prosím o kontrolu logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod jaro3 » 21 čer 2018 21:34

OK..

Ještě tohle:
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Reklama
OTAS
Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod OTAS » 22 čer 2018 12:04

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2018-06-22 12:01:43
-----------------------------
12:01:43.953 OS Version: Windows x64 6.1.7601 Service Pack 1
12:01:43.953 Number of processors: 4 586 0x3A09
12:01:43.954 ComputerName: OTTO-PC UserName: Otto
12:01:45.008 Initialize success
12:01:45.014 VM: initialized successfully
12:01:45.015 VM: Intel CPU BiosDisabled
12:01:57.845 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:01:57.845 Disk 0 Vendor: WDC_WD5000AAKX-00ERMA0 15.01H15 Size: 476940MB BusType: 3
12:01:58.017 Disk 0 MBR read successfully
12:01:58.017 Disk 0 MBR scan
12:01:58.017 Disk 0 Windows 7 default MBR code
12:01:58.017 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
12:01:58.032 Disk 0 Boot: NTFS code=2
12:01:58.032 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
12:01:58.048 Disk 0 scanning C:\Windows\system32\drivers
12:02:09.233 Service scanning
12:02:14.693 Service bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys **LOCKED** 5
12:02:49.091 Modules scanning
12:02:49.091 Disk 0 trace - called modules:
12:02:49.122 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys
12:02:49.122 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004933060]
12:02:49.122 3 CLASSPNP.SYS[fffff88001c1643f] -> nt!IofCallDriver -> [0xfffffa80042d7520]
12:02:49.138 5 ACPI.sys[fffff88000f597a5] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80041e2060]
12:02:49.138 Disk 0 statistics 112722/0/0 @ 4,93 MB/s
12:02:49.138 Scan finished successfully
12:03:19.464 Disk 0 MBR has been saved successfully to "C:\Users\Otto\Desktop\MBR.dat"
12:03:19.574 The log file has been saved successfully to "C:\Users\Otto\Desktop\aswMBR.txt"

OTAS
Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod OTAS » 22 čer 2018 12:56

CrystalDiskInfo log mě nejde zkopírovat tak posílám v příloze obrázek
Přílohy
Výstřižek.PNG 2.PNG
Výstřižek.PNG

OTAS
Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod OTAS » 22 čer 2018 12:57

Udělal jsem ještě defragmentaci disku.

OTAS
Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod OTAS » 22 čer 2018 18:33

Memtest:Test jsem udělal 3x a vždy byl výsledek jako je na obrázku.
Přílohy
Výstřižek.PNG
Výstřižek.PNG (23.65 KiB) Zobrazeno 669 x

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod jaro3 » 22 čer 2018 19:04

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

OTAS
Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod OTAS » 22 čer 2018 21:03

