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\henbtv06.default-1537355602383 [2020-02-03]
FF Homepage: Mozilla\Firefox\Profiles\henbtv06.default-1537355602383 -> about:home
FF NewTab: Mozilla\Firefox\Profiles\henbtv06.default-1537355602383 -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\henbtv06.default-1537355602383 -> hxxps://
FF Extension: (Google Translator for Firefox) - C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\henbtv06.default-1537355602383\Extensions\translator@zoli.bod.xpi [2018-12-08]
FF Extension: (Video DownloadHelper) - C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\henbtv06.default-1537355602383\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-12-22]
FF Extension: (No Name) - C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\henbtv06.default-1537355602383\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-12-22]
FF HKLM\...\Firefox\Extensions: [] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Ochrana Kaspersky) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\FFExt\light_plugin_firefox\addon.xpi [2019-12-20]
FF HKLM-x32\...\Firefox\Extensions: [] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_321.dll [2020-01-23] (Adobe Inc. -> )
FF Plugin:,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: -> disabled [No File]
FF Plugin-x32: -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_321.dll [2020-01-23] (Adobe Inc. -> )
FF Plugin-x32: -> disabled [No File]
FF Plugin-x32: Update;version=3 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll [2020-01-11] (Google LLC -> Google LLC)
FF Plugin-x32: Update;version=9 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll [2020-01-11] (Google LLC -> Google LLC)
FF Plugin-x32:,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]

CHR Profile: C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default [2020-02-03]
CHR HomePage: Default -> hxxps://
CHR StartupUrls: Default -> "hxxp://"
CHR Extension: (Překladač Google) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-01-28]
CHR Extension: (Prezentace) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-28]
CHR Extension: (Dokumenty) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-28]
CHR Extension: (Disk Google) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-01-28]
CHR Extension: (YouTube) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-28]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2020-01-28]
CHR Extension: (Adobe Acrobat) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-01-28]
CHR Extension: (Ochrana Kaspersky) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2020-02-01]
CHR Extension: (Tabulky) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-01-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-28]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-02-03]
CHR Extension: (Gmail) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-01-28]
CHR Extension: (Chrome Media Router) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-01-28]
CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps:// ... pfhbdgnpbk
CHR HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps:// ... pfhbdgnpbk

