prosím o kontrolu

KamilaS · Příspěvekod **KamilaS** » 20 led 2020 12:31

Informace o kontroly
Název produktu : Zemana AntiMalware
Stav kontroly : Dokončena
Datum kontroly : 20.1.2020 12:28:26
Typ kontroly : Inteligentní kontrola
Čas trvání : 00:00:31
Zkontrolované objekty : 1283
Zjištěné objekty : 6
Vyloučené objekty : 0
Automatické odesílání : Ano
Operační systém : Windows 7 x86
Procesor : 2X Intel(R) Pentium(R) CPU G620 @ 2.60GHz
Režim systému BIOS : Legacy
Informace o doméně : WORKGROUP,False,NetSetupWorkgroupName
CUID : 12A62EB1C4808F5E5A4F4F

Odhalení
MD5 :
Stav : Zkontrolováno
Objekt : c:\users\pak\appdata\roaming\mozilla\firefox\profiles\gwv8564l.default\extensions\{1268dd7d-073e-4bf1-81dc-f1bb0f4f0c2e}.xpi
Vydavatel :
Velikost : 0
Odhalení : HijackExt:FirefoxPlugin/{1268dd7d-073e-4bf1-81dc-f1bb0f4f0c2e}
Akce : Vymazat
-----------------------------------------------------------------------
MD5 :
Stav : Zkontrolováno
Objekt : https://pc-help.cnews.cz/viewtopic.php?f
Vydavatel :
Velikost : 0
Odhalení : Hijack:Browser/FirefoxHomepage
Akce : Vymazat
-----------------------------------------------------------------------
MD5 : 764E5BFE4F72A580068478E6AEEB498A
Stav : Zkontrolováno
Objekt : c:\program files\adobe\acrobat reader dc\reader\air\nppdf32.dll
Vydavatel : Adobe Inc.
Velikost : 267824
Odhalení : Suspicious:SRC!R
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 3FF5D044E56F2DC564F679E1557D25BE
Stav : Zkontrolováno
Objekt : c:\program files\common files\adobe\arm\1.0\armsvc.exe
Vydavatel : Adobe Inc.
Velikost : 88136
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 2D6C4AC99DCFD1F5873F47F4164E8091
Stav : Zkontrolováno
Objekt : c:\program files\bravesoftware\brave-browser\application\79.1.2.43\installer\chrmstp.exe
Vydavatel :
Velikost : 2027008
Odhalení : Suspicious:SRC!R
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : 943A2641F191BB95AFF21AD102517CB8
Stav : Zkontrolováno
Objekt : c:\program files\common files\adobe\acrobat\activex\acropdf.dll
Vydavatel : Adobe Inc.
Velikost : 506416
Odhalení : Suspicious:SRC!R
Akce : Karanténa
-----------------------------------------------------------------------

Reklama

KamilaS · Příspěvekod **KamilaS** » 20 led 2020 12:33

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:33:14, on 20.1.2020
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19326)

FIREFOX: 72.0.1 (x86 en-US)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Windows\system32\conhost.exe
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files\Avira\Antivirus\avgnt.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Avira\Launcher\Avira.Systray.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\PaK\Desktop\léčící software\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O3 - Toolbar: Smart Recovery 2 - {a011d643-4a67-4934-a775-46139847d7f2} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [STCAgent] "C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe"
O4 - HKLM\..\Run: [ZyngaGamesAgent] "C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [Aimersoft Helper Compact.exe] C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
O4 - HKLM\..\RunOnce: [RPMKickstart] C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Unknown owner - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Antivirus\avwebg7.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Služba Aktualizace Brave (brave) (brave) - BraveSoftware Inc. - C:\Program Files\BraveSoftware\Update\BraveUpdate.exe
O23 - Service: Služba Aktualizace Brave (bravem) (bravem) - BraveSoftware Inc. - C:\Program Files\BraveSoftware\Update\BraveUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Splashtop Connect Firefox Software Updater Service (WCUService_STC_FF) - Unknown owner - C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe (file missing)

--
End of file - 6235 bytes

KamilaS · Příspěvekod **KamilaS** » 20 led 2020 12:35

můžu se zeptat, není tam někde v tom vidět, jestli nemám něco špatně nainstalované - shodila jsem si a nainstalovala bez původního cd windowsy a nevím, jestli to nezlobí třeba kvůli nějaké chybě?
děkuju

Příspěvekod **jaro3** » 20 led 2020 18:54

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O4 - HKLM\..\RunOnce: [RPMKickstart] C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe

můžeme zkusit ještě frst.

