A zde vkládám aktuální log z HiJackThis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:20:14, on 13.2.2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19267)


Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\windows\system32\RunDll32.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Zemana AntiMalware\ZAM.exe
C:\windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Žeryk\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
O4 - HKLM\..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [ZAM] "C:\Program Files\Zemana AntiMalware\ZAM.exe" /minimized
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 3540 series.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: WSKVAllmytubechrome - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9fc8b38ddee9fbba\aestsrv.exe
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - c:\Windows\system32\flcdlock.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9fc8b38ddee9fbba\STacSV.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\system32\uArcCapture.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files\Zemana AntiMalware\ZAM.exe

--
End of file - 10164 bytes

Po tomto postupu jsem PC zrestartovala. Restart se poprvé provedl ihned, bez hlášky „Host Process for Windows Tasks“ a informace, že na pozadí jsou spuštěny nějaké aplikace. Po opětovném přihlášení vyloženě nevidím, že by byl nějaký problém, anebo někde "něco" zůstalo... Ve správci úloh zůstal proces "Host process for Windows Tasks" (původní název "TaskHost.exe"), ale nevím, zda tento proces už není v pořádku, není třeba součástí aplikace Microsoft. Tomu vážně úplně nerozumím...
Jinak určitě je viditelné zrychlení PC, to tedy určitě. Prozatím nevyskočila ani hláška odkazující na přítomnost "hosta" ve spojitosti s adresou x.acme.com, nebo tak nějak, která se po přihlášení zobrazovala a hlásila hrozbu. Taky jsem si všimla, že zoek smazal z plochy pdf, které jsem stáhla z uložto pro otevírání pdf souborů a které mi ESET potvrdil jako bezproblémové.
Tak nevím - takhle se jinak jeví už jako OK...

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod



To je druhý případ , kdy zoek smaže něco , co nemá..stáhneš si znovu?
Pokud ano , je to vše.

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt
Další odkazy:
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

V HJT jsem fixla uvedené položky podle postupu.

Pdf snad někde dohledám, to potřebuju k práci, ostatní je postradatelné, teď už se jen bojím cokoli stahovat...

Jinak vkládám log z DelFix:

# DelFix v1.013 - Logfile created 13/02/2019 at 22:23:46
# Updated 17/04/2016 by Xplode
# Username : Žeryk - ŽERYK-NB
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\Žeryk\Desktop\AdwCleaner.exe
Deleted : C:\Users\Žeryk\Desktop\AdwCleaner[S00].txt
Deleted : C:\Users\Žeryk\Desktop\JRT.exe
Deleted : C:\Users\Žeryk\Desktop\JRT.txt
Deleted : C:\Users\Žeryk\Desktop\hijackthis log.txt
Deleted : C:\Users\Žeryk\Desktop\HijackThis.exe
Deleted : C:\Users\Žeryk\Desktop\hijackthis.log
Deleted : C:\Users\Žeryk\Desktop\RogueKiller Log.txt
Deleted : C:\Users\Žeryk\Desktop\RogueKiller New Log.txt
Deleted : C:\Users\Žeryk\Desktop\RogueKiller_portable32.exe
Deleted : C:\Users\Žeryk\Desktop\TFC.exe
Deleted : C:\Users\Žeryk\Desktop\zoek-results.txt
Deleted : C:\Users\Žeryk\Desktop\zoek.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #802 [Windows Update | 02/08/2019 09:34:48]
Deleted : RP #803 [JRT Pre-Junkware Removal | 02/11/2019 13:22:11]
Deleted : RP #804 [Installed Sophos Virus Removal Tool. | 02/11/2019 13:32:10]
Deleted : RP #805 [Windows Update | 02/12/2019 09:23:44]
Deleted : RP #806 [Windows Update | 02/13/2019 12:00:13]
Deleted : RP #807 [zoek.exe restore point | 02/13/2019 18:35:12]

New restore point created !

########## - EOF - ##########


Ještě dotaz - všechno zbylé, co mi zůstalo na ploše a na disku C, mám ponechat, anebo musím ještě něco nechat odinstalovat či jen smazat?? Myslím např. Memtest, CrystalDiskInfo, Speedfun, Zemana...

Co půjde odinstalovat , odinstaluj , ostatní smaž.

Dobře.

jaro3, hrozně moc ti děkuju za pomoc, za celý proces a dny, které si mi věnoval!!!

Dávám vyřešeno a ještě jednou díky!

Prosím, ještě, než uzavřu téma jako vyřešené, můžu se poradit. Včera večer jsem provedla vše podle postupu a vše se pak jevilo jako OK (viz. popis aktuální situace). Když jsem pak vyčistila PC DelFix a vložila log, potvrdila jsem, že je zřejmě už vše OK. Když jsem ale večer v samém závěru chtěla dát restart (po celém postupu a čištění PC), opět se mi zobrazila hláška, že restart není možný, protože na pozadí jsou otevřené nějaké programy (viz. Příloha 1). Je mi to divné, když neběží naprosto nic a PC je k odhlášení, že neumožní restart a hlásí pracující program. Všimla jsem si také, že na liště IE, kde mám různé odkazy, se změnily loga jednotlivých stránek, např. logo Yahoo se zobrazilo u Seznamu, logo Centrumu u Google, logo BIVŠ u Uložto atd., (viz příloha 2).
Můžu se v závěru, než potvrdím téma jako uzavřené, zeptat, zda je toto normální, zda programy běžící na pozadí a bránící restartu PC, jsou OK?

Ta první fotka , programy na pozadí jedou , le nevím jaké.když nejsou napsané.
Prohlížeč zajímavé.

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

Dobře...