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
S4 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-11-25] (Huawei Software Technologies Co., LTD. -> )
S3 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aftap0901; C:\Windows\System32\DRIVERS\aftap0901.sys [48624 2018-06-15] (AnchorFree Inc -> The OpenVPN Project)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [339808 2017-12-05] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [531584 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [79696 2019-12-20] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [145304 2019-12-20] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [251512 2019-10-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [516216 2019-09-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1123664 2019-10-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [998016 2019-10-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
R1 klwfp; C:\Windows\System32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [211048 2019-12-20] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-01-02] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1049432 2017-12-05] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R2 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [202592 2017-12-05] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 tnd; C:\Windows\System32\DRIVERS\tnd.sys [581464 2017-12-05] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [301408 2017-12-05] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S1 amsdk; \??\C:\Windows\system32\drivers\amsdk.sys [X]
U3 aswbdisk; no ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-03 12:14 - 2020-02-03 12:16 - 000018934 _____ C:\Users\Otto\Desktop\FRST.txt
2020-02-03 12:14 - 2020-02-03 12:14 - 000000000 ____D C:\Users\Otto\Desktop\FRST-OlderVersion
2020-02-03 11:51 - 2020-02-03 11:51 - 000000000 ____D C:\Users\Otto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-02-03 11:51 - 2020-02-03 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-02-03 11:50 - 2020-02-03 11:50 - 000000000 ____D C:\Users\Otto\Downloads\WinRAR v.5.80 Final Official (x86,x64)(CZ,SK)
2020-02-03 11:49 - 2020-02-03 11:49 - 000016810 _____ C:\Users\Otto\Downloads\[CzT]WinRAR_v_5_80_Final_Official_x86_x64_CZ_SK_.torrent
2020-02-03 11:47 - 2020-02-03 11:47 - 010823512 _____ (AVAST Software) C:\Users\Otto\Desktop\avastclear.exe
2020-02-01 11:52 - 2020-02-01 11:54 - 000036599 _____ C:\Users\Otto\Downloads\Addition.txt
2020-02-01 11:50 - 2020-02-01 11:54 - 000031825 _____ C:\Users\Otto\Downloads\FRST.txt
2020-02-01 11:48 - 2020-02-03 12:16 - 000000000 ____D C:\FRST
2020-02-01 11:48 - 2020-02-03 12:14 - 002279424 _____ (Farbar) C:\Users\Otto\Desktop\FRST64.exe
2020-01-30 12:37 - 2020-01-30 12:37 - 000019302 _____ C:\Users\Otto\Downloads\Mystic Prophecy - Metal Division 2CD -
2020-01-30 12:37 - 2020-01-30 12:37 - 000000000 ____D C:\Users\Otto\Downloads\Mystic Prophecy - Metal Division (2CD) (2020)
2020-01-30 12:05 - 2020-01-30 12:05 - 000039978 _____ C:\Users\Otto\Documents\cc_20200130_120519.reg
2020-01-30 12:05 - 2020-01-30 12:05 - 000002276 _____ C:\Users\Otto\Documents\cc_20200130_120531.reg
2020-01-30 10:50 - 2020-01-30 10:50 - 000000000 ____D C:\Users\Otto\Downloads\backups
2020-01-30 08:02 - 2020-02-01 13:28 - 000112640 _____ C:\Users\Otto\Documents\Cestovní náhrady Leden 2020.xls
2020-01-29 15:15 - 2020-01-30 11:56 - 000000000 ____D C:\Users\Otto\AppData\Local\AMSDK
2020-01-29 15:14 - 2020-01-29 15:14 - 012741568 _____ (Zemana Ltd. ) C:\Users\Otto\Downloads\AntiMalware_Setup.exe
2020-01-28 21:41 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2020-01-28 21:08 - 2020-01-28 21:08 - 000003120 _____ C:\Windows\system32\Tasks\{71B27A0D-721D-42CE-8B83-05167AB2D7BA}
2020-01-28 21:08 - 2020-01-28 21:08 - 000003120 _____ C:\Windows\system32\Tasks\{4DD38B43-9E2A-4835-9271-6C1E819E10E5}
2020-01-28 21:02 - 2020-01-30 12:03 - 000000000 ____D C:\Users\Otto\AppData\Local\CrashDumps