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

KamilaS · Příspěvekod **KamilaS** » 21 led 2020 09:50

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-01-2020
Ran by PaK (21-01-2020 09:48:10)
Running from C:\Users\PaK\Desktop\léčící software
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2018-11-14 10:57:14)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1058406970-3274726358-2704053483-500 - Administrator - Disabled)
Guest (S-1-5-21-1058406970-3274726358-2704053483-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1058406970-3274726358-2704053483-1002 - Limited - Enabled)
PaK (S-1-5-21-1058406970-3274726358-2704053483-1000 - Administrator - Enabled) => C:\Users\PaK

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.11 - GIGABYTE)
µTorrent (HKLM\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
4K Video Downloader 4.9 (HKLM\...\{66A3F673-6062-4616-94B3-52F0F56E7DB8}) (Version: 4.9.2.3082 - Open Media LLC)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.314 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 32.0.0.314 - Adobe)
Aegisub 3.2.2 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
Aimersoft Helper Compact 2.5.2 (HKLM\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft)
Aktualizace NVIDIA 31.1.10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.1.10.0 - NVIDIA Corporation) Hidden
AutoGreen B10.1021.1 (HKLM\...\{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE) Hidden
AutoGreen B10.1021.1 (HKLM\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
Avira (HKLM\...\{00BC4EC0-D21B-444F-9DF9-51E60BF71EFB}) (Version: 1.2.142.15897 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM\...\{8c081090-e39c-462d-8d04-49136b93ff98}) (Version: 1.2.142.15897 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.1912.1683 - Avira Operations GmbH & Co. KG)
Brave (HKLM\...\BraveSoftware Brave-Browser) (Version: 79.1.2.43 - Autoři prohlížeče Brave)
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
Easy Tune 6 B11.0309.1 (HKLM\...\{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Hidden
Easy Tune 6 B11.0309.1 (HKLM\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
FastStone Image Viewer 6.7 (HKLM\...\FastStone Image Viewer) (Version: 6.7 - FastStone Soft)
FormatFactory 4.9.0.0 (HKLM\...\FormatFactory) (Version: 4.9.0.0 - Free Time)
Free One Click ZIP & RAR Wizard (HKLM\...\Free One Click ZIP & RAR Wizard2.0) (Version: 2.0 - Simply Free Software)
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Icecream PDF Converter verze 2.86 (HKLM\...\{6811A286-E9F4-4035-9738-7721C087E500}_is1) (Version: 2.86 - Icecream Apps)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219.473 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219.473 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.12.25810 (HKLM\...\{7FED75A1-600C-394B-8376-712E2A8861F2}) (Version: 14.12.25810 - Microsoft Corporation)
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.12.25810 (HKLM\...\{828952EB-5572-3666-8CA9-000B6CE79350}) (Version: 14.12.25810 - Microsoft Corporation)
Mozilla Firefox 72.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 72.0.1 (x86 en-US)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.1.7311 - Mozilla)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenOffice 4.1.6 (HKLM\...\{8DADDDBF-EB36-4D00-9291-8C281F1755A6}) (Version: 4.16.9790 - Apache Software Foundation)
Ovládací panel NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
qBittorrent 4.1.9.1 (HKLM\...\qBittorrent) (Version: 4.1.9.1 - The qBittorrent project)
RarZilla Free Unrar (HKLM\...\RarZilla Free Unrar) (Version: 7 - Philipp Winterberg)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6307 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
Skype verze 8.55 (HKLM\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.)
Skype™ 7.41 (HKLM\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 7.41.101 - Skype Technologies S.A.)
Smart 6 B10.1221.1 (HKLM\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Splashtop Connect for Firefox (HKLM\...\{D2BF4F2C-BDF3-41C3-8D38-185F6342EC47}) (Version: 1.1.6.3 - Splashtop Inc.)
Splashtop Connect IE (HKLM\...\{418D77E2-7B60-48F8-B016-30A32699EE74}) (Version: 1.1.10.4 - Splashtop Inc.)
Spotify (HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\...\Spotify) (Version: 1.1.10.540.gfcf0430f - Spotify AB)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VSO Media Player 1.6.19.528 (HKLM\...\{59F1E8E6-60EC-4CC1-8C72-E0F38E585215}_is1) (Version: 1.6.19.528 - VSO Software)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Zemana AntiMalware verze 3.1.495 (HKLM\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.495 - Zemana)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files\Zemana\AntiMalware\AM_ShellExt32.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [CopyToCD] -> {39F0FA09-4451-4477-9D23-4B9ADDEEF838} => C:\Program Files\VSO\common\CTShell.dll [2013-06-05] (VSO-SOFTWARE -> VSO Software SARL)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_106.dll [2019-09-25] (Free Time) [File not signed]
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [CopyToCD] -> {39F0FA09-4451-4477-9D23-4B9ADDEEF838} => C:\Program Files\VSO\common\CTShell.dll [2013-06-05] (VSO-SOFTWARE -> VSO Software SARL)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_106.dll [2019-09-25] (Free Time) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files\Zemana\AntiMalware\AM_ShellExt32.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [CopyToCD] -> {39F0FA09-4451-4477-9D23-4B9ADDEEF838} => C:\Program Files\VSO\common\CTShell.dll [2013-06-05] (VSO-SOFTWARE -> VSO Software SARL)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\PaK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Brave\Youtube to MP3 Converter - MP3 Youtub.._.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\chrome_proxy.exe (Brave Software, Inc.) -> --profile-directory=Default --app-id=kkddhadknoificigicpeboimeknonhjn
ShortcutWithArgument: C:\Users\PaK\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Games.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c "start hxxp://socialgames.splashtop.com/redire ... em=gbbcu01^&os=Windows^&p=H61M-D2-B3^&pv=1.1.10^&v=4^&flv=^&c=1029^&t=d41d8cd98f00b204e9800998ecf8427e^&l=cs-CZ"