Vkládám výsledný log z CrystalDiskInfo:

----------------------------------------------------------------------------
CrystalDiskInfo 8.0.0 (C) 2008-2018 hiyohiyo
Crystal Dew World : https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x86)
Date : 2019/02/14 22:16:19

-- Controller Map ----------------------------------------------------------
+ Intel(R) PCHM SATA AHCI Controller 6 Port [ATA]
- TOSHIBA MK5056GSY
- hp DVD RW AD-7701H

-- Disk List ---------------------------------------------------------------
(1) TOSHIBA MK5056GSY : 500,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) TOSHIBA MK5056GSY
----------------------------------------------------------------------------
Model : TOSHIBA MK5056GSY
Firmware : LH003C
Serial Number : 401TTAWVT
Disk Size : 500,1 GB (8,4/137,4/500,1/----)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 21195 hod.
Power On Count : 3465 krát
Temperature : 39 C (102 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----
Drive Letter : C: E:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
02 100 100 _50 000000000000 Průchodnost disku
03 100 100 __2 000000000875 Čas na roztočení ploten
04 100 100 __0 000000000DD0 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 100 100 _50 000000000000 Počet chybných hledání
08 100 100 _50 000000000000 Čas potřebný na vyhledání
09 _48 _48 __0 0000000052CB Hodin v činnosti
0A 170 100 _30 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000D89 Počet cyklů zapnutí zařízení
B7 100 100 __1 000000000000 Specifický pro výrobce
B8 100 100 _97 000000000000 Ukončovacích chyb
B9 100 100 __1 00000000FFFF Specifický pro výrobce
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __1 000000000000 Vysoká rychlost zápisu
BE _61 _47 _45 00002B1D0027 Teplota toku vzduchu
BF 100 100 __0 000000000170 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000540054 Počet vypnutí disku
C1 _93 _93 __0 000000011F35 Počet cyklů načítání/vymazání
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2034 3031 5454 4157 5654
020: 0000 8000 0004 4C48 3030 3343 2020 544F 5348 4942
030: 4120 4D4B 3530 3536 4753 5920 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0007 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0D06 0000 004C 004C
080: 01F8 0000 706B 7C09 6123 7069 BC09 6123 203F 0039
090: 0039 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 4000 0000 5000 0392
110: 71E0 04DC 0000 0000 0000 0000 0000 0000 0000 4014
120: 4014 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0033 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 D1A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 64 64 00 00 00 00 00 00 00 02 07
010: 00 64 64 00 00 00 00 00 00 00 03 03 00 64 64 75
020: 08 00 00 00 00 00 04 32 00 64 64 D0 0D 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 0F
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 64 64 00
050: 00 00 00 00 00 00 09 32 00 30 30 CB 52 00 00 00
060: 00 00 0A 13 00 AA 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 89 0D 00 00 00 00 00 B7 22 00 64 64 00
080: 00 00 00 00 00 00 B8 33 00 64 64 00 00 00 00 00
090: 00 00 B9 32 00 64 64 FF FF 00 00 00 00 00 BB 32
0A0: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 64 00
0B0: 00 00 00 00 00 00 BD 3A 00 64 64 00 00 00 00 00
0C0: 00 00 BE 22 00 3D 2F 27 00 1D 2B 00 00 00 BF 32
0D0: 00 64 64 70 01 00 00 00 00 00 C0 32 00 64 64 54
0E0: 00 54 00 00 00 00 C1 32 00 5D 5D 35 1F 01 00 00
0F0: 00 00 C4 32 00 64 64 00 00 00 00 00 00 00 C5 12
100: 00 64 64 00 00 00 00 00 00 00 C7 3E 00 C8 C8 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 51
170: 03 00 01 00 02 73 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 43

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 32 00 00 00 00 00 00 00 00 00 00 02 32
010: 00 00 00 00 00 00 00 00 00 00 03 02 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 32
040: 00 00 00 00 00 00 00 00 00 00 08 32 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 1E 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 B7 01 00 00 00 00
080: 00 00 00 00 00 00 B8 61 00 00 00 00 00 00 00 00
090: 00 00 B9 01 00 00 00 00 00 00 00 00 00 00 BB 00
0A0: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
0B0: 00 00 00 00 00 00 BD 01 00 00 00 00 00 00 00 00
0C0: 00 00 BE 2D 00 00 00 00 00 00 00 00 00 00 BF 00
0D0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0E0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0F0: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
100: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 86

..a oba logy z FRST:

FRST log:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-02-2019
Ran by Žeryk (administrator) on ŽERYK-NB (14-02-2019 22:21:50)
Running from C:\Users\Žeryk\Desktop
Loaded Profiles: Žeryk (Available Profiles: Žeryk)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9fc8b38ddee9fbba\stacsv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9fc8b38ddee9fbba\AEstSrv.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ArcSoft, Inc.) C:\Windows\System32\uArcCapture.exe
(Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [QLBController] => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [254520 2010-01-05] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-25] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [PDF Complete] => C:\Program Files\PDF Complete\pdfsty.exe [563736 2009-10-23] (PDF Complete -> PDF Complete Inc)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1690680 2009-12-16] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2009-12-16] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Run: [File Sanitizer] => C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [11265536 2009-12-12] (Hewlett-Packard) [File not signed]
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-12-09] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [ZAM] => C:\Program Files\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.)
HKU\S-1-5-21-758666899-2211297156-3181642844-1002\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-758666899-2211297156-3181642844-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\System32\scrnsave.scr [10240 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{10880D85-AAD9-4558-ABDC-2AB1552D831F}] -> C:\Program Files\Common Files\LightScribe\LSRunOnce.exe [2009-06-17] (Hewlett-Packard Company -> Hewlett-Packard Company)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\Žeryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 3540 series.lnk [2019-02-14]
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 3540 series.lnk -> C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2CEC74FE-6A34-4E3C-B0E1-0B37EB3855C7}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-758666899-2211297156-3181642844-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.cz/
HKU\S-1-5-21-758666899-2211297156-3181642844-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-758666899-2211297156-3181642844-1002 -> DefaultScope {6537C524-DDDB-4964-B1C7-A9C977A0B269} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-758666899-2211297156-3181642844-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-758666899-2211297156-3181642844-1002 -> {6537C524-DDDB-4964-B1C7-A9C977A0B269} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-758666899-2211297156-3181642844-1002 -> {D6E2E2A4-33B1-417A-9FC6-B24993BE4800} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_37180
BHO: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2009-12-12] (Hewlett-Packard)
BHO: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2009-12-03] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-10-02] ()
BHO: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-10-02] ()
Handler: WSKVAllmytubechrome - No CLSID Value -

FireFox:
========
FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2010-02-02] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-10-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-10-02] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