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by Otto (22-06-2018 21:02:10)
Running from C:\Users\Otto\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2017-03-24 17:03:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2781758306-2679381193-3636559717-500 - Administrator - Disabled)
Guest (S-1-5-21-2781758306-2679381193-3636559717-501 - Limited - Disabled)
Otto (S-1-5-21-2781758306-2679381193-3636559717-1000 - Administrator - Enabled) => C:\Users\Otto
UpdatusUser (S-1-5-21-2781758306-2679381193-3636559717-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
FW: Bitdefender Firewall (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DYD Youtube Source (remove only) (HKLM-x32\...\3DYD Youtube Source) (Version: - )
4K Video Downloader 4.3 (HKLM-x32\...\{D0CA3944-0FD5-40FF-97A1-FEDFFB5EE31F}) (Version: 4.3.2.2215 - Open Media LLC)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Aktualizace NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
ANT Drivers Installer x64 (HKLM\...\{0919C970-C55E-4322-AD6E-D561EC8C01EC}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apowersoft Video Konvertor V4.7.2 (HKLM-x32\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.7.2 - APOWERSOFT LIMITED)
Ashampoo Burning Studio 19 (HKLM-x32\...\{91B33C97-BA3F-5C99-C2A6-0EB17CC9054B}_is1) (Version: 19.0.1 - Ashampoo GmbH & Co. KG)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bass Audio Decoder (remove only) (HKLM-x32\...\Bass Audio Decoder) (Version: - )
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.22.1011 - Bitdefender)
Bitdefender Internet Security (HKLM\...\Bitdefender) (Version: 22.0.1.1 - Bitdefender)
Brother MFL-Pro Suite DCP-J105 (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.43 - Piriform)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
CrystalDiskInfo 7.6.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.6.1 - Crystal Dew World)
DCoder Image Source (remove only) (HKLM-x32\...\DCoder Image Source) (Version: - )
DeezLoader 3.0.1 (only current user) (HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\...\8675f592-6f7d-534e-a92f-1cdf755ecc58) (Version: 3.0.1 - ExtendLord)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DirectVobSub (remove only) (HKLM-x32\...\DirectVobSub) (Version: - )
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
Elevated Installer (HKLM-x32\...\{1F3FEA49-536F-455B-BADD-7D35CDB0E92B}) (Version: 6.4.0.0 - Garmin Ltd or its subsidiaries) Hidden
FreeRapid Downloader (HKLM-x32\...\FreeRapid Downloader0.9u4) (Version: 0.9u4 - Vity)
Garmin Express (HKLM-x32\...\{52c2b6dd-5953-4bb1-9ef3-d145973e25e7}) (Version: 6.4.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{BBAAEC8F-33FB-4DBC-A033-0997CD0BE1B2}) (Version: 6.4.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{A336EAA0-135A-4338-B628-BA8DBB3BCA60}) (Version: 6.4.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin POI Loader (HKLM-x32\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.87 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Inpaint 7.2 (HKLM\...\{5808866F-D115-46B2-8123-BB6801968101}_is1) (Version: - Teorex)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
LAV Filters 0.71 (HKLM-x32\...\lavfilters_is1) (Version: 0.71 - Hendrik Leppkes)
MadVR (remove only) (HKLM-x32\...\MadVR) (Version: - )
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{46EA439E-2D16-49B6-AA80-00DE992FE7CE}) (Version: 7601 - Microsoft)
Mozilla Firefox 60.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 60.0.2 (x64 cs)) (Version: 60.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.0.2.6730 - Mozilla)
NVIDIA Ovladače grafiky 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation)
Ovládací panel NVIDIA 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 309.08 - NVIDIA Corporation) Hidden
PhotoInstrument 7.3 (HKLM-x32\...\{5A7A2AED-781B-45DC-AAF6-EAA3A9370C83}}_is1) (Version: - Fatykhov Timur)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Revo Uninstaller Pro 3.2.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.1 - VS Revo Group, Ltd.)
RogueKiller version 12.12.23.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.23.0 - Adlice Software)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VSO ConvertXtoVideo Ultimate 2 (HKLM-x32\...\{{3852A371-F5ED-491A-86C3-998CD0688D4A}_is1) (Version: 2.0.0.88 - VSO Software)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1804.2.61 - ZONER software)
Zoom Player (remove only) (HKLM-x32\...\ZoomPlayer) (Version: 14.1 - Inmatrix LTD)
Zoom Player Czech language (remove only) (HKLM-x32\...\ZoomPlayer_Czech) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => -> No File
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd)
ContextMenuHandlers1: [EzCd] -> [CC]{E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => -> No File
ContextMenuHandlers1: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [EzCd] -> [CC]{E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => -> No File
ContextMenuHandlers4: [ZPShellExt] -> [CC]{ABE00001-0123-ABED-1248-0248ADFA1909} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-01-31] (NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd)