==================== Loaded Modules (Whitelisted) =============

2019-11-12 20:23 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\CBSCreateVC.dll
2019-11-12 20:23 - 2016-10-08 17:03 - 001506304 _____ () [File not signed] C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\DAQExp.dll
2018-11-14 12:08 - 2010-11-05 23:50 - 000058880 _____ () [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2019-05-21 17:43 - 2019-05-21 17:43 - 000169984 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1236939c581ddfd4a223ef05a487476b\IsdiInterop.ni.dll
2018-11-14 12:08 - 2010-10-05 20:43 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2018-11-26 19:21 - 2018-05-14 22:34 - 000023040 _____ (Copyright (c) Code Industry Ltd ) [File not signed] C:\Windows\System32\mpelocalmon.dll
2018-11-14 12:13 - 2010-08-05 10:33 - 000166400 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\Smart6\Recovery\RescuePlan.dll
2018-11-14 12:13 - 2010-08-05 10:33 - 000608256 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\Smart6\Recovery\srpCore.dll
2018-11-14 12:13 - 2010-10-19 18:30 - 000249856 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\Smart6\Timelock\BPassDLL.dll
2018-11-14 12:13 - 2009-10-13 16:35 - 000204800 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\Smart6\Timelock\slmDB.dll
2018-11-14 12:13 - 2009-10-13 16:35 - 000122880 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\Smart6\Timelock\slmSecret.dll
2018-11-14 12:13 - 2009-10-13 16:35 - 000110592 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\Smart6\Timelock\slmWeekCtrlRule.dll
2018-11-14 12:13 - 2009-10-13 16:35 - 000155648 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\Smart6\Timelock\SmartLock.dll
2019-05-21 17:43 - 2019-05-21 17:43 - 000014336 _____ (Intel Corp.) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\0c56ff8fdb2ca57486836ef213aa161a\IAStorCommon.ni.dll
2018-11-14 12:08 - 2010-10-05 20:38 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2018-11-14 12:08 - 2010-11-05 23:50 - 000006656 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorDataMgr.resources.dll
2018-11-14 12:08 - 2010-11-05 23:50 - 000032768 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorIcon.resources.dll
2018-11-14 12:08 - 2010-11-05 23:50 - 000004608 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IntelVisualDesign.resources.dll
2018-11-14 12:08 - 2010-11-05 23:50 - 000164864 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUIHelper.dll
2018-11-14 12:08 - 2010-11-05 23:50 - 001109504 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IntelVisualDesign.dll
2018-11-14 12:08 - 2010-11-05 23:46 - 000275456 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI.dll
2019-05-21 17:43 - 2019-05-21 17:43 - 000219136 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\ad816797bbf67310948231ce351ccd44\IAStorDataMgr.ni.dll
2019-05-21 17:43 - 2019-05-21 17:43 - 000475648 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ae6921cb4abb593427cd4cbfbd11cd89\IAStorUtil.ni.dll
2018-03-26 11:58 - 2018-03-26 11:58 - 000112128 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2018-11-23 11:08 - 2018-11-23 11:08 - 000626688 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\MSVCR80.dll
2018-11-20 19:25 - 2018-11-20 19:25 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2018-11-17 17:01 - 2018-03-24 00:05 - 000320032 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr.dll
2019-11-12 20:23 - 2016-10-08 17:04 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2020-01-20 11:54 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PaK\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6C92522A-6825-493A-9F42-804FE785273D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4654F474-B8DE-4129-9F8D-754AE51C06E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2B4D2EDF-B47E-426C-93A3-74236EBC5F90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6F3C5CF9-5D42-49EF-88BC-ED7D74430B80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{603F0336-9B40-41AA-B04F-36733DFB9272}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B73056E2-DDA6-4F27-BD85-B03D2CEA23DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5B2CB128-9F01-42DA-89C4-FC39AEB1D456}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{CA8D5882-9460-49E7-BCDB-68FDD3C24BAA}C:\users\pak\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pak\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{961C8A60-5CD3-4113-96C4-CA5E1FFC21EF}C:\users\pak\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pak\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{9A428622-27B8-4F52-B852-79797BD5F997}C:\users\pak\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\pak\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{7C064A8F-1465-4629-9F38-D1F0BBF5EFAD}C:\users\pak\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\pak\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{95FD47F2-FCC3-49A3-9E00-6B3D929F9F21}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{15A19FD8-00B5-41A4-AD17-BFC3B17F8CFC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{3BE52E95-B99E-49DA-9043-47CFA4A480B4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{B0E80F14-E159-49EA-BB93-B58EAFED2440}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{82A3619B-290E-46AF-8636-82E7DF68D209}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (暇光软件科技（上海）有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{69244321-E1FF-4C0C-BC8D-4F43D38E6316}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (暇光软件科技（上海）有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{D2E16D62-9F1C-4F3A-AF97-38D6160FE340}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [TCP Query User{DF81666F-DE00-478B-B972-DEB9A75ADE73}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{9B67E84E-5B67-4E8A-877D-124E99891F6D}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{2FFB8E6D-80DF-4C9A-9853-E55766F888D7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CA1494AB-3FA1-46FE-B00B-D839A5D8E7E5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{03AC5FEF-EEDC-4402-8F6D-FF134FEE87C8}C:\users\pak\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pak\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{DD21C9B8-63F5-40A6-B2E5-DE1BA62B59C3}C:\users\pak\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pak\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{44400513-633B-4308-A797-78EACC724B65}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{E7A756CD-AE3A-4E5F-BF77-31C2CA9E112E}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (暇光软件科技（上海）有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{A562A199-BE32-4E22-ADDA-8A53C84C236D}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (暇光软件科技（上海）有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{F2A13D48-DE8D-410C-954A-23762E59034F}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{24946401-C4C9-4C1F-8197-054F3644B9B3}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{3C98C992-07A8-4CFD-A02A-8DE354BA7E9A}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (暇光软件科技（上海）有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{3720888C-568E-45D7-8CA3-E49A5D136CC8}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (暇光软件科技（上海）有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{DA7A8AE5-7DF0-44DF-A6AF-588B10018EAC}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{456033DC-A58E-4AE7-9082-4363CE3F0B98}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{2BFA4E40-9406-4565-AEC7-1A5AF1433A1E}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{95404379-3F45-4AA4-A408-D0D141D730F7}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{155F4B55-FD19-4217-B450-CDEEB1B81CA4}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EC523FC0-1A17-486C-8CDF-DE923078C859}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)