Chrome:
=======
CHR HKU\S-1-5-21-758666899-2211297156-3181642844-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9fc8b38ddee9fbba\aestsrv.exe [81920 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 AMD External Events Utility; C:\windows\system32\atiesrxx.exe [172032 2009-12-08] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [300808 2009-11-25] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2185272 2018-05-25] (ESET, spol. s r.o. -> ESET)
S3 FLCDLOCK; c:\Windows\system32\flcdlock.exe [362040 2009-11-17] (Hewlett-Packard Company -> Hewlett-Packard Ltd)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [120832 2009-10-15] (Hewlett-Packard) [File not signed]
R2 HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [102968 2009-12-16] (Hewlett-Packard Company -> Hewlett-Packard)
R2 HP ProtectTools Service; c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2009-11-19] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [102968 2009-12-16] (Hewlett-Packard Company -> Hewlett-Packard)
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe [81920 2010-01-07] (Hewlett-Packard Company) [File not signed]
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2009-12-16] (MCAFEE INTERNATIONAL LTD. -> McAfee, Inc.)
R2 HPFSService; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984 2009-12-12] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-01-05] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5247944 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-10-23] (PDF Complete -> PDF Complete Inc)
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9fc8b38ddee9fbba\STacSV.exe [229461 2009-12-03] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R2 uArcCapture; C:\windows\system32\uArcCapture.exe [506472 2009-12-04] (ArcSoft, Inc. -> ArcSoft, Inc.)
S2 vcsFPService; C:\windows\system32\vcsFPService.exe [1639728 2009-12-14] (Validity Sensors, Inc -> Validity Sensors, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 ZAMSvc; C:\Program Files\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [33848 2009-07-08] (Hewlett-Packard Company -> Hewlett-Packard)
S3 AgereSoftModem; C:\windows\System32\DRIVERS\AGRSM.sys [1035776 2009-07-13] (Microsoft Windows -> LSI Corp)
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [29824 2009-12-04] (ArcSoft, Inc. -> ArcSoft, Inc.)
R3 athr; C:\windows\System32\DRIVERS\athr.sys [1221632 2009-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 AtiHdmiService; C:\windows\System32\drivers\AtiHdmi.sys [100352 2009-11-18] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies, Inc.)
R3 atikmdag; C:\windows\System32\DRIVERS\atikmdag.sys [5092864 2009-12-08] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv.sys [32312 2009-10-21] (Hewlett-Packard Company -> Hewlett-Packard Development Company L.P.)
R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [209576 2018-04-18] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\windows\System32\DRIVERS\ehdrv.sys [158616 2018-04-18] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\windows\System32\DRIVERS\ekbdflt.sys [123808 2018-07-20] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\windows\System32\DRIVERS\epfw.sys [165336 2018-04-18] (ESET, spol. s r.o. -> ESET)
R1 EpfwLWF; C:\windows\System32\DRIVERS\EpfwLWF.sys [53752 2018-04-18] (ESET, spol. s r.o. -> ESET)
R0 epfwwfp; C:\windows\System32\DRIVERS\epfwwfp.sys [72424 2018-04-18] (ESET, spol. s r.o. -> ESET)
R2 giveio; C:\windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 HECI; C:\windows\System32\DRIVERS\HECI.sys [41088 2009-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R0 hpdskflt; C:\windows\System32\DRIVERS\hpdskflt.sys [25656 2009-07-08] (Hewlett-Packard Company -> Hewlett-Packard)
R3 HpqKbFiltr; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [15872 2009-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Development Company, L.P.)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [240440 2019-02-14] (Malwarebytes Corporation -> Malwarebytes)
R1 RsvLock; C:\Windows\System32\Drivers\RsvLock.sys [40088 2009-12-16] (MCAFEE INTERNATIONAL LTD. -> McAfee, Inc.)
R0 SafeBoot; C:\Windows\System32\Drivers\SafeBoot.sys [110520 2009-12-16] (CreateFileW function failed -> )
R0 SbAlg; C:\Windows\System32\Drivers\SbAlg.sys [51800 2009-12-16] (MCAFEE INTERNATIONAL LTD. -> McAfee, Inc.)
R0 SbFsLock; C:\Windows\System32\Drivers\SbFsLock.sys [13256 2009-12-16] (MCAFEE INTERNATIONAL LTD. -> McAfee, Inc.)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1763968 2009-12-18] (SONIX TECHNOLOGY CO. , LTD -> )
R2 speedfan; C:\windows\system32\speedfan.sys [24184 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 STHDA; C:\windows\System32\DRIVERS\stwrt.sys [423424 2009-12-03] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [24688 2019-02-13] (Adlice -> )
S3 WDC_SAM; C:\windows\System32\DRIVERS\wdcsam.sys [20256 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R1 ZAM; C:\windows\System32\drivers\zam32.sys [181496 2019-02-13] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\windows\System32\drivers\zamguard32.sys [181496 2019-02-13] (Zemana Ltd. -> Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-14 22:21 - 2019-02-14 22:23 - 000018792 _____ C:\Users\Žeryk\Desktop\FRST.txt
2019-02-14 22:21 - 2019-02-14 22:21 - 000000000 ____D C:\FRST
2019-02-14 22:19 - 2019-02-14 22:20 - 001792000 _____ (Farbar) C:\Users\Žeryk\Desktop\FRST.exe
2019-02-14 22:16 - 2019-02-14 22:16 - 000001940 _____ C:\Users\Žeryk\Desktop\CrystalDiskInfo.lnk
2019-02-14 22:16 - 2019-02-14 22:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2019-02-14 22:15 - 2019-02-14 22:16 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2019-02-14 22:14 - 2019-02-14 22:14 - 003942560 _____ (Crystal Dew World ) C:\Users\Žeryk\Desktop\CrystalDiskInfo8_0_0.exe
2019-02-14 15:32 - 2019-02-14 15:32 - 000000626 _____ C:\Users\Žeryk\Documents\cc_20190214_153216.reg
2019-02-14 14:59 - 2019-02-14 14:59 - 000240440 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2019-02-13 22:58 - 2019-02-13 22:58 - 000008272 _____ C:\Users\Žeryk\Documents\cc_20190213_225801.reg
2019-02-13 22:41 - 2019-02-13 22:41 - 000001129 _____ C:\Users\Žeryk\Desktop\CENZURA HD.lnk
2019-02-13 22:40 - 2019-02-13 22:40 - 000001913 _____ C:\Users\Žeryk\Desktop\PDF Complete.lnk
2019-02-13 22:23 - 2019-02-13 22:24 - 000001548 _____ C:\DelFix.txt
2019-02-13 20:05 - 2019-02-14 22:22 - 000078773 _____ C:\windows\ZAM.krnl.trace
2019-02-13 20:05 - 2019-02-14 22:22 - 000048660 _____ C:\windows\ZAM_Guard.krnl.trace
2019-02-13 20:05 - 2019-02-13 20:05 - 000181496 _____ (Zemana Ltd.) C:\windows\system32\Drivers\zamguard32.sys
2019-02-13 20:05 - 2019-02-13 20:05 - 000181496 _____ (Zemana Ltd.) C:\windows\system32\Drivers\zam32.sys
2019-02-13 20:05 - 2019-02-13 20:05 - 000001888 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2019-02-13 20:05 - 2019-02-13 20:05 - 000000000 ____D C:\Users\Žeryk\AppData\Local\Zemana
2019-02-13 20:05 - 2019-02-13 20:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2019-02-13 20:05 - 2019-02-13 20:05 - 000000000 ____D C:\Program Files\Zemana AntiMalware
2019-02-13 19:59 - 2019-02-13 19:59 - 000000000 ____D C:\Users\Žeryk\AppData\Local\PDFC
2019-02-13 19:55 - 2014-02-13 23:59 - 000024064 _____ C:\windows\zoek-delete.exe
2019-02-13 09:35 - 2019-01-27 15:32 - 000348760 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2019-02-13 09:35 - 2019-01-26 01:27 - 020279808 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2019-02-13 09:35 - 2019-01-26 01:18 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2019-02-13 09:35 - 2019-01-26 01:18 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2019-02-13 09:35 - 2019-01-26 01:06 - 000498176 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2019-02-13 09:35 - 2019-01-26 01:06 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2019-02-13 09:35 - 2019-01-26 01:06 - 000047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2019-02-13 09:35 - 2019-01-26 01:05 - 000341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2019-02-13 09:35 - 2019-01-26 01:05 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2019-02-13 09:35 - 2019-01-26 01:03 - 002295808 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2019-02-13 09:35 - 2019-01-26 01:00 - 000047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2019-02-13 09:35 - 2019-01-26 00:59 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2019-02-13 09:35 - 2019-01-26 00:58 - 000476160 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2019-02-13 09:35 - 2019-01-26 00:57 - 000663040 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2019-02-13 09:35 - 2019-01-26 00:57 - 000104960 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2019-02-13 09:35 - 2019-01-26 00:56 - 000620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2019-02-13 09:35 - 2019-01-26 00:56 - 000115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2019-02-13 09:35 - 2019-01-26 00:51 - 000668160 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2019-02-13 09:35 - 2019-01-26 00:48 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2019-02-13 09:35 - 2019-01-26 00:44 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2019-02-13 09:35 - 2019-01-26 00:43 - 000091136 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2019-02-13 09:35 - 2019-01-26 00:43 - 000073216 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2019-02-13 09:35 - 2019-01-26 00:40 - 000168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2019-02-13 09:35 - 2019-01-26 00:40 - 000076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2019-02-13 09:35 - 2019-01-26 00:39 - 000279040 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2019-02-13 09:35 - 2019-01-26 00:37 - 000130048 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2019-02-13 09:35 - 2019-01-26 00:34 - 004494336 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2019-02-13 09:35 - 2019-01-26 00:32 - 000230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2019-02-13 