ContextMenuHandlers6: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E0960DD-44DA-481F-8B18-700CEF473EBF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-14] (Google Inc.)
Task: {0F8239F8-9966-4EB7-9B86-9AA2DD01E5A4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_pepper.exe [2018-05-15] (Adobe Systems Incorporated)
Task: {22733134-CCB7-47DB-878B-BF859E3D37A2} - System32\Tasks\CrystalDiskInfo => C:\Program Files (x86)\CrystalDiskInfo\DiskInfo32.exe [2018-06-13] (Crystal Dew World)
Task: {31B09697-86A1-4C6B-81E8-1C1C75245794} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: {3BFF5D86-CC27-4E0B-A19F-FAD822EDB3A7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {577DCECB-2324-4DC9-8097-CBF64700C384} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-05-16] (Bitdefender)
Task: {57BE966A-CCEE-423C-A6B3-5537855E261F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-24] (Piriform Ltd)
Task: {5B5156C3-7F2F-4F16-9397-7D21D6850DB5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-24] (Piriform Ltd)
Task: {639B12E9-0FA0-4798-BFF6-7F119315E56D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-17] (Adobe Systems Incorporated)
Task: {98C2FF7B-60EF-4131-832F-63200909AF06} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe [2018-05-17] (Adobe Systems Incorporated)
Task: {9C1BC15C-96E6-4F3E-AB3E-1777C257F488} - System32\Tasks\{D43AA914-4C04-4A51-BCEB-9D2B1A3A847D} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\DVDFab\uninstall.exe" -d "C:\Program Files (x86)\DVDFab"
Task: {9DFDC742-049D-4220-B697-E124F7FC87E8} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {C3FEDB28-0FA3-48CF-BD97-42B9B381865E} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {D3BFC425-9DC6-47C1-A0CE-44748E4F26F9} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-04-25] ()
Task: {E5D75222-B2EC-45E3-A6C0-52792F15D495} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-14] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-05-08 19:18 - 2018-05-08 19:18 - 000992704 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02551_002\ashttpbr.mdl
2018-05-08 19:18 - 2018-05-08 19:18 - 000543344 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02551_002\ashttpdsp.mdl
2018-05-08 19:18 - 2018-05-08 19:18 - 003228632 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02551_002\ashttpph.mdl
2018-05-08 19:18 - 2018-05-08 19:18 - 001527808 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02551_002\ashttprbl.mdl
2017-03-24 19:46 - 2015-01-31 02:57 - 000086160 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-26 02:12 - 2005-04-22 06:36 - 000143360 ____R () C:\Windows\system32\BrSNMP64.dll
2018-06-14 17:50 - 2018-06-12 07:36 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libglesv2.dll
2018-06-14 17:50 - 2018-06-12 07:36 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:ADAB671B [151]
AlternateDataStreams: C:\Users\Otto\Downloads\iKupon.pdf:BDU [1]
AlternateDataStreams: C:\Users\Otto\Downloads\Přehled stavu pojistné smlouvy (1).pdf:BDU [1]
AlternateDataStreams: C:\Users\Otto\Downloads\Přehled stavu pojistné smlouvy.pdf:BDU [1]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2018-06-22 20:55 - 000000841 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Otto\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: BrHelp => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AEB25413-11C6-47F7-9D58-838C5731CDC5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6B366BD7-1EDC-4330-9B79-59545B3E4F15}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4CEF0E7E-6D09-440C-BF97-702649B8BFAC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F5D17C64-42FC-4842-86EF-758295DD3CBB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{940B0368-E343-417D-90A9-66F16E3669A0}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{13D2238A-F40C-412E-BBBD-74859E2D8017}C:\users\otto\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\otto\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{72F976B0-20B4-40C2-8748-73129E25C2F7}C:\users\otto\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\otto\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{34632808-E6E9-4539-A56A-34BA37EFE731}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
FirewallRules: [{150E5750-8091-4099-90CF-B81B6B684F5D}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
FirewallRules: [TCP Query User{EF5C1776-B958-4424-B8D8-16855E36E570}C:\users\otto\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\otto\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{331EA9A8-7C1B-448C-AA3C-BF082C9330C1}C:\users\otto\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\otto\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{7B2C2B88-DF4D-4A23-B9EF-13C12D012687}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{89855CC8-1A4B-4A59-A56F-ADEF07005C8A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{FAE4F982-5E9C-4465-9D74-0F8CD3B9BA65}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/22/2018 01:34:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program memtest.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1598