==================== Restore Points =========================

04-01-2020 11:32:05 Naplánovaný kontrolní bod
11-01-2020 12:17:12 Naplánovaný kontrolní bod
19-01-2020 12:29:25 JRT Pre-Junkware Removal
19-01-2020 12:33:34 Installed Sophos Virus Removal Tool.
20-01-2020 10:57:07 zoek.exe restore point

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (01/21/2020 09:18:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/20/2020 08:09:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\PaK\Desktop\léčící software\DiskInfo64.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (01/20/2020 12:20:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/20/2020 11:14:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/20/2020 10:57:08 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Parametr není správný.
.

Error: (01/19/2020 07:24:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\PaK\Desktop\léčící software\DiskInfo64.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (01/19/2020 07:09:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 6.1.7601.23403 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 19c8

Čas spuštění: 01d5cef35d5e52e3

Čas ukončení: 31

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: d5256777-3ae6-11ea-a959-1c6f65cf5f6b

Error: (01/19/2020 07:07:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.1.7601.23403 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 770

Čas spuštění: 01d5cebae09d2796

Čas ukončení: 47

Cesta k aplikaci: C:\Windows\Explorer.EXE

ID hlášení: 978252dc-3ae6-11ea-a959-1c6f65cf5f6b

System errors:
=============
Error: (01/21/2020 09:48:59 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (01/21/2020 09:48:59 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (01/21/2020 09:32:59 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (01/21/2020 09:32:59 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (01/21/2020 09:24:58 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (01/21/2020 09:24:58 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (01/21/2020 09:20:58 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (01/21/2020 09:20:58 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F6 ZA 05/26/2011
Motherboard: Gigabyte Technology Co., Ltd. H61M-D2-B3
Processor: Intel(R) Pentium(R) CPU G620 @ 2.60GHz
Percentage of memory in use: 53%
Total physical RAM: 3319.42 MB
Available physical RAM: 1549.84 MB
Total Virtual: 6637.21 MB
Available Virtual: 4242.1 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:699.9 GB) NTFS

\\?\Volume{bab403c5-e7fa-11e8-ac51-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: AF6E1142)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