09:35 - 2019-01-26 00:31 - 000696320 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2019-02-13 09:35 - 2019-01-26 00:30 - 002060288 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2019-02-13 09:35 - 2019-01-26 00:30 - 000692224 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2019-02-13 09:35 - 2019-01-26 00:29 - 013680640 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2019-02-13 09:35 - 2019-01-26 00:29 - 001155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2019-02-13 09:35 - 2019-01-26 00:11 - 004386304 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2019-02-13 09:35 - 2019-01-26 00:08 - 001331200 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2019-02-13 09:35 - 2019-01-26 00:06 - 000710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2019-02-13 09:35 - 2019-01-15 07:55 - 000067304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2019-02-13 09:35 - 2019-01-15 07:54 - 000137960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2019-02-13 09:35 - 2019-01-15 07:52 - 001072640 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2019-02-13 09:35 - 2019-01-15 07:52 - 000655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2019-02-13 09:35 - 2019-01-15 07:52 - 000554496 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2019-02-13 09:35 - 2019-01-15 07:52 - 000261120 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2019-02-13 09:35 - 2019-01-15 07:52 - 000254464 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2019-02-13 09:35 - 2019-01-15 07:52 - 000223232 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2019-02-13 09:35 - 2019-01-15 07:52 - 000172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2019-02-13 09:35 - 2019-01-15 07:52 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2019-02-13 09:35 - 2019-01-15 07:52 - 000141312 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2019-02-13 09:35 - 2019-01-15 07:52 - 000099840 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2019-02-13 09:35 - 2019-01-15 07:52 - 000070144 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2019-02-13 09:35 - 2019-01-15 07:52 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2019-02-13 09:35 - 2019-01-15 07:52 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2019-02-13 09:35 - 2019-01-15 07:52 - 000017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2019-02-13 09:35 - 2019-01-15 07:51 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2019-02-13 09:35 - 2019-01-15 07:51 - 000082432 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2019-02-13 09:35 - 2019-01-15 07:33 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2019-02-13 09:35 - 2019-01-15 07:30 - 000226304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2019-02-13 09:35 - 2019-01-15 07:30 - 000126464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2019-02-13 09:35 - 2019-01-15 07:30 - 000098816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2019-02-13 09:35 - 2019-01-15 07:29 - 000036352 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2019-02-13 09:35 - 2019-01-15 07:29 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2019-02-13 09:35 - 2019-01-15 07:29 - 000015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2019-02-13 09:35 - 2019-01-12 03:55 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\mf3216.dll
2019-02-13 09:35 - 2019-01-12 03:55 - 000004608 _____ (Microsoft Corporation) C:\windows\system32\msimg32.dll
2019-02-13 09:35 - 2019-01-12 03:36 - 001311744 _____ (Microsoft Corporation) C:\windows\system32\msjet40.dll
2019-02-13 09:35 - 2019-01-12 03:36 - 000352768 _____ (Microsoft Corporation) C:\windows\system32\msrd3x40.dll
2019-02-13 09:35 - 2019-01-12 03:36 - 000313344 _____ (Microsoft Corporation) C:\windows\system32\msrd2x40.dll
2019-02-13 09:35 - 2019-01-09 03:58 - 004055784 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2019-02-13 09:35 - 2019-01-09 03:58 - 003960552 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2019-02-13 09:35 - 2019-01-09 03:58 - 000189672 _____ (Microsoft Corporation) C:\windows\system32\halmacpi.dll
2019-02-13 09:35 - 2019-01-09 03:58 - 000189672 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2019-02-13 09:35 - 2019-01-09 03:58 - 000136424 _____ (Microsoft Corporation) C:\windows\system32\halacpi.dll
2019-02-13 09:35 - 2019-01-09 03:57 - 001310528 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2019-02-13 09:35 - 2019-01-09 03:55 - 000644096 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2019-02-13 09:35 - 2019-01-09 03:55 - 000400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2019-02-13 09:35 - 2019-01-09 03:55 - 000167936 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2019-02-13 09:35 - 2019-01-09 03:55 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2019-02-13 09:35 - 2019-01-09 03:55 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2019-02-13 09:35 - 2019-01-09 03:55 - 000043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2019-02-13 09:35 - 2019-01-09 03:55 - 000038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2019-02-13 09:35 - 2019-01-09 03:55 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2019-02-13 09:35 - 2019-01-09 03:40 - 000056320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2019-02-13 09:35 - 2019-01-09 03:40 - 000026496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2019-02-13 09:35 - 2019-01-09 03:40 - 000024064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidusb.sys
2019-02-13 09:35 - 2019-01-09 03:37 - 000097792 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2019-02-13 09:35 - 2019-01-09 03:37 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2019-02-13 09:35 - 2019-01-09 03:37 - 000029696 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2019-02-13 09:35 - 2019-01-09 03:37 - 000016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2019-02-13 09:35 - 2019-01-09 03:37 - 000009728 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2019-02-13 09:35 - 2019-01-09 03:36 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2019-02-13 09:35 - 2019-01-09 03:35 - 000262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2019-02-13 09:35 - 2019-01-09 03:34 - 000317440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2019-02-13 09:35 - 2019-01-09 03:34 - 000314368 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2019-02-13 09:35 - 2019-01-09 03:34 - 000117248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2019-02-13 09:35 - 2019-01-09 03:33 - 000069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2019-02-13 09:35 - 2019-01-09 03:33 - 000055296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2019-02-13 09:35 - 2019-01-09 03:33 - 000053760 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2019-02-13 09:35 - 2019-01-09 03:33 - 000053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\viac7.sys
2019-02-13 09:35 - 2019-01-09 03:33 - 000052736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2019-02-13 09:35 - 2019-01-09 03:33 - 000052224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2019-02-13 09:35 - 2019-01-07 18:15 - 002405376 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2019-02-13 09:35 - 2019-01-01 17:01 - 000105192 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2019-02-13 09:35 - 2019-01-01 16:58 - 002368000 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2019-02-13 09:35 - 2019-01-01 16:58 - 000337408 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2019-02-13 09:35 - 2019-01-01 16:58 - 000025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2019-02-13 09:35 - 2019-01-01 16:57 - 001806848 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2019-02-13 09:35 - 2019-01-01 16:57 - 000047104 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2019-02-13 09:35 - 2019-01-01 16:39 - 000073216 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2019-02-13 09:35 - 2018-12-28 20:48 - 001425920 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2019-02-13 09:35 - 2018-12-28 20:48 - 000582144 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2019-02-13 09:35 - 2018-12-28 20:48 - 000380928 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2019-02-13 09:35 - 2018-12-28 20:48 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll
2019-02-13 09:35 - 2018-12-28 20:32 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll
2019-02-13 09:35 - 2018-12-04 16:55 - 000158720 _____ (Microsoft Corporation) C:\windows\system32\itircl.dll
2019-02-13 09:35 - 2018-12-04 16:55 - 000142848 _____ (Microsoft Corporation) C:\windows\system32\itss.dll
2019-02-13 09:35 - 2018-12-02 16:55 - 000527872 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2019-02-12 14:01 - 2019-02-12 14:02 - 000000045 _____ C:\windows\system32\initdebug.nfo
2019-02-12 13:49 - 2019-02-12 18:04 - 000000000 ____D C:\Users\Žeryk\AppData\Roaming\Seznam.cz
2019-02-11 17:05 - 2019-02-11 17:05 - 000000000 ____D C:\ProgramData\RogueKiller
2019-02-11 14:33 - 2019-02-11 14:33 - 000000000 ____D C:\ProgramData\Sophos
2019-02-11 14:32 - 2019-02-11 14:32 - 000002747 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2019-02-11 14:32 - 2019-02-11 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2019-02-11 14:32 - 2019-02-11 14:32 - 000000000 ____D C:\Program Files\Sophos
2019-02-08 11:34 - 2019-02-08 11:34 - 000050688 _____ (Atribune.org) C:\Users\Žeryk\Desktop\ATF-Cleaner.exe
2019-02-08 11:24 - 2019-02-08 11:24 - 000002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-02-08 11:24 - 2019-02-08 11:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-02-08 11:24 - 2019-02-08 11:24 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-02-08 11:24 - 2019-02-08 11:24 - 000000000 ____D C:\Program Files\Malwarebytes
2019-02-08 11:24 - 2019-01-08 15:32 - 000128552 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae.sys
2019-02-06 00:01 - 2019-02-06 00:01 - 000000448 _____ C:\Users\Žeryk\Documents\cc_20190206_000139.reg
2019-01-18 09:33 - 2019-01-18 09:33 - 000001234 _____ C:\Users\Žeryk\Documents\cc_20190118_093354.reg