Čas spuštění: 01d40a1c5b0f8186

Čas ukončení: 75

Cesta k aplikaci: C:\Users\Otto\AppData\Local\Temp\Rar$EXa5500.17379\memtest.exe

ID hlášení: 29f5fc9f-7610-11e8-85d0-50465d8f71a5

Error: (06/21/2018 09:28:59 PM) (Source: MsiInstaller) (EventID: 11606) (User: Otto-PC)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.

Error: (06/21/2018 09:28:55 PM) (Source: MsiInstaller) (EventID: 11606) (User: Otto-PC)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.

Error: (06/21/2018 09:28:31 PM) (Source: MsiInstaller) (EventID: 11606) (User: Otto-PC)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.

Error: (06/21/2018 09:25:34 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {dd668959-8285-425f-89bb-8d0849f7b80c}

Error: (06/21/2018 11:18:26 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\wbem\wmiprvse.exe; Popis = zoek.exe restore point; Chyba = 0x8007043c).

Error: (06/17/2018 11:19:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WO16.exe verze 16.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1900

Čas spuštění: 01d4061c0a8d15ee

Čas ukončení: 7

Cesta k aplikaci: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\WO16.exe

ID hlášení: 848ee8a0-720f-11e8-8d2b-50465d8f71a5

Error: (06/11/2018 07:38:19 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {7efcd725-f32f-471a-8284-5caf52338756}


System errors:
=============
Error: (06/22/2018 01:32:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Zasílání zpráv o chybách systému Windows bylo dosaženo časového limitu (30000 ms).

Error: (06/21/2018 11:16:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Hostitel zařízení UPnP neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (06/21/2018 11:16:36 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba upnphost se nemohla přihlásit jako NT AUTHORITY\LocalService s aktuálně konfigurovaným heslem z důvodu následující chyby:
Správci zabezpečení účtů (SAM) nebo serveru místní autority zabezpečení (LSA) se nepodařilo provést zabezpečovací operaci.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (06/21/2018 11:16:36 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Služba DCOM zjistila chybu %%1069 = Služba nebyla zahájena, protože se nepodařilo přihlásit. při pokusu o spuštění služby upnphost s argumenty za účelem spuštění serveru:
{204810B9-73B2-11D4-BF42-00B0D0118B56}

Error: (06/21/2018 10:06:24 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (06/21/2018 08:57:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby ZAM Controller Service bylo dosaženo časového limitu (30000 ms).

Error: (06/21/2018 08:44:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (06/21/2018 08:44:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.


CodeIntegrity:
===================================

Date: 2018-06-21 20:25:28.811
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-06-21 20:25:28.718
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-06-21 12:13:10.388
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-06-21 12:13:10.295
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-04-27 20:28:45.408
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-04-27 20:28:45.345
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-04-27 20:28:45.298
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-04-27 20:28:45.236
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz
Percentage of memory in use: 45%
Total physical RAM: 4047.84 MB
Available physical RAM: 2217.03 MB
Total Virtual: 8093.86 MB
Available Virtual: 5406.42 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:308.2 GB) NTFS

\\?\Volume{180fac7c-10b3-11e7-a0d5-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 4965A0C3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

OTAS
Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod OTAS » 22 čer 2018 21:04