KamilaS · Příspěvekod **KamilaS** » 21 led 2020 09:50

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-01-2020
Ran by PaK (administrator) on PAK-PC (ATComputers COMFOR BOXER I+) (21-01-2020 09:47:00)
Running from C:\Users\PaK\Desktop\léčící software
Loaded Profiles: PaK (Available Profiles: PaK)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files\BraveSoftware\Update\1.3.99.0\BraveCrashHandler.exe
(Giga-Byte Technology -> Gigabyte Technology CO.) [File not signed] C:\Program Files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe
(Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\SMART6\timelock\AlarmClock.exe
(Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\SMART6\timelock\TimeMgmtDaemon.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NVIDIA Corporation -> Node.js) C:\Program Files\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft) C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [STCAgent] => "C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe"
HKLM\...\Run: [ZyngaGamesAgent] => "C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10025576 2011-02-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [229080 2020-01-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)
HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [1750528 2010-08-24] (Gigabyte Technology CO., LTD.) [File not signed]
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\...\Run: [] => [X]
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\...\Policies\system: [shell] explorer.exe <==== ATTENTION
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\Software\Policies\...\system: [disablecmd] 0
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [26624 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2973184 2016-03-25] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0242A657-E2D3-4A59-A831-0FD6E68C0627} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files\BraveSoftware\Update\BraveUpdate.exe [159368 2019-06-18] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {0EB772BB-465E-4CE9-91F6-904724C941FD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-15] (Adobe Inc. -> Adobe)
Task: {0FA11C0F-50C0-42D2-8545-8F5EDEF8DF52} - System32\Tasks\{ED6F97A0-14F7-4F63-861F-FB5FD1230DFF} => C:\Users\PaK\Desktop\zoek.exe
Task: {194A7AFF-2E53-487A-ACCB-7971ECFD7E9A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1F4EB8D2-05B6-48AB-BA3B-3A6E1657AD6F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {2055EDDB-7E8E-4AC2-8182-0CB94F1ECEFA} - System32\Tasks\{BB1854C4-A8BF-4286-ABCD-6159EF9A455C} => C:\Users\PaK\Desktop\zoek.exe
Task: {23363D22-5826-4737-97EA-751E1A569760} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [554944 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {293D963D-1BE7-4231-AA68-975A19EAE70A} - System32\Tasks\{9D2A46FA-6AD6-48A9-B375-3D366FACDA8F} => C:\Users\PaK\Desktop\zoek.exe
Task: {2AA341A3-8852-44DE-9D9E-4725117919AB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {35F3638A-462F-44A8-A5A8-7E1EBDF6EA73} - System32\Tasks\{E0B05C0C-9B87-443C-8156-1B2D3B4C16E2} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Duplicate Files Finder\uninstall.exe" -d "C:\Program Files\Duplicate Files Finder"
Task: {3C028E5E-7F41-46AC-B266-A904251DF174} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {44B0340C-87EC-4841-B9D5-222D88D65FD5} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {487C9637-DBBB-4884-954B-A8FC862C3E5C} - System32\Tasks\AMHelper => C:\Program Files\Zemana\AntiMalware\AntiMalware.exe [659520 2019-11-04] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {4C7E6AE9-53E4-43B3-9568-3BAA5E5B12B0} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files\Avira\Antivirus\avgnt.exe [2757672 2019-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {4E69D7DD-F799-4B3A-A221-377D1D8D81B0} - System32\Tasks\{E02A8F61-C05A-4C5E-A3A6-3736066049A5} => C:\Users\PaK\Desktop\zoek.exe
Task: {4F62069D-D049-4B94-B70F-9A155B83196E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_314_Plugin.exe [1457720 2020-01-15] (Adobe Inc. -> Adobe)
Task: {7A50E66E-6EFF-4777-ADAF-7C81693AE7F7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {88135125-A28F-45AF-9795-5DA589BB7C0C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {966AFD09-6C2A-48BB-B136-035939A44D48} - System32\Tasks\{8CEF33F8-41F4-49DC-A439-A9E20159AE9E} => C:\Users\PaK\Desktop\zoek.exe
Task: {9785FB06-B2F5-42FC-833F-62E41B47F90D} - System32\Tasks\{02EB4B8E-4CEB-4018-ADA0-C0963D714F44} => C:\Users\PaK\Desktop\zoek.exe
Task: {9A6BE27A-18AF-4CDD-AD46-78BB5266F7C2} - System32\Tasks\{B7450093-7FDE-4374-ACBB-DE9D3287385C} => C:\Users\PaK\Desktop\zoek.exe
Task: {A506C2CF-5343-47A0-B9AD-1B8480FBDEAB} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files\BraveSoftware\Update\BraveUpdate.exe [159368 2019-06-18] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {B2C60060-B36E-4324-B3F5-C7F82699E9ED} - System32\Tasks\{AFCF4D10-BE58-4F93-A404-8DC9BA1B2D57} => C:\Users\PaK\Desktop\zoek.exe
Task: {BCA12C00-8A34-4306-9B78-120D40B66D4F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C8ADE8DC-A04F-44BF-B7E4-D01941412E9C} - System32\Tasks\{FA1EF5CB-A759-4F29-8319-AB3388D6AB9D} => C:\Users\PaK\Desktop\zoek.exe
Task: {D29EEE62-45E3-4ECE-A6E2-9C4C261E6776} - System32\Tasks\{603048A8-B27F-4D03-8F14-65370DF0AE8A} => C:\Users\PaK\Desktop\zoek.exe
Task: {D3CB0874-3F45-4F9B-9D35-4371BE9843FC} - System32\Tasks\{7D26F68D-B406-4AD6-ABA5-6909A49BFB78} => C:\Users\PaK\Desktop\zoek.exe
Task: {E42F1F28-E4D1-410C-87EE-FC9947E522C7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [554944 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E75AE080-D67E-4F40-93FB-88CE9AE68B81} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_314_pepper.exe [1453112 2020-01-15] (Adobe Inc. -> Adobe)