2020-01-28 20:55 - 2020-01-28 20:55 - 000001724 _____ C:\Users\Otto\Documents\mmmmm.txt
2020-01-24 13:00 - 2020-01-28 17:59 - 000000000 ____D C:\Users\Otto\AppData\Local\Adobe
2020-01-24 12:45 - 2020-01-24 12:45 - 000000000 ____D C:\Users\Otto\AppData\Local\mbamtray
2020-01-24 12:42 - 2020-01-24 12:42 - 001924728 _____ (Malwarebytes) C:\Users\Otto\Downloads\MBSetup.exe
2020-01-17 16:21 - 2020-01-17 16:22 - 000000000 ____D C:\ProgramData\Ashampoo
2020-01-17 16:21 - 2020-01-17 16:21 - 000001303 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 21.lnk
2020-01-17 16:21 - 2020-01-17 16:21 - 000001303 _____ C:\ProgramData\Desktop\Ashampoo Burning Studio 21.lnk
2020-01-17 16:21 - 2020-01-17 16:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2020-01-17 16:19 - 2020-01-17 16:19 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2020-01-17 16:16 - 2020-01-17 16:18 - 226005215 _____ C:\Users\Otto\Downloads\Ashampoo Burning Studio
2020-01-16 12:05 - 2020-01-16 12:06 - 016693784 _____ C:\Users\Otto\Downloads\Revo Uninstaller Pro 4.2.3.rar
2020-01-14 16:00 - 2020-01-14 16:45 - 000000000 ____D C:\Users\Otto\Desktop\foto mé
2020-01-12 17:09 - 2020-01-14 16:47 - 000000000 ____D C:\Users\Otto\Desktop\FOTKY Míša
2020-01-12 16:52 - 2020-01-12 17:06 - 000013304 _____ C:\Users\Otto\Desktop\INVENTURA 2019.xlsx
2020-01-12 16:04 - 2020-01-12 16:04 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2020-01-12 16:04 - 2020-01-12 16:04 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2020-01-12 15:59 - 2020-01-12 16:02 - 000000000 ____D C:\Users\Otto\Desktop\Andrea
2020-01-11 15:23 - 2020-01-14 16:45 - 000000000 ____D C:\Users\Otto\Desktop\Nová složka (2)
2020-01-11 14:02 - 2020-01-11 14:03 - 005901814 _____ C:\Users\Otto\Downloads\D_TEST_2019_02.pdf
2020-01-11 14:02 - 2020-01-11 14:02 - 004977698 _____ C:\Users\Otto\Downloads\D_TEST_2019_01.pdf
2020-01-11 13:47 - 2020-01-11 13:47 - 000000000 ____D C:\Users\Otto\Downloads\dTest 2019 06
2020-01-11 13:30 - 2020-01-11 13:31 - 000000000 ____D C:\Users\Otto\Downloads\dTest 2019 12
2020-01-10 10:02 - 2020-01-10 10:02 - 000001890 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2020-01-10 10:02 - 2020-01-10 10:02 - 000001890 _____ C:\ProgramData\Desktop\Garmin Express.lnk
2020-01-10 09:49 - 2020-01-10 09:49 - 000579688 _____ C:\Users\Otto\Downloads\Výpis z ú_tu stavebního spo_ení_0.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-03 12:16 - 2019-04-01 10:34 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-02-03 12:09 - 2009-07-14 05:45 - 000010288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-02-03 12:09 - 2009-07-14 05:45 - 000010288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-02-03 12:00 - 2018-06-27 19:25 - 000000000 ____D C:\ProgramData\AVAST Software
2020-02-03 12:00 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-02-03 11:51 - 2018-04-26 19:57 - 000000000 ____D C:\Program Files\WinRAR
2020-02-03 11:51 - 2017-03-25 21:03 - 000000000 ____D C:\Users\Otto\AppData\Roaming\uTorrent
2020-02-03 11:36 - 2019-11-02 18:13 - 000032768 _____ C:\Windows\SysWOW64\antimalware.unwanted_products.product_registry.kvdb-shm
2020-02-01 16:59 - 2018-09-17 12:29 - 000000000 ____D C:\ProgramData\Zoom Player
2020-02-01 11:27 - 2019-11-02 18:13 - 000032768 _____ C:\Windows\SysWOW64\antimalware.unwanted_products.browser_extension_registry.kvdb-shm
2020-02-01 11:27 - 2019-11-02 18:13 - 000032768 _____ C:\Windows\SysWOW64\antimalware.patch_management.product_registry.kvdb-shm
2020-01-30 12:03 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-01-30 12:01 - 2017-03-24 18:33 - 000002786 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-01-30 11:56 - 2018-02-28 19:27 - 000067389 _____ C:\Windows\ZAM.krnl.trace
2020-01-30 11:13 - 2009-07-26 19:41 - 000668542 _____ C:\Windows\system32\perfh005.dat
2020-01-30 11:13 - 2009-07-26 19:41 - 000141202 _____ C:\Windows\system32\perfc005.dat
2020-01-30 11:13 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2020-01-30 08:04 - 2017-03-26 00:59 - 000023701 _____ C:\Windows\BRRBCOM.INI