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by Otto (administrator) on OTTO-PC (22-06-2018 21:00:23)
Running from C:\Users\Otto\Desktop
Loaded Profiles: Otto (Available Profiles: Otto & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\obkagent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [452032 2018-05-22] (Bitdefender)
HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18364648 2018-05-24] (Piriform Ltd)
HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE [576456 2018-04-05] (ZONER software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{01C3FF8A-351D-4688-A431-728EF9387B19}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2781758306-2679381193-3636559717-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Bitdefender - Portmonka -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2018-05-22] (Bitdefender)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-22] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-22] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: b9u11n5q.default-1512667376818
FF ProfilePath: C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\b9u11n5q.default-1512667376818 [2018-06-22]
FF Homepage: Mozilla\Firefox\Profiles\b9u11n5q.default-1512667376818 -> about:home
FF NewTab: Mozilla\Firefox\Profiles\b9u11n5q.default-1512667376818 -> about:newtab
FF Extension: (Plná Peněženka Lištička) - C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\b9u11n5q.default-1512667376818\Extensions\@plnapenezenkacz-firefox-extension.xpi [2018-06-06]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\b9u11n5q.default-1512667376818\Extensions\cs@dictionaries.addons.mozilla.org [2018-03-25] [Legacy]
FF Extension: (Xmarks Bookmark Sync) - C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\b9u11n5q.default-1512667376818\Extensions\foxmarks@kei.com.xpi [2017-12-07]
FF Extension: (Google Translator for Firefox) - C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\b9u11n5q.default-1512667376818\Extensions\translator@zoli.bod.xpi [2017-12-11]
FF Extension: (Video DownloadHelper) - C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\b9u11n5q.default-1512667376818\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-06-06]
FF Extension: (Adblock Plus) - C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\b9u11n5q.default-1512667376818\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-06-06]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\\bdwteff
FF Extension: (No Name) - C:\Program Files\Bitdefender\Bitdefender 2017\\bdwteff [2017-09-13]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2017-03-09] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-17] ()
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-22] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-17] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR Profile: C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default [2018-06-22]
CHR Extension: (Překladač Google) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-06-21]
CHR Extension: (Prezentace) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-21]
CHR Extension: (Dokumenty) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-21]
CHR Extension: (Disk Google) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-21]
CHR Extension: (YouTube) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-21]
CHR Extension: (uBlock Origin) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-06-21]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2018-06-21]
CHR Extension: (Adobe Acrobat) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-06-21]
CHR Extension: (Tabulky) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-21]
CHR Extension: (Bitdefender Wallet) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2018-06-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-06-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-21]
CHR Extension: (Gmail) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-21]
CHR Extension: (Chrome Media Router) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-21]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2137280 2018-04-18] (Bitdefender)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1194512 2018-04-25] (Garmin Ltd. or its subsidiaries)
S4 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-11-25] () [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1275776 2018-05-16] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [112712 2018-05-22] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1001072 2018-05-22] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 atc; C:\Windows\System32\DRIVERS\atc.sys [1177008 2018-05-22] (BitDefender S.R.L. Bucharest, ROMANIA)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1723552 2018-05-22] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [130840 2018-05-22] (BitDefender LLC)
R2 bdprivmon; C:\Windows\System32\DRIVERS\bdprivmon.sys [45104 2018-05-22] (© Bitdefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [96448 2018-05-22] (BitDefender)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [339808 2017-12-05] (Acronis International GmbH)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [189544 2018-05-22] (BitDefender LLC)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.)