Task: {FDFE28A7-6FE0-4788-B96E-EF09D6CAE5E0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{4646D015-37E7-450E-94B7-370C1808AD96}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000 -> DefaultScope {5688C4ED-E227-4840-9A2B-7AC106EAC299} URL = hxxp://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000 -> {5688C4ED-E227-4840-9A2B-7AC106EAC299} URL = hxxp://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
Toolbar: HKLM - Smart Recovery 2 - {a011d643-4a67-4934-a775-46139847d7f2} - C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: gwv8564l.default
FF ProfilePath: C:\Users\PaK\AppData\Roaming\Mozilla\Firefox\Profiles\gwv8564l.default [2020-01-21]
FF DownloadDir: C:\Users\PaK\Desktop\léčící software
FF NewTab: Mozilla\Firefox\Profiles\gwv8564l.default -> about:newtab
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\PaK\AppData\Roaming\Mozilla\Firefox\Profiles\gwv8564l.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2020-01-15]
FF Extension: (To Google Translate) - C:\Users\PaK\AppData\Roaming\Mozilla\Firefox\Profiles\gwv8564l.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-01-19]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\PaK\AppData\Roaming\Mozilla\Firefox\Profiles\gwv8564l.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2020-01-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_314.dll [2020-01-15] (Adobe Inc. -> )
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-06-18] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-06-18] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [1210168 2019-12-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [484768 2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [484768 2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [567872 2019-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> )
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [614928 2020-01-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 brave; C:\Program Files\BraveSoftware\Update\BraveUpdate.exe [159368 2019-06-18] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files\BraveSoftware\Update\BraveUpdate.exe [159368 2019-06-18] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [5570712 2020-01-18] (Malwarebytes Inc -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Smart TimeLock; C:\Program Files\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2016-03-25] (Microsoft Windows -> Microsoft Corporation)
S2 AdobeARMservice; "C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
S2 WCUService_STC_FF; C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [208824 2020-01-20] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [18544 2011-01-10] (Giga-Byte Technology -> )
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [50728 2019-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [156160 2019-12-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [171568 2019-09-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36688 2019-02-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [60360 2019-02-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [33280 2019-02-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 gdrv; C:\Windows\gdrv.sys [17488 2020-01-21] (Giga-Byte Technology -> Windows (R) 2000 DDK provider)
S3 GVTDrv; C:\Windows\system32\Drivers\GVTDrv.sys [24944 2018-11-17] (GIGA-BYTE TECHNOLOGY CO., LTD -> )
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28608 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [53616 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [51136 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-21 09:46 - 2020-01-21 09:47 - 000000000 ____D C:\FRST
2020-01-20 20:06 - 2020-01-19 20:05 - 000050169 _____ C:\Users\PaK\Desktop\'s Legends of Tomorrow - 05x00 - Crisis on Infinite Earths_ Part Five.sva.srt
2020-01-20 19:58 - 2020-01-20 19:58 - 000032045 _____ C:\Users\PaK\Desktop\dopis pro p.Mikulenkovou.pdf
2020-01-20 19:57 - 2020-01-20 19:57 - 000015466 _____ C:\Users\PaK\Desktop\Bez názvu 1.odt
2020-01-20 19:57 - 2020-01-20 19:57 - 000000000 ____D C:\Users\PaK\AppData\Local\CrashRpt
2020-01-20 12:25 - 2020-01-20 12:29 - 000000000 ____D C:\Users\PaK\AppData\Local\AMSDK
2020-01-20 12:25 - 2020-01-20 12:25 - 000208824 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2020-01-20 12:25 - 2020-01-20 12:25 - 000003458 _____ C:\Windows\system32\Tasks\AMHelper
2020-01-20 12:25 - 2020-01-20 12:25 - 000002000 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-01-20 12:25 - 2020-01-20 12:25 - 000002000 _____ C:\ProgramData\Desktop\Zemana AntiMalware.lnk
2020-01-20 12:25 - 2020-01-20 12:25 - 000000000 ____D C:\Users\PaK\AppData\Local\Zemana
2020-01-20 12:25 - 2020-01-20 12:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-01-20 12:25 - 2020-01-20 12:25 - 000000000 ____D C:\Program Files\Zemana
2020-01-20 12:15 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2020-01-20 10:54 - 2020-01-20 12:09 - 000000000 ____D C:\zoek_backup
2020-01-19 16:21 - 2020-01-19 16:21 - 000000000 ____D C:\Users\PaK\Desktop\Smart
2020-01-19 12:34 - 2020-01-19 12:34 - 000000000 ____D C:\ProgramData\Sophos
2020-01-19 12:33 - 2020-01-19 12:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-01-19 12:33 - 2020-01-19 12:33 - 000000000 ____D C:\Program Files\Sophos
2020-01-19 12:30 - 2020-01-19 12:30 - 000002091 _____ C:\Users\PaK\Desktop\JRT.txt
2020-01-18 14:01 - 2020-01-20 10:39 - 000000000 ____D C:\Users\PaK\AppData\Local\Adobe
2020-01-17 12:16 - 2020-01-17 12:16 - 000000000 ____D C:\Users\PaK\AppData\Local\Aimersoft
2020-01-17 11:59 - 2020-01-19 12:22 - 000000000 ____D C:\AdwCleaner
2020-01-17 11:50 - 2020-01-21 09:47 - 000000000 ____D C:\Users\PaK\Desktop\léčící software