2020-01-29 15:15 - 2018-01-02 18:53 - 000000000 ____D C:\Users\Otto\AppData\Local\Zemana
2020-01-28 19:38 - 2017-03-24 18:03 - 000000000 ____D C:\Users\Otto
2020-01-27 06:51 - 2018-10-31 15:29 - 000000000 ____D C:\ProgramData\RogueKiller
2020-01-24 12:26 - 2017-03-30 20:10 - 000000000 ____D C:\Users\Otto\AppData\Temp
2020-01-24 11:43 - 2017-03-25 21:51 - 000000000 ____D C:\Users\Otto\Documents\Programy
2020-01-24 09:51 - 2019-11-02 18:13 - 000379072 _____ C:\Windows\SysWOW64\antimalware.patch_management.product_registry.kvdb-wal
2020-01-23 15:33 - 2018-03-19 22:28 - 000004482 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-23 15:33 - 2018-01-27 20:36 - 000004410 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-01-23 15:33 - 2017-10-30 22:33 - 000004494 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-01-23 15:33 - 2017-10-08 15:33 - 000000000 ____D C:\Windows\system32\Macromed
2020-01-23 15:33 - 2017-04-07 20:55 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-01-23 15:33 - 2017-04-07 20:55 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-01-23 15:33 - 2017-04-07 20:55 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-01-23 11:02 - 2017-03-25 16:41 - 000000000 ____D C:\Users\Otto\AppData\LocalLow\Mozilla
2020-01-22 15:21 - 2019-08-19 09:51 - 000000000 ____D C:\Users\Otto\Desktop\Nová složka
2020-01-17 17:04 - 2019-10-14 17:54 - 000002000 _____ C:\Users\Public\Desktop\Google Slides.lnk
2020-01-17 17:04 - 2019-10-14 17:54 - 000002000 _____ C:\ProgramData\Desktop\Google Slides.lnk
2020-01-17 17:04 - 2019-10-14 17:54 - 000001998 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2020-01-17 17:04 - 2019-10-14 17:54 - 000001998 _____ C:\ProgramData\Desktop\Google Sheets.lnk
2020-01-17 17:04 - 2019-10-14 17:54 - 000001988 _____ C:\Users\Public\Desktop\Google Docs.lnk
2020-01-17 17:04 - 2019-10-14 17:54 - 000001988 _____ C:\ProgramData\Desktop\Google Docs.lnk
2020-01-17 17:00 - 2017-05-02 15:39 - 000000000 ____D C:\Users\Otto\Documents\ConvertXtoVideo Ultimate
2020-01-17 16:38 - 2018-06-14 16:50 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-17 16:38 - 2018-06-14 16:50 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-17 16:38 - 2018-06-14 16:50 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-17 16:32 - 2017-03-24 18:46 - 000000000 ____D C:\Users\UpdatusUser
2020-01-17 16:24 - 2019-01-19 23:41 - 000000000 ____D C:\Users\Otto\AppData\Roaming\Ashampoo
2020-01-16 22:04 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2020-01-16 22:03 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2020-01-16 12:09 - 2017-03-26 01:23 - 000000000 ____D C:\ProgramData\VS Revo Group
2020-01-16 12:06 - 2018-09-14 15:29 - 000001077 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2020-01-16 12:06 - 2018-09-14 15:29 - 000001077 _____ C:\ProgramData\Desktop\Revo Uninstaller Pro.lnk
2020-01-16 12:06 - 2018-09-14 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2020-01-16 12:01 - 2019-04-01 10:34 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2020-01-14 16:21 - 2019-11-02 18:13 - 000020632 _____ C:\Windows\SysWOW64\antimalware.unwanted_products.product_registry.kvdb-wal
2020-01-12 16:18 - 2018-06-14 16:50 - 000003390 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-12 16:18 - 2018-06-14 16:50 - 000003262 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-12 16:18 - 2017-03-27 19:34 - 000003556 _____ C:\Windows\system32\Tasks\GarminUpdaterTask
2020-01-12 15:55 - 2019-11-08 17:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-01-12 15:55 - 2017-03-25 16:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-11 14:57 - 2017-04-20 17:44 - 000000000 ____D C:\Program Files (x86)\Google
2020-01-10 10:03 - 2017-03-27 19:35 - 000000000 ____D C:\Program Files (x86)\Garmin
2020-01-10 10:02 - 2017-03-27 19:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2020-01-10 10:02 - 2017-03-27 19:35 - 000000000 ____D C:\ProgramData\Garmin