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-14 15:31 - 2016-07-28 21:14 - 000000000 ____D C:\Users\Žeryk\AppData\Roaming\MPC-HC
2019-02-14 15:31 - 2009-07-14 03:37 - 000000000 ____D C:\windows\inf
2019-02-14 15:07 - 2009-07-14 05:34 - 000019536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-14 15:07 - 2009-07-14 05:34 - 000019536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-14 15:01 - 2010-02-02 06:01 - 000681402 _____ C:\windows\system32\perfh005.dat
2019-02-14 15:01 - 2010-02-02 06:01 - 000145816 _____ C:\windows\system32\perfc005.dat
2019-02-14 15:01 - 2010-02-02 05:26 - 001609684 _____ C:\windows\system32\PerfStringBackup.INI
2019-02-14 14:59 - 2010-02-02 05:40 - 000000000 ____D C:\ProgramData\HPQLOG
2019-02-14 14:58 - 2009-07-14 05:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-02-13 22:43 - 2009-07-14 05:53 - 000032600 _____ C:\windows\Tasks\SCHEDLGU.TXT
2019-02-13 20:07 - 2016-07-27 09:18 - 000000000 ____D C:\Users\Žeryk
2019-02-13 19:52 - 2016-07-28 21:25 - 000000000 ____D C:\Users\Žeryk\AppData\Local\Google
2019-02-13 19:07 - 2016-08-01 10:16 - 000024688 _____ C:\windows\system32\Drivers\truesight.sys
2019-02-13 14:12 - 2018-04-18 17:53 - 000000000 ____D C:\windows\rescache
2019-02-13 13:26 - 2009-07-14 05:33 - 000413968 _____ C:\windows\system32\FNTCACHE.DAT
2019-02-13 13:09 - 2016-08-02 22:06 - 000000000 ____D C:\windows\system32\MRT
2019-02-13 13:06 - 2016-08-02 22:06 - 126228304 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2019-02-10 21:56 - 2016-12-10 09:53 - 000000000 ____D C:\Users\Žeryk\AppData\Roaming\uTorrent
2019-02-10 21:47 - 2016-07-30 15:06 - 000000000 ____D C:\windows\Minidump
2019-02-09 00:12 - 2010-02-02 05:41 - 000000000 ____D C:\ProgramData\PDFC
2019-02-02 23:00 - 2018-10-23 12:23 - 000000000 ____D C:\Users\Žeryk\AppData\Roaming\CENZURA HD
2019-01-25 13:31 - 2018-09-24 22:08 - 000000000 ____D C:\Users\Žeryk\AppData\Local\Deployment