2020-01-16 20:52 - 2020-01-16 20:52 - 000096105 _____ C:\Users\PaK\Downloads\01-mesic-rebelove-piano-reduction.pdf
2020-01-16 14:46 - 2019-05-01 08:10 - 000037888 _____ C:\Users\PaK\Desktop\-životopis.pdf
2020-01-16 13:25 - 2020-01-16 13:25 - 000071346 _____ C:\Users\PaK\Desktop\Curriculum Vitae (January 2020).pdf
2020-01-16 11:59 - 2020-01-16 13:24 - 000019237 _____ C:\Users\PaK\Desktop\Curriculum Vitae (January 2020).odt
2020-01-15 21:51 - 2020-01-15 21:51 - 000021048 _____ C:\Users\PaK\Downloads\129276-arrow-s08e08-[English-subtitles.org].zip
2020-01-15 21:51 - 2020-01-15 12:58 - 000053908 ____N C:\Users\PaK\Downloads\Arrow - 08x08 - Crisis on Infinite Earths_ Part Four.SVA.English.HI.C.orig.Addic7ed.com.srt
2020-01-15 21:50 - 2020-01-15 21:51 - 311080192 _____ C:\Users\PaK\Downloads\Arrow.S08E08.HDTV.x264-SVA.mkv
2020-01-15 20:58 - 2020-01-15 20:59 - 408608749 _____ C:\Users\PaK\Downloads\the.flash.2014.s06e09.web.h264-trump.mkv
2020-01-15 12:41 - 2020-01-15 12:41 - 000388608 _____ (Trend Micro Inc.) C:\Users\PaK\Downloads\HijackThis.exe
2020-01-12 13:20 - 2020-01-12 13:20 - 000402244 _____ C:\Users\PaK\Desktop\Fonetika-pro-uchazeče.pdf
2020-01-09 20:02 - 2020-01-09 20:02 - 000000000 ____D C:\Users\PaK\Downloads\Pooh 1971-1974
2020-01-09 19:35 - 2020-01-09 19:35 - 001200339 _____ C:\Users\PaK\Downloads\Geraldine Corley_protected.pdf
2020-01-09 15:18 - 2020-01-09 15:18 - 000520054 _____ C:\Users\PaK\Downloads\Zpráva_o_stavu_planety_III___Antropocen.tif
2020-01-08 11:15 - 2020-01-08 11:15 - 008059187 _____ C:\Users\PaK\Downloads\brozura-tf-cz-2019.pdf
2020-01-07 20:34 - 2020-01-05 18:27 - 000044825 _____ C:\Users\PaK\Downloads\The.Flash.2014.S06E09.HDTV.x264-PHOENiX.srt
2020-01-07 20:34 - 2020-01-05 18:27 - 000044825 _____ C:\Users\PaK\Downloads\The.Flash.2014.S06E09.Crisis.on.Infinite.Earths.Part.3.REPACK.1080p.AMZN.WEB-DL.DDP5.1.H.264-NTb.srt
2020-01-07 20:34 - 2020-01-05 18:27 - 000044825 _____ C:\Users\PaK\Downloads\The.Flash.2014.S06E09.1080p.WEB.h264-TRUMP.srt
2020-01-07 20:34 - 2020-01-05 18:27 - 000044825 _____ C:\Users\PaK\Downloads\The.Flash.2014.S06E09.1080p.HDTV.x264-CRAVERS.srt
2020-01-07 20:34 - 2019-12-24 18:31 - 000042414 _____ C:\Users\PaK\Downloads\Batwoman S01E09.srt
2020-01-07 20:22 - 2020-01-07 20:22 - 000073421 _____ C:\Users\PaK\Downloads\The.Flash.2014.S06E09.zip
2020-01-06 19:30 - 2020-01-06 19:30 - 001726189 _____ C:\Users\PaK\Downloads\Catherine O'Hara_protected.pdf
2020-01-01 17:58 - 2020-01-01 17:58 - 000000000 ____D C:\Users\PaK\Downloads\Petr Hapka - Panna A Netvor (DVBS-Luco)
2019-12-24 18:32 - 2019-12-24 18:33 - 257456709 _____ C:\Users\PaK\Downloads\Batwoman.S01E09.HDTV.x264-SVA.mkv
2019-12-24 18:31 - 2019-12-24 18:31 - 000018748 _____ C:\Users\PaK\Downloads\Batwoman-S01E09(0000321875).zip
2019-12-24 18:24 - 2019-12-24 18:25 - 737880064 _____ C:\Users\PaK\Downloads\K-PAX - Svět podle Prota.avi
2019-12-24 12:00 - 2019-12-24 12:00 - 000687794 _____ C:\Users\PaK\Downloads\Young, Lucy & Nicholas Family.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-21 09:47 - 2019-06-05 22:41 - 000053017 _____ C:\Windows\ZAM.krnl.trace
2020-01-21 09:42 - 2018-11-14 13:21 - 000000000 ____D C:\Users\PaK\AppData\LocalLow\Mozilla
2020-01-21 09:31 - 2009-07-14 05:34 - 000021968 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-01-21 09:31 - 2009-07-14 05:34 - 000021968 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-01-21 09:19 - 2018-11-14 13:01 - 000017488 _____ (Windows (R) 2000 DDK provider) C:\Windows\gdrv.sys
2020-01-21 09:18 - 2018-11-17 17:00 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-21 09:18 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-20 21:36 - 2018-12-03 18:25 - 000000000 ____D C:\Users\PaK\Documents\ŽIVOTOPISY MAMKA
2020-01-20 20:51 - 2019-02-23 21:08 - 000000000 ____D C:\Users\PaK\AppData\Roaming\vlc
2020-01-20 10:53 - 2019-06-09 15:17 - 000000000 ____D C:\Users\PaK\Desktop\ŽIVOTOPISOVÝ VĚCI
2020-01-19 13:39 - 2019-06-04 18:42 - 000000000 ____D C:\ProgramData\RogueKiller
2020-01-18 19:53 - 2019-11-11 23:12 - 000129056 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2020-01-18 14:08 - 2019-06-18 20:10 - 000002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2020-01-16 10:21 - 2019-06-22 18:09 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-16 10:21 - 2019-05-10 12:12 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2020-01-15 11:40 - 2018-11-23 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-01-15 11:05 - 2019-12-03 17:58 - 000004366 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-01-15 11:05 - 2019-11-18 19:58 - 000004490 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-01-15 11:05 - 2019-05-24 15:55 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2020-01-15 11:05 - 2019-05-24 15:55 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2020-01-15 11:05 - 2019-05-24 15:55 - 000000000 ____D C:\Windows\system32\Macromed
2020-01-15 10:18 - 2019-05-24 15:55 - 000004478 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-14 21:28 - 2018-11-19 11:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-01-09 20:07 - 2019-07-30 10:10 - 000000000 ____D C:\Users\PaK\AppData\Roaming\uTorrent
2020-01-08 12:31 - 2018-11-19 19:23 - 000003268 _____ C:\Windows\system32\Tasks\Avira_Antivirus_Systray
2020-01-03 22:15 - 2019-06-06 10:09 - 000000000 ____D C:\Users\PaK\AppData\Local\CrashDumps
2020-01-03 21:45 - 2018-12-28 13:49 - 000000000 ____D C:\Users\PaK\AppData\Local\Spotify
2020-01-03 21:43 - 2018-12-28 13:49 - 000000000 ____D C:\Users\PaK\AppData\Roaming\Spotify
2019-12-24 19:59 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2019-12-24 11:03 - 2019-01-17 13:12 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories ========