==================== Files in the root of some directories ========

2017-06-10 16:17 - 2018-09-26 18:16 - 000099384 _____ () C:\Users\Otto\AppData\Roaming\inst.exe
2017-04-14 16:05 - 2018-09-26 18:16 - 000007859 _____ () C:\Users\Otto\AppData\Roaming\
2017-04-14 16:05 - 2018-09-26 18:16 - 000001167 _____ () C:\Users\Otto\AppData\Roaming\pcouffin.inf
2017-04-14 16:05 - 2018-09-26 18:16 - 000082816 _____ (VSO Software) C:\Users\Otto\AppData\Roaming\pcouffin.sys
2017-12-17 15:03 - 2017-12-17 15:03 - 000007667 _____ () C:\Users\Otto\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2020-02-01 14:36
==================== End of FRST.txt ========================

Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž

Re: Prosím o kontrolu logu

Příspěvekod OTAS » 03 úno 2020 12:22

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by Otto (03-02-2020 12:17:51)
Running from C:\Users\Otto\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2017-03-24 17:03:07)
Boot Mode: Normal

==================== Accounts: =============================

Administrator (S-1-5-21-2781758306-2679381193-3636559717-500 - Administrator - Disabled)
Guest (S-1-5-21-2781758306-2679381193-3636559717-501 - Limited - Disabled)
Otto (S-1-5-21-2781758306-2679381193-3636559717-1000 - Administrator - Enabled) => C:\Users\Otto
UpdatusUser (S-1-5-21-2781758306-2679381193-3636559717-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Internet Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DYD Youtube Source (remove only) (HKLM-x32\...\3DYD Youtube Source) (Version: - )
4K Video Downloader 4.10 (HKLM\...\{29F889EE-CD6A-48B7-8197-9E37E54336C9}) (Version: - Open Media LLC)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: - Adobe)
Aktualizace NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
ANT Drivers Installer x64 (HKLM\...\{0919C970-C55E-4322-AD6E-D561EC8C01EC}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ANT Drivers Installer x64 (HKLM\...\{99B72734-4395-42D0-ADFD-A9722A7AD7B0}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apowersoft Video Konvertor V4.7.2 (HKLM-x32\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.7.2 - APOWERSOFT LIMITED)
Ashampoo Burning Studio 21 (HKLM-x32\...\{91B33C97-3390-FD9A-8E0F-3F6BA7865E46}_is1) (Version: 21.3.0 - Ashampoo GmbH & Co. KG)
Backup and Sync from Google (HKLM\...\{825F60D9-2633-4D52-B2B0-5DA143433BBC}) (Version: 3.48.8668.1933 - Google, Inc.)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bass Audio Decoder (remove only) (HKLM-x32\...\Bass Audio Decoder) (Version: - )
Brother MFL-Pro Suite DCP-J105 (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
DCoder Image Source (remove only) (HKLM-x32\...\DCoder Image Source) (Version: - )
DeezLoader 3.0.1 (only current user) (HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\...\8675f592-6f7d-534e-a92f-1cdf755ecc58) (Version: 3.0.1 - ExtendLord)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
Elevated Installer (HKLM-x32\...\{EDCD0A1B-09BE-493A-B871-13F86760A5D0}) (Version: - Garmin Ltd or its subsidiaries) Hidden
EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 8.0.2 - Poikosoft)
FreeRapid Downloader (HKLM-x32\...\FreeRapid Downloader0.9u4) (Version: 0.9u4 - Vity)
Garmin Express (HKLM-x32\...\{0a5a7c12-97db-47da-874c-cfeeeac5676f}) (Version: - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{DD4EE84A-E101-4F03-A881-AF498F68811C}) (Version: - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{A336EAA0-135A-4338-B628-BA8DBB3BCA60}) (Version: - Garmin Ltd or its subsidiaries) Hidden
Garmin POI Loader (HKLM-x32\...\{68ca17aa-815c-4a71-8894-39e537ecb526}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin POILoader (HKLM-x32\...\{9EC5D99E-F5E5-4B88-AAAC-EA810E52CD4A}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Inpaint 7.2 (HKLM\...\{5808866F-D115-46B2-8123-BB6801968101}_is1) (Version: - Teorex)
Kaspersky Internet Security (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: - Kaspersky) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: - Kaspersky)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: - Kaspersky Lab)
LAV Filters 0.74.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.74.1 - Hendrik Leppkes)
MadVR (remove only) (HKLM-x32\...\MadVR) (Version: - )
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{46EA439E-2D16-49B6-AA80-00DE992FE7CE}) (Version: 7601 - Microsoft)
Mozilla Firefox 72.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.1 (x64 cs)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
NVIDIA Ovladače grafiky 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation)
Ovládací panel NVIDIA 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 309.08 - NVIDIA Corporation) Hidden
PhotoInstrument 7.3 (HKLM-x32\...\{5A7A2AED-781B-45DC-AAF6-EAA3A9370C83}}_is1) (Version: - Fatykhov Timur)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Revo Uninstaller Pro 4.2.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.2.3 - VS Revo Group, Ltd.)
RogueKiller version (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: - Adlice Software)
VSO ConvertXtoVideo Ultimate 2 (HKLM-x32\...\{{3852A371-F5ED-491A-86C3-998CD0688D4A}_is1) (Version: - VSO Software)
VSO ConvertXtoVideo Ultimate (HKLM-x32\...\VSO ConvertXtoVideo Ultimate_is1) (Version: -
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 - Garmin)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
WinRAR v.5.70 Final (HKLM-x32\...\WinRAR v.5.70 Final) (Version: v.5.70 Final - Libbi)
Zoner Photo Studio X CZ v.19.1809.2.93 (HKLM-x32\...\Zoner Photo Studio X CZ v.19.1809.2.93) (Version: v.19.1809.2.93 - Libbi)
Zoom Player (remove only) (HKLM-x32\...\ZoomPlayer) (Version: 14.5 - Inmatrix LTD)
Zoom Player Czech language (remove only) (HKLM-x32\...\ZoomPlayer_Czech) (Version: - )