R0 Ignis; C:\Windows\System32\DRIVERS\ignis.sys [191592 2018-05-22] (Bitdefender)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-01-02] (Riverbed Technology, Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1049432 2017-12-05] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [202592 2017-12-05] (Acronis International GmbH)
S3 tnd; C:\Windows\System32\DRIVERS\tnd.sys [581464 2017-12-05] (Acronis International GmbH)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [607640 2018-06-11] (Bitdefender)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [301408 2017-12-05] (Acronis International GmbH)
U3 aswbdisk; no ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
U3 aswMBR; \??\C:\Users\Otto\AppData\Local\Temp\aswMBR.sys [X] <==== ATTENTION
U3 aswVmm; \??\C:\Users\Otto\AppData\Local\Temp\aswVmm.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-22 21:00 - 2018-06-22 21:01 - 000014732 _____ C:\Users\Otto\Desktop\FRST.txt
2018-06-22 21:00 - 2018-06-22 21:00 - 000000000 ____D C:\FRST
2018-06-22 20:58 - 2018-06-22 20:58 - 002412544 _____ (Farbar) C:\Users\Otto\Desktop\FRST64.exe
2018-06-22 13:00 - 2018-06-22 13:00 - 000016850 _____ C:\Users\Otto\Desktop\MemTest.zip
2018-06-22 12:52 - 2018-06-22 12:52 - 000003312 _____ C:\Windows\System32\Tasks\CrystalDiskInfo
2018-06-22 12:06 - 2018-06-22 12:06 - 000001204 _____ C:\Users\Otto\Desktop\CrystalDiskInfo.lnk
2018-06-22 12:06 - 2018-06-22 12:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2018-06-22 12:06 - 2018-06-22 12:06 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2018-06-22 12:05 - 2018-06-22 12:05 - 003950464 _____ (Crystal Dew World ) C:\Users\Otto\Desktop\CrystalDiskInfo7_6_1.exe
2018-06-22 11:58 - 2018-06-22 11:58 - 005200384 _____ (AVAST Software) C:\Users\Otto\Desktop\aswmbr.exe
2018-06-21 12:06 - 2018-06-22 06:54 - 000000000 ___SD C:\ComboFix
2018-06-21 12:06 - 2011-06-26 08:45 - 000256000 _____ C:\Windows\PEV.exe
2018-06-21 12:06 - 2010-11-07 19:20 - 000208896 _____ C:\Windows\MBR.exe
2018-06-21 12:06 - 2009-04-20 06:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2018-06-21 12:06 - 2000-08-31 02:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2018-06-21 12:06 - 2000-08-31 02:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2018-06-21 12:06 - 2000-08-31 02:00 - 000098816 _____ C:\Windows\sed.exe
2018-06-21 12:06 - 2000-08-31 02:00 - 000080412 _____ C:\Windows\grep.exe
2018-06-21 12:06 - 2000-08-31 02:00 - 000068096 _____ C:\Windows\zip.exe
2018-06-21 12:05 - 2018-06-21 20:39 - 000000000 ____D C:\Qoobox
2018-06-21 12:04 - 2018-06-22 06:54 - 000000000 ___SD C:\32788R22FWJFW
2018-06-21 12:04 - 2018-06-21 12:04 - 005660124 ____R (Swearware) C:\Users\Otto\Desktop\ComboFix.exe
2018-06-21 11:45 - 2018-06-21 11:45 - 000000000 ____D C:\Users\Otto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2018-06-21 11:45 - 2018-06-21 11:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2018-06-21 11:45 - 2018-06-21 11:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
2018-06-21 11:45 - 2018-06-21 11:45 - 000000000 ____D C:\Program Files (x86)\Haali
2018-06-21 11:45 - 2018-06-21 11:45 - 000000000 ____D C:\Program Files (x86)\AC3Filter
2018-06-21 11:35 - 2018-06-21 11:35 - 000000000 ____D C:\Users\Otto\AppData\Roaming\QuickScan
2018-06-21 11:26 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2018-06-21 10:59 - 2018-06-21 11:25 - 000000000 ____D C:\zoek_backup
2018-06-21 10:50 - 2018-06-21 10:50 - 002038755 _____ C:\Users\Otto\Desktop\zoek.exe
2018-06-20 19:05 - 2018-06-20 19:05 - 000029810 _____ C:\ProgramData\agent.update.1529514278.bdinstall.bin
2018-06-19 21:51 - 2018-06-19 22:19 - 000000000 ____D C:\ProgramData\RogueKiller
2018-06-19 21:51 - 2018-06-19 21:51 - 000000858 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2018-06-19 21:51 - 2018-06-19 21:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-06-19 21:51 - 2018-06-19 21:51 - 000000000 ____D C:\Program Files\RogueKiller
2018-06-19 20:40 - 2018-06-19 20:42 - 195958672 _____ (Sophos Limited) C:\Users\Otto\Downloads\Sophos Virus Removal Tool (1).exe
2018-06-19 20:33 - 2018-06-19 20:33 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-06-19 20:33 - 2018-06-19 20:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-06-19 20:33 - 2018-05-24 06:55 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-06-19 20:13 - 2018-06-19 20:13 - 001790024 _____ (Malwarebytes) C:\Users\Otto\Desktop\JRT.exe
2018-06-19 00:12 - 2018-06-21 11:13 - 000155458 _____ C:\Windows\ntbtlog.txt
2018-06-18 21:37 - 2018-06-18 21:37 - 000000000 ____D C:\Program Files\Malwarebytes
2018-06-18 21:32 - 2018-06-18 21:33 - 000000000 ____D C:\AdwCleaner
2018-06-17 11:36 - 2018-06-17 11:36 - 000085768 _____ C:\Users\Otto\AppData\Local\GDIPFONTCACHEV1.DAT
2018-06-14 19:29 - 2018-06-14 19:29 - 000002710 _____ C:\Users\Otto\Documents\cc_20180614_192913.reg
2018-06-14 17:50 - 2018-06-14 17:50 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-06-14 17:50 - 2018-06-14 17:50 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-06-14 17:50 - 2018-06-14 17:50 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-14 17:50 - 2018-06-14 17:50 - 000002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-03 14:17 - 2018-06-03 14:17 - 000554151 _____ C:\Users\Otto\Downloads\tabulka-maximalnich-hodnot-plneni-denniho-odskodneho-za-dobu-leceni-urazu-z0023-01-2016 (1).pdf