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\dllhost.exe => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-02-12 16:15

==================== End of FRST.txt ============================

Addition log:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-02-2019
Ran by Žeryk (14-02-2019 22:24:17)
Running from C:\Users\Žeryk\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2016-07-27 08:18:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-758666899-2211297156-3181642844-500 - Administrator - Disabled)
Guest (S-1-5-21-758666899-2211297156-3181642844-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-758666899-2211297156-3181642844-1004 - Limited - Enabled)
Žeryk (S-1-5-21-758666899-2211297156-3181642844-1002 - Administrator - Enabled) => C:\Users\Žeryk

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security (Enabled - Out of date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security (Enabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personální firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
ActiveCheck component for HP Active Support Library (HKLM\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Flash Player 31 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Aimersoft Helper Compact 2.5.2 (HKLM\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft)
ArcSoft Webcam Sharing Manager (HKLM\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 1.0.0.26 - ArcSoft)
Asistent pro přihlášení ke službě Windows Live (HKLM\...\{3E62B27C-342F-4B44-9331-CA4BC59A586F}) (Version: 5.000.818.5 - Microsoft Corporation)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{A788EAC0-E8F6-C07E-DD10-2E86CF8229A1}) (Version: 3.0.750.0 - ATI Technologies, Inc.)
ccc-core-static (HKLM\...\{D22F766A-47E0-62E3-0B85-40E1BC2C8D69}) (Version: 2009.1208.2236.40549 - ATI) Hidden
Corel Home Office - CS Templates (HKLM\...\{1A1E33D2-9824-454A-B8CB-50072118635A}) (Version: 5.4.5 - 公司名称) Hidden
Corel Home Office - CT Templates (HKLM\...\{26D19512-874B-4EDA-B7F1-779850B2AD5A}) (Version: 5.4.5 - 您的公司名稱) Hidden
Corel Home Office - IPM (HKLM\...\{39FE455F-9478-451B-9420-73C15143DF8E}) (Version: 5.5 - Corel Corporation) Hidden
Corel Home Office - JP Templates (HKLM\...\{1D11E96F-0405-4B99-8356-5750B1D9FAE9}) (Version: 5.4.5 - 会社名) Hidden
Corel Home Office - KR Templates (HKLM\...\{5746E4F9-77C6-47E8-A737-A5975A57B4AA}) (Version: 5.4.5 - 회사명) Hidden
Corel Home Office - Launcher (HKLM\...\{E74EA3B1-7192-489D-9A57-0AE918FEC001}) (Version: 5.5 - Corel Corporation) Hidden
Corel Home Office - Templates RU (HKLM\...\{F45048A1-12C4-4B08-A3EB-32D88033368A}) (Version: 5.4.5 - Название организации) Hidden
Corel Home Office - Templates1 (HKLM\...\{5017D60D-C0A5-4CC8-8D2F-0BDA1ADF39D0}) (Version: 5.4.5 - Your Company Name) Hidden
Corel Home Office (HKLM\...\_{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}) (Version: 5.0.69.462 - Corel Corporation)
Corel Home Office (HKLM\...\{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}) (Version: 5.5 - Corel Corporation) Hidden
Corel Home Office (HKLM\...\{670234D0-42BE-493E-B3EB-6B5275530461}) (Version: 5.5 - Corel Corporation) Hidden
CrystalDiskInfo 8.0.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.0.0 - Crystal Dew World)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 5.0.1.5 - Hewlett-Packard)
Drive Encryption for HP ProtectTools (HKLM\...\{89D7DD37-5A15-46E0-9C3C-A0004C4F1A38}) (Version: 5.0.4.0 - Hewlett-Packard) Hidden
Drive Encryption for HP ProtectTools (HKLM\...\Drive Encryption) (Version: 5.0.4.0 - Hewlett-Packard)
ESET Smart Security (HKLM\...\{1365F53E-4615-4252-AE38-B33CF5DE3664}) (Version: 9.0.385.1 - ESET, spol. s r.o.)
Face Recognition for HP ProtectTools (HKLM\...\{CB65A1C3-533D-4EA6-82B5-FBA926F19079}) (Version: 2.01.651 - Hewlett-Packard) Hidden
Face Recognition for HP ProtectTools (HKLM\...\InstallShield_{CB65A1C3-533D-4EA6-82B5-FBA926F19079}) (Version: 2.01.651 - Hewlett-Packard)
File Sanitizer For HP ProtectTools (HKLM\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 5.0.1.2 - Hewlett-Packard)
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM\...\{67C090D6-109A-47D7-8DED-4160C4D96F32}) (Version: 4.0.4.1 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM\...\{871732B3-1EE5-4C54-8462-8BFF516880B7}) (Version: 1.0.5.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{0497B553-0E3F-4CCD-BE13-E28F1A54B318}) (Version: 3.5.13.1 - Hewlett-Packard Company)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Power Assistant (HKLM\...\{EEB023B5-8EBE-4BEB-90C8-BDA16ABEDBB4}) (Version: 1.0.3.2 - Hewlett-Packard)
HP Power Data (HKLM\...\{E366F338-BF6E-4165-BDDB-3DCCB3388F9F}) (Version: 1.0.7.77 - Hewlett-Packard)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 5.03.637 - Hewlett-Packard)
HP QuickLook (HKLM\...\{472FFCD7-A6B3-49ED-998F-6B8333D22390}) (Version: 3.2.0.14 - Hewlett-Packard)
HP QuickWeb (HKLM\...\{7861911B-4270-498A-8F7A-FCF0570F485D}) (Version: 1.0.1.53 - DeviceVM, Inc.)
HP Setup (HKLM\...\{1E6219D4-027E-47EE-AB83-DD2F26E31A32}) (Version: 1.2.3557.3169 - Hewlett-Packard)
HP SoftPaq Download Manager (HKLM\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company)
HP Software Framework (HKLM\...\{2712DAD6-C1F7-4295-B06E-17D6DC62EC20}) (Version: 3.5.13.1 - Hewlett-Packard Company)
HP Software Setup (HKLM\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.5 - Hewlett-Packard Company)
HP Support Assistant (HKLM\...\{495A8A3C-8FD0-4C46-9979-95C26181A1AB}) (Version: 4.3.1.2 - Hewlett-Packard)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP User Guides 0189 (HKLM\...\{3BDB9B89-56B5-4953-B052-AEB75FCBFC93}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wallpaper (HKLM\...\{F173C2B3-296F-458C-98FF-1676A42EBA02}) (Version: 1.0.1.3 - Hewlett-Packard Company)
HP Webcam Driver (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50012.0 - Sonix)
HP Wireless Assistant (HKLM\...\{0279C882-B150-44B6-A769-A7C8A2F31CE3}) (Version: 4.0.3.2 - Hewlett-Packard)
HPAsset component for HP Active Support Library (HKLM\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.2.2 - Hewlett-Packard) Hidden
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6261.0 - IDT)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 8 Update 181 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
LightScribe System Software (HKLM\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.7 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
MPC-HC 1.7.10 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10 - MPC-HC Team)
MSGViewer version 1.8 (HKLM\...\{72F0165E-E966-4748-A3F9-8F3765D3345A}_is1) (Version: 1.8 - Redeye Labs)
Nástroj pro odesílání služby Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