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2781758306-2679381193-3636559717-1000_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> C:\Program Files\Zoner Photo Studio X CZ\Program64\SHELLEXT.DLL (ZONER software, a.s. -> ZONER software)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-12-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-12-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-12-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => -> No File
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [EzCd] -> [CC]{E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => -> No File
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-12-22] (Google LLC -> Google)
ContextMenuHandlers1: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-12-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-12-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [EzCd] -> [CC]{E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => -> No File
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-12-22] (Google LLC -> Google)
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-12-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [ZPShellExt] -> [CC]{ABE00001-0123-ABED-1248-0248ADFA1909} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-12-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2781758306-2679381193-3636559717-1000: [ZONERMenu] -> [CC]{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => -> No File
ContextMenuHandlers2_S-1-5-21-2781758306-2679381193-3636559717-1000: [ZONERMenu] -> [CC]{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => -> No File
ContextMenuHandlers4_S-1-5-21-2781758306-2679381193-3636559717-1000: [ZONERMenu] -> [CC]{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-03-26 01:12 - 2005-04-22 05:36 - 000143360 ____R () [File not signed] C:\Windows\system32\BrSNMP64.dll
2017-12-17 19:16 - 2012-10-19 13:02 - 000087040 ____R (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:ADAB671B [148]
AlternateDataStreams: C:\Users\Otto\Downloads\iKupon.pdf:BDU [1]
AlternateDataStreams: C:\Users\Otto\Downloads\Přehled stavu pojistné smlouvy (1).pdf:BDU [1]
AlternateDataStreams: C:\Users\Otto\Downloads\Přehled stavu pojistné smlouvy.pdf:BDU [1]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-01-28 21:24 - 2020-01-28 21:24 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Common Files\Acronis\VirtualFile;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64;C:\Program Files (x86)\Common Files\Acronis\SnapAPI;C:\Program Files\RogueKiller;
HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Otto\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: -
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: BrHelp => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: GarminExpress => "C:\Program Files (x86)\Garmin\Express\express.exe" /minimized
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AEB25413-11C6-47F7-9D58-838C5731CDC5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6B366BD7-1EDC-4330-9B79-59545B3E4F15}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4CEF0E7E-6D09-440C-BF97-702649B8BFAC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F5D17C64-42FC-4842-86EF-758295DD3CBB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{940B0368-E343-417D-90A9-66F16E3669A0}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{13D2238A-F40C-412E-BBBD-74859E2D8017}C:\users\otto\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\otto\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{72F976B0-20B4-40C2-8748-73129E25C2F7}C:\users\otto\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\otto\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{34632808-E6E9-4539-A56A-34BA37EFE731}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{150E5750-8091-4099-90CF-B81B6B684F5D}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [TCP Query User{EF5C1776-B958-4424-B8D8-16855E36E570}C:\users\otto\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\otto\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{331EA9A8-7C1B-448C-AA3C-BF082C9330C1}C:\users\otto\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\otto\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{DB2C4F1F-13F0-4123-9B63-091240DC6520}] => (Allow) C:\Users\Otto\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{EAD0E95B-0EBA-4956-B4A9-33F1331740D1}] => (Allow) C:\Users\Otto\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{7B2C2B88-DF4D-4A23-B9EF-13C12D012687}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{89855CC8-1A4B-4A59-A56F-ADEF07005C8A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{E5EA4515-6722-4B2A-BA58-58219A68FC16}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

30-01-2020 10:53:19 End of disinfection
30-01-2020 11:54:46 Revo Uninstaller Pro's restore point - Malwarebytes version
30-01-2020 11:56:34 Revo Uninstaller Pro's restore point - Zemana AntiMalware verze 3.1.495

==================== Faulty Device Manager Devices ============

Name: AMSDK Driver
Description: AMSDK Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Service: amsdk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: ========================

Application errors:
Error: (01/28/2020 09:02:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: malwarebytes_assistant.exe, verze:, časové razítko: 0x5df160e0
Název chybujícího modulu: malwarebytes_assistant.exe, verze:, časové razítko: 0x5df160e0
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000006f96b
ID chybujícího procesu: 0x824
Čas spuštění chybující aplikace: 0x01d5d615c4b109b4
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe
ID zprávy: 19cd9688-4209-11ea-aa8b-50465d8f71a5

Error: (01/27/2020 06:50:20 AM) (Source: MsiInstaller) (EventID: 11606) (User: Otto-PC)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.

Error: (01/27/2020 06:50:17 AM) (Source: MsiInstaller) (EventID: 11606) (User: Otto-PC)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.

Error: (01/27/2020 06:49:53 AM) (Source: MsiInstaller) (EventID: 11606) (User: Otto-PC)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.

Error: (01/27/2020 06:48:37 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.

Shromažďování dat modulu pro zápis

ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {23ce782d-543b-4c62-b128-ab24d83adea2}

Error: (01/27/2020 04:48:01 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Otto-PC)
Description: Systém Windows nemůže nalézt místní profil. Budete přihlášeni pomocí dočasného profilu. Změny profilu budou při vašem odhlášení ztraceny.

Error: (01/27/2020 04:48:01 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Otto-PC)
Description: Systém Windows zálohoval profil tohoto uživatele. Systém se automaticky pokusí použít zazálohovaný profil při příštím přihlášení uživatele.

Error: (01/27/2020 04:48:00 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: Otto-PC)
Description: Systém Windows nemůže načíst místně uložený profil. Možné příčiny této chyby zahrnují nedostatečná zabezpečovací práva nebo poškozený místní profil.