2018-11-14 12:11 - 2018-11-14 12:11 - 000001970 _____ () C:\Program Files\ET6.lnk
2018-11-14 12:13 - 2018-11-14 12:13 - 000000784 _____ () C:\Program Files\smart6.lnk
2019-02-26 15:57 - 2019-02-26 15:57 - 000002292 _____ () C:\Users\PaK\AppData\Roaming\ASSDraw3.cfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2020-01-19 14:22
==================== End of FRST.txt ========================

Příspěvekod **jaro3** » 21 led 2020 18:04

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\...\Policies\system: [shell] explorer.exe <==== ATTENTION
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2973184 2016-03-25] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000 -> DefaultScope {5688C4ED-E227-4840-9A2B-7AC106EAC299} URL = hxxp://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000 -> {5688C4ED-E227-4840-9A2B-7AC106EAC299} URL = hxxp://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
CHR HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Error: (01/19/2020 07:24:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\PaK\Desktop\léčící software\DiskInfo64.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (01/19/2020 07:09:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 6.1.7601.23403 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
Error: (01/21/2020 09:48:59 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (01/21/2020 09:48:59 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Otevření nástroje Prohlížeč událostí
Prohlížeč událostí je upřesňující nástroj zobrazující podrobné informace o významných událostech v počítači. Může pomoci při odstraňování potíží a chyb operačního systému Windows a jiných programů.

Spusťte nástroj Prohlížeč událostí klepnutím na tlačítko Start, klepnutím na příkaz Ovládací panely, klepnutím na položku Systém a údržba, klepnutím na položku Nástroje pro správu a potom poklepáním na položku Prohlížeč událostí. Pokud vás systém vyzve k zadání nebo potvrzení hesla správce, zadejte heslo nebo proveďte potvrzení.
Poznámka
Existuje ještě jeden způsob, jak otevřít Prohlížeč událostí: Klepněte na tlačítko Start. Do pole Hledat napište text Prohlížeč událostí a v seznamu výsledků poklepejte na položku Prohlížeč událostí.

Protokol událostí
Ovládací panely->Nástroje pro správu->Prohlížeč událostí->Protokoly systému Windows->klikni pravým myšítkem na protokol Systém, zvol Uložit všechny události jako a ulož to jako .evtx soubor. Ten upni na http://www.leteckaposta.cz

KamilaS · Příspěvekod **KamilaS** » 22 led 2020 09:39

Fix result of Farbar Recovery Scan Tool (x86) Version: 18-01-2020
Ran by PaK (22-01-2020 09:30:27) Run:1
Running from C:\Users\PaK\Desktop\léčící software
Loaded Profiles: PaK (Available Profiles: PaK)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\...\Policies\system: [shell] explorer.exe <==== ATTENTION
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2973184 2016-03-25] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000 -> DefaultScope {5688C4ED-E227-4840-9A2B-7AC106EAC299} URL = hxxp://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000 -> {5688C4ED-E227-4840-9A2B-7AC106EAC299} URL = hxxp://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
CHR HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
"HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\shell" => removed successfully.
"HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
"HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully.
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5688C4ED-E227-4840-9A2B-7AC106EAC299} => removed successfully.
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\SOFTWARE\Google\Chrome\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo => removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 61538612 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 912 B
Edge => 0 B
Chrome => 0 B
Firefox => 1128892051 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
LocalService => 128 B
NetworkService => 128 B
PaK => 901218 B

RecycleBin => 43429036 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 09:33:41 ====

Příspěvekod **jaro3** » 22 led 2020 17:53

až bude čas podívám se na protol.

ještě:
Memtest 86
http://www.memtest86.com/
klikni vlevo na Free Download , vyber:
ISO image for creating bootable CD (Windows - zip) , stáhni , rozbal , otevři , vypal třeba v programu:
http://www.slunecnice.cz/sw/active-iso-burner/
Vlož do mechaniky a nabootuj z něj.
Test udělej alespoň 8h ( přes noc).

http://www.memtest86.com/download.htm
http://www.eopcservis.cz/jak-otestovat-ram.html
http://www.memtest86.com/download.htm
pro USB:
http://www.memtest86.com/downloads/memt ... sb.img.zip

prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Kdo je online