PDF Complete Special Edition (HKLM\...\PDF Complete) (Version: 3.5.112 - PDF Complete, Inc)
Pre-Boot Security for HP ProtectTools (HKLM\...\{3513DD3C-7680-4C7C-BF18-BA375D5F4132}) (Version: 5.0.7.1 - Hewlett-Packard) Hidden
Privacy Manager for HP ProtectTools (HKLM\...\{142D2DFA-1FB7-41B9-8509-DAB5F3978CE4}) (Version: 5.01.734 - Hewlett-Packard)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0007 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30109 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype verze 8.15 (HKLM\...\Skype_is1) (Version: 8.15 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.1 - Synaptics Incorporated)
Theft Recovery (HKLM\...\{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}) (Version: 5.1.0.18 - Hewlett-Packard) Hidden
Theft Recovery (HKLM\...\InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}) (Version: 5.1.0.18 - Hewlett-Packard)
Validity Fingerprint Driver (HKLM\...\{5DCBD841-3768-4D3A-8517-65BFB87E05D3}) (Version: 4.0.10.0 - Validity Sensors, Inc.)
Windows 7 Default Setting (HKLM\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.4 - Hewlett-Packard Company)
Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) (HKLM\...\B7541EC5F72AA713F557569278EB6273725F5607) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
CENZURA HD v. 2.9.9.42 (HKLM\...\CENZURA HD_is1) (Version: - YoutubeDownloaderHD.com)
Základní software zařízení HP Deskjet 3540 series (HKLM\...\{F7CDA8AA-403B-4520-84C4-224C7438D66C}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Zemana AntiMalware (HKLM\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-758666899-2211297156-3181642844-1002_Classes\CLSID\{CF4458EA-BFEC-4AD8-8E60-2679D8A01BAE}\InprocServer32 -> C:\windows\system32\kernel32.dll (Microsoft Windows -> Microsoft Corporation)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files\Zemana AntiMalware\ZAMShellExt32.dll [2019-02-13] (Zemana Ltd. -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-05-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-05-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2009-12-09] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files\Zemana AntiMalware\ZAMShellExt32.dll [2019-02-13] (Zemana Ltd. -> )
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-05-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01AC2339-7AD3-4960-A777-C5D58FF57CCD} - System32\Tasks\{05036262-C7FA-4E70-97A5-E9307F833EAA} => C:\windows\system32\pcalua.exe -a C:\Users\Žeryk\Desktop\FreeRapid-0.9u4\FreeRapid-0.9u4\frd.exe -d C:\Users\Žeryk\Desktop\FreeRapid-0.9u4\FreeRapid-0.9u4
Task: {57E2BC85-2EC5-4F06-8BAA-1FC34A7ECCFC} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Windows -> Microsoft Corporation)
Task: {5D227A70-78A3-495C-9E24-312DF38E63CE} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe (Hewlett-Packard -> Hewlett-Packard)
Task: {6220564E-ADEC-4E83-B111-3F23CB302EB6} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe (Hewlett-Packard -> Hewlett-Packard)
Task: {7898852F-8A8C-4092-A26B-2CEFFFE3F97E} - System32\Tasks\{9B99619D-38C3-4423-8EEE-B19267AAF893} => C:\windows\system32\pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller"
Task: {7D9C50F9-27B9-4E2F-921E-D06141F6159F} - System32\Tasks\{58B097F4-0353-40B2-956D-277677E57409} => C:\Program Files\HP\HP Deskjet 3540 series\Bin\HP Deskjet 3540 series.exe (Hewlett Packard -> Hewlett-Packard Co.)
Task: {B981B699-452B-4878-8F51-C502CD4F4ED3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe (Hewlett-Packard Company -> Microsoft)
Task: {F081655A-65B0-49D0-8C72-52BC4D5C2C05} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe (Hewlett-Packard Company -> Microsoft)
Task: {F242E3A1-08A8-499C-AB16-F106F50317C5} - System32\Tasks\Hewlett-Packard\HP Assistant\HPSA Upgrade => C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2009-12-11 20:20 - 2009-12-11 20:20 - 000648464 _____ () C:\windows\system32\SUPSDK.dll
2009-10-29 02:57 - 2009-10-29 02:57 - 000079360 _____ () c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2018-11-20 02:11 - 2018-11-20 02:11 - 004310088 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2019-02-13 20:05 - 2019-02-13 20:05 - 000131952 _____ () C:\Program Files\Zemana AntiMalware\ZAMShellExt32.dll
2009-12-16 23:48 - 2009-12-16 23:48 - 000052280 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HardwareAccess.dll
2009-12-16 23:48 - 2009-12-16 23:48 - 000267832 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HPCommon.XmlSerializers.dll
2009-12-16 23:48 - 2009-12-16 23:48 - 000055352 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\Graphs.dll
2009-06-17 20:40 - 2009-06-17 20:40 - 002121728 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2009-06-17 20:40 - 2009-06-17 20:40 - 007745536 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2009-06-17 20:40 - 2009-06-17 20:40 - 000135168 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2019-02-08 11:24 - 2019-01-24 11:09 - 002236232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2009-06-11 00:30 - 2009-06-11 00:30 - 000098304 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2016-07-27 19:02 - 2016-07-27 19:02 - 000270336 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-12-16 23:51 - 2009-12-16 23:51 - 000030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2009-12-16 23:51 - 2009-12-16 23:51 - 000052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2019-02-13 22:19 - 000000813 _____ C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;c:\Program Files\Hewlett-Packard\Drive Encryption;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-758666899-2211297156-3181642844-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Žeryk\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F967DF88-1F39-4923-9412-114CC9AACDA0}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2285ED65-9D92-4FA7-A149-0719B63611EB}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{CEEF2485-60D8-44DE-BAE8-7C4D6F87D79D}] => (Allow) LPort=5357
FirewallRules: [{EE3DCE2C-E94A-4F38-A23C-A9672BDE5E90}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{6AE90EF6-C050-492C-8118-E6E17831C5E8}C:\users\žeryk\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\žeryk\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.)
FirewallRules: [UDP Query User{0ED9E340-B36D-449E-8EC4-48D5A3D83220}C:\users\žeryk\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\žeryk\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.)
FirewallRules: [{E84E9874-320F-4576-ADC1-BE332E95BC5D}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{62B6E7E7-0264-43CC-93B3-C8EB27DFE98B}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