PODROBNOSTI – Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

System errors:
Error: (02/01/2020 11:26:35 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Služba WMPNetworkSvc nebyla spuštěna správně, protože u funkce CoCreateInstance (CLSID_UPnPDeviceFinder) došlo k chybě 0x80004005. Zkontrolujte, zda je spuštěná služba UPnPHost a zda je správně nainstalována součást systému Windows UPnPHost.

Error: (01/29/2020 03:17:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/28/2020 10:00:04 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Služba WMPNetworkSvc nebyla spuštěna správně, protože u funkce CoCreateInstance (CLSID_UPnPDeviceFinder) došlo k chybě 0x80004005. Zkontrolujte, zda je spuštěná služba UPnPHost a zda je správně nainstalována součást systému Windows UPnPHost.

Error: (01/28/2020 09:37:20 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/28/2020 09:37:19 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/28/2020 09:37:19 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/28/2020 09:37:18 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/28/2020 09:37:18 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


Date: 2018-06-21 20:25:28.811
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-06-21 20:25:28.718
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-06-21 12:13:10.388
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-06-21 12:13:10.295
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-04-27 20:28:45.408
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-04-27 20:28:45.345
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-04-27 20:28:45.298
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-04-27 20:28:45.236
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 0702 08/15/2012
Motherboard: ASUSTeK COMPUTER INC. P8H61-MX R2.0
Processor: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz
Percentage of memory in use: 63%
Total physical RAM: 4047.84 MB
Available physical RAM: 1490.88 MB
Total Virtual: 8093.83 MB
Available Virtual: 5346.32 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:280 GB) NTFS

\\?\Volume{180fac7c-10b3-11e7-a0d5-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 4965A0C3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž

Re: Prosím o kontrolu logu

Příspěvekod OTAS » 03 úno 2020 12:34

Takto to vypadá když dám ve vyhledávači heureka

Uživatelský avatar
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43072
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 03 úno 2020 18:20

Nemáš v prohlížeči nějakou blokaci těch stránek? Nebo v antiviru , firewallu?
Vyčisti v prohlížeči cache , historii ap.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Task: {0E0960DD-44DA-481F-8B18-700CEF473EBF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-14] (Google Inc -> Google Inc.)
Task: {9DFDC742-049D-4220-B697-E124F7FC87E8} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {C3FEDB28-0FA3-48CF-BD97-42B9B381865E} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {E5D75222-B2EC-45E3-A6C0-52792F15D495} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-14] (Google Inc -> Google Inc.)
SearchScopes: HKU\S-1-5-21-2781758306-2679381193-3636559717-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://{searchTerms}
BHO: No Name -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> No File
FF Extension: (No Name) - C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\henbtv06.default-1537355602383\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-12-22]
FF Plugin: -> disabled [No File]
FF Plugin-x32: -> disabled [No File]
CHR HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
U3 aswbdisk; no ImagePath
2020-01-28 21:08 - 2020-01-28 21:08 - 000003120 _____ C:\Windows\system32\Tasks\{71B27A0D-721D-42CE-8B83-05167AB2D7BA}
2020-01-28 21:08 - 2020-01-28 21:08 - 000003120 _____ C:\Windows\system32\Tasks\{4DD38B43-9E2A-4835-9271-6C1E819E10E5}
C:\ProgramData\AVAST Software
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => -> No File
ContextMenuHandlers1: [EzCd] -> [CC]{E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => -> No File
ContextMenuHandlers1: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers4: [EzCd] -> [CC]{E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => -> No File
ContextMenuHandlers4: [ZPShellExt] -> [CC]{ABE00001-0123-ABED-1248-0248ADFA1909} => -> No File
ContextMenuHandlers6: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers1_S-1-5-21-2781758306-2679381193-3636559717-1000: [ZONERMenu] -> [CC]{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => -> No File
ContextMenuHandlers2_S-1-5-21-2781758306-2679381193-3636559717-1000: [ZONERMenu] -> [CC]{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => -> No File
ContextMenuHandlers4_S-1-5-21-2781758306-2679381193-3636559717-1000: [ZONERMenu] -> [CC]{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:ADAB671B [148]


(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Pak dej vědět..
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž

Re: Prosím o kontrolu logu

Příspěvekod OTAS » 04 úno 2020 08:50

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by Otto (04-02-2020 08:42:47) Run:1
Running from C:\Users\Otto\Desktop
Loaded Profiles: Otto (Available Profiles: Otto & UpdatusUser)
Boot Mode: Normal

fixlist content:
Task: {0E0960DD-44DA-481F-8B18-700CEF473EBF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-14] (Google Inc -> Google Inc.)
Task: {9DFDC742-049D-4220-B697-E124F7FC87E8} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {C3FEDB28-0FA3-48CF-BD97-42B9B381865E} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {E5D75222-B2EC-45E3-A6C0-52792F15D495} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-14] (Google Inc -> Google Inc.)
SearchScopes: HKU\S-1-5-21-2781758306-2679381193-3636559717-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://{searchTerms}
BHO: No Name -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> No File
FF Extension: (No Name) - C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\henbtv06.default-1537355602383\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-12-22]
FF Plugin: -> disabled [No File]
FF Plugin-x32: -> disabled [No File]
CHR HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
U3 aswbdisk; no ImagePath
2020-01-28 21:08 - 2020-01-28 21:08 - 000003120 _____ C:\Windows\system32\Tasks\{71B27A0D-721D-42CE-8B83-05167AB2D7BA}
2020-01-28 21:08 - 2020-01-28 21:08 - 000003120 _____ C:\Windows\system32\Tasks\{4DD38B43-9E2A-4835-9271-6C1E819E10E5}
C:\ProgramData\AVAST Software
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => -> No File
ContextMenuHandlers1: [EzCd] -> [CC]{E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => -> No File
ContextMenuHandlers1: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers4: [EzCd] -> [CC]{E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => -> No File
ContextMenuHandlers4: [ZPShellExt] -> [CC]{ABE00001-0123-ABED-1248-0248ADFA1909} => -> No File
ContextMenuHandlers6: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers1_S-1-5-21-2781758306-2679381193-3636559717-1000: [ZONERMenu] -> [CC]{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => -> No File
ContextMenuHandlers2_S-1-5-21-2781758306-2679381193-3636559717-1000: [ZONERMenu] -> [CC]{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => -> No File
ContextMenuHandlers4_S-1-5-21-2781758306-2679381193-3636559717-1000: [ZONERMenu] -> [CC]{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:ADAB671B [148]


Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0E0960DD-44DA-481F-8B18-700CEF473EBF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E0960DD-44DA-481F-8B18-700CEF473EBF}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9DFDC742-049D-4220-B697-E124F7FC87E8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DFDC742-049D-4220-B697-E124F7FC87E8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3FEDB28-0FA3-48CF-BD97-42B9B381865E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3FEDB28-0FA3-48CF-BD97-42B9B381865E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E5D75222-B2EC-45E3-A6C0-52792F15D495}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5D75222-B2EC-45E3-A6C0-52792F15D495}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => removed successfully
C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\henbtv06.default-1537355602383\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi => moved successfully
HKLM\Software\MozillaPlugins\ => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\ => removed successfully
HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully
aswbdisk => service removed successfully
C:\Windows\system32\Tasks\{71B27A0D-721D-42CE-8B83-05167AB2D7BA} => moved successfully
C:\Windows\system32\Tasks\{4DD38B43-9E2A-4835-9271-6C1E819E10E5} => moved successfully
C:\ProgramData\AVAST Software => moved successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\Otto\AppData\Roaming\inst.exe => moved successfully
C:\Users\Otto\AppData\Local\Resmon.ResmonCfg => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\AcronisSyncError => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\AcronisSyncInProgress => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\AcronisSyncOk => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\EzCd => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\EzCd => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ZPShellExt => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\Software\Classes\*\ShellEx\ContextMenuHandlers\ZONERMenu => removed successfully
HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\Software\Classes\Drive\ShellEx\ContextMenuHandlers\ZONERMenu => removed successfully
HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ZONERMenu => removed successfully
C:\ProgramData\TEMP => ":ADAB671B" ADS removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5616316 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 33585 B
Edge => 0 B
Chrome => 43333390 B
Firefox => 230203 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 91517 B
LocalService => 91517 B
NetworkService => 91517 B
Otto => 11760676 B
UpdatusUser => 11760676 B

RecycleBin => 13784063 B
EmptyTemp: => 90.8 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 08:45:13 ====

Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž

Re: Prosím o kontrolu logu

Příspěvekod OTAS » 04 úno 2020 15:53

Je to stejné když kliknu na heureka tak mě to ukaže toto

Uživatelský avatar
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43072
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 04 úno 2020 18:12

Jiný prohlížeč si zkoušel?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž

Re: Prosím o kontrolu logu

Příspěvekod OTAS » 04 úno 2020 19:01

Nejde to nikde Google Chrome ani Firefox ani internet explorer

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Google Adsense [Bot] a 13 hostů