13-02-2019 22:23:54 End of disinfection

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/14/2019 10:17:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\CrystalDiskInfo\DiskInfo64.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (02/13/2019 11:00:13 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/13/2019 11:00:13 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/13/2019 11:00:13 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/13/2019 11:00:13 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)

Error: (02/13/2019 11:00:12 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/13/2019 11:00:12 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)

Error: (02/13/2019 11:00:12 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (02/14/2019 03:18:34 PM) (Source: DCOM) (EventID: 10016) (User: Žeryk-NB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D3DCB472-7261-43CE-924B-0704BD730D5F}
a APPID
{D3DCB472-7261-43CE-924B-0704BD730D5F}
uživateli Žeryk-NB\Žeryk SID (S-1-5-21-758666899-2211297156-3181642844-1002) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/14/2019 03:18:34 PM) (Source: DCOM) (EventID: 10016) (User: Žeryk-NB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{145B4335-FE2A-4927-A040-7C35AD3180EF}
a APPID
{145B4335-FE2A-4927-A040-7C35AD3180EF}
uživateli Žeryk-NB\Žeryk SID (S-1-5-21-758666899-2211297156-3181642844-1002) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/13/2019 11:00:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/13/2019 11:00:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Search bylo dosaženo časového limitu (30000 ms).

Error: (02/13/2019 11:00:25 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Služba DCOM zjistila chybu %%1053 = Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas. při pokusu o spuštění služby WSearch s argumenty za účelem spuštění serveru:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (02/13/2019 11:00:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (02/13/2019 11:00:13 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.

Error: (02/13/2019 07:52:21 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


Windows Defender:
===================================
Date: 2018-08-07 04:35:17.069
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:1.273.806.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:1.1.15100.1
Kód chyby:0x80070070
Popis chyby:Na disku není dost místa.

CodeIntegrity:
===================================

Date: 2016-09-30 21:35:16.522
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\ZERYK\Programy\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-09-30 21:35:16.476
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\ZERYK\Programy\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-09-30 21:35:16.429
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\ZERYK\Programy\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-09-30 21:35:16.382
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\ZERYK\Programy\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-09-30 21:35:16.335
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\ZERYK\Programy\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-09-30 21:35:16.273
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\ZERYK\Programy\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-09-30 21:35:16.226
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\ZERYK\Programy\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-09-30 21:35:16.164
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\ZERYK\Programy\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
Percentage of memory in use: 58%
Total physical RAM: 2997.88 MB
Available physical RAM: 1253.34 MB
Total Virtual: 5994.12 MB
Available Virtual: 3863.55 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:448.47 GB) (Free:347.53 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.2 GB) FAT32

\\?\Volume{cba762ef-5423-11e6-8ae6-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS
\\?\Volume{cba762f1-5423-11e6-8ae6-806e6f6e6963}\ (HP_RECOVERY) (Fixed) (Total:15 GB) (Free:6.49 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 58054A99)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== End of Addition.txt ============================

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

R0 SafeBoot; C:\Windows\System32\Drivers\SafeBoot.sys [110520 2009-12-16] (CreateFileW function failed -> )

Ten SafeBoot funguje?

AVG PC TuneUp -- jde odinstalovat? Pomocí revo uninstalleru.