2018-06-03 13:39 - 2018-06-03 13:39 - 000371443 _____ C:\Users\Otto\Downloads\zaverecna_prace (1).pdf
2018-06-03 13:31 - 2018-06-03 13:31 - 000658663 _____ C:\Users\Otto\Downloads\EOR - Výkonové normy v lesnictví.pdf
2018-05-27 09:20 - 2018-05-27 09:21 - 000447734 _____ C:\Users\Otto\Downloads\ČSPS - Výpis - Penzijní připojištění.pdf
2018-05-25 16:27 - 2018-05-25 16:27 - 001121896 _____ C:\Users\Otto\Downloads\Trefik15_Install.exe
2018-05-25 08:58 - 2018-05-25 08:58 - 000000305 _____ C:\Users\Otto\Downloads\Prodlužka_záruky_ETA_Česká_republika.vcf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-22 12:11 - 2009-07-14 06:45 - 000010288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-06-22 12:11 - 2009-07-14 06:45 - 000010288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-06-22 11:58 - 2017-03-25 17:55 - 000003648 _____ C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2018-06-22 11:55 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-22 06:54 - 2017-04-27 16:56 - 000000000 ____D C:\Windows\erdnt
2018-06-22 06:54 - 2017-03-25 17:53 - 000000000 ____D C:\Program Files\Bitdefender Agent
2018-06-22 06:54 - 2017-03-24 19:46 - 000000000 ____D C:\Users\UpdatusUser
2018-06-22 06:54 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration
2018-06-22 06:54 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-06-21 23:16 - 2018-02-28 20:27 - 000074851 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-06-21 21:27 - 2018-01-02 19:53 - 000000000 ____D C:\Users\Otto\AppData\Local\Zemana
2018-06-21 21:26 - 2018-02-28 20:27 - 000056530 _____ C:\Windows\ZAM.krnl.trace
2018-06-21 21:00 - 2017-12-23 23:06 - 000000000 ____D C:\ProgramData\Zoom Player
2018-06-21 20:56 - 2017-03-24 19:03 - 000000000 ____D C:\Users\Otto
2018-06-21 20:26 - 2009-07-14 04:34 - 082051072 _____ C:\Windows\system32\config\software.bak
2018-06-21 20:26 - 2009-07-14 04:34 - 019660800 _____ C:\Windows\system32\config\system.bak
2018-06-21 20:26 - 2009-07-14 04:34 - 001572864 _____ C:\Windows\system32\config\default.bak
2018-06-21 20:26 - 2009-07-14 04:34 - 000028672 _____ C:\Windows\system32\config\sam.bak
2018-06-21 20:26 - 2009-07-14 04:34 - 000024576 _____ C:\Windows\system32\config\security.bak
2018-06-21 12:11 - 2017-03-30 18:42 - 000000000 ____D C:\ProgramData\TEMP
2018-06-21 11:45 - 2018-03-18 19:31 - 000000000 ____D C:\Program Files (x86)\3DYD Youtube Source
2018-06-21 10:11 - 2017-04-25 13:40 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2018-06-20 21:57 - 2017-03-30 21:10 - 000000000 ____D C:\Users\Otto\AppData\Temp
2018-06-19 20:39 - 2018-04-26 20:57 - 000000000 ____D C:\Windows\System32\Tasks\Macromedia
2018-06-19 20:15 - 2009-07-26 20:41 - 000668542 _____ C:\Windows\system32\perfh005.dat
2018-06-19 20:15 - 2009-07-26 20:41 - 000141202 _____ C:\Windows\system32\perfc005.dat
2018-06-19 20:15 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-19 09:48 - 2017-03-27 20:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2018-06-19 09:48 - 2017-03-27 20:35 - 000000000 ____D C:\Program Files (x86)\Garmin
2018-06-19 09:48 - 2017-03-25 22:03 - 000000000 ____D C:\Users\Otto\AppData\Roaming\uTorrent
2018-06-19 09:48 - 2017-03-25 17:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-19 09:48 - 2017-03-25 17:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-06-19 09:48 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\servicing
2018-06-19 09:48 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-06-19 09:45 - 2017-04-20 18:44 - 000000000 ____D C:\Program Files (x86)\Google
2018-06-19 09:45 - 2017-03-27 20:35 - 000000000 ____D C:\ProgramData\Garmin
2018-06-18 21:37 - 2017-07-19 10:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-06-17 22:07 - 2018-04-22 15:12 - 000000000 ____D C:\Users\Otto\AppData\Roaming\GlarySoft
2018-06-14 19:27 - 2017-03-24 19:33 - 000002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-06-14 17:52 - 2017-03-25 17:41 - 000000000 ____D C:\Users\Otto\AppData\LocalLow\Mozilla
2018-06-11 19:37 - 2017-03-25 17:55 - 000607640 _____ (Bitdefender) C:\Windows\system32\Drivers\trufos.sys
2018-06-11 19:36 - 2017-03-25 22:51 - 000000000 ____D C:\Users\Otto\Documents\Programy
2018-06-09 22:59 - 2017-05-08 13:46 - 000000000 ____D C:\Program Files\Defraggler
2018-06-09 13:49 - 2009-07-14 07:08 - 000032638 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-05-31 13:30 - 2017-03-27 20:34 - 000003556 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
2018-05-30 12:46 - 2017-05-02 16:39 - 000000000 ____D C:\Users\Otto\Documents\ConvertXtoVideo Ultimate
2018-05-29 14:18 - 2017-03-30 20:01 - 000000000 ____D C:\Trefik15
2018-05-28 22:10 - 2017-03-27 20:55 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-05-28 22:08 - 2017-03-27 20:55 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-25 20:23 - 2017-10-28 22:30 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-05-25 20:23 - 2017-03-24 19:33 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-05-25 20:23 - 2017-03-24 19:33 - 000000000 ____D C:\Program Files\CCleaner
2018-05-25 16:42 - 2017-03-30 20:04 - 000000623 _____ C:\Users\Otto\Desktop\Trefík 15 (x64).lnk
2018-05-24 11:49 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache

==================== Files in the root of some directories =======

2017-06-10 17:17 - 2018-04-22 13:53 - 000099384 _____ () C:\Users\Otto\AppData\Roaming\inst.exe
2017-04-14 17:05 - 2018-04-22 13:53 - 000007859 _____ () C:\Users\Otto\AppData\Roaming\pcouffin.cat
2017-04-14 17:05 - 2018-04-22 13:53 - 000001167 _____ () C:\Users\Otto\AppData\Roaming\pcouffin.inf
2017-04-14 17:05 - 2018-04-22 13:53 - 000082816 _____ (VSO Software) C:\Users\Otto\AppData\Roaming\pcouffin.sys
2017-12-17 16:03 - 2017-12-17 16:03 - 000007667 _____ () C:\Users\Otto\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-17 15:48

==================== End of FRST.txt ============================

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod jaro3 » 22 čer 2018 21:27

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => -> No File
ContextMenuHandlers1: [EzCd] -> [CC]{E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => -> No File
ContextMenuHandlers1: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers4: [EzCd] -> [CC]{E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => -> No File
ContextMenuHandlers4: [ZPShellExt] -> [CC]{ABE00001-0123-ABED-1248-0248ADFA1909} => -> No File
ContextMenuHandlers6: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers6: [RUShellExt] -> [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
Task: {0E0960DD-44DA-481F-8B18-700CEF473EBF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-14] (Google Inc.)
Task: {9DFDC742-049D-4220-B697-E124F7FC87E8} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {C3FEDB28-0FA3-48CF-BD97-42B9B381865E} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {E5D75222-B2EC-45E3-A6C0-52792F15D495} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-14] (Google Inc.)
AlternateDataStreams: C:\ProgramData\TEMP:ADAB671B [151]
SearchScopes: HKU\S-1-5-21-2781758306-2679381193-3636559717-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
U3 aswbdisk; no ImagePath
U3 aswMBR; \??\C:\Users\Otto\AppData\Local\Temp\aswMBR.sys [X] <==== ATTENTION
U3 aswVmm; \??\C:\Users\Otto\AppData\Local\Temp\aswVmm.sys [X] <==== ATTENTION
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Otto\AppData\Roaming\inst.exe

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

OTAS
Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod OTAS » 23 čer 2018 17:22

Fix result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by Otto (23-06-2018 17:14:25) Run:1
Running from C:\Users\Otto\Desktop
Loaded Profiles: Otto (Available Profiles: Otto & UpdatusUser)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => -> No File
ContextMenuHandlers1: [EzCd] -> [CC]{E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => -> No File
ContextMenuHandlers1: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers4: [EzCd] -> [CC]{E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => -> No File
ContextMenuHandlers4: [ZPShellExt] -> [CC]{ABE00001-0123-ABED-1248-0248ADFA1909} => -> No File
ContextMenuHandlers6: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers6: [RUShellExt] -> [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
Task: {0E0960DD-44DA-481F-8B18-700CEF473EBF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-14] (Google Inc.)
Task: {9DFDC742-049D-4220-B697-E124F7FC87E8} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {C3FEDB28-0FA3-48CF-BD97-42B9B381865E} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {E5D75222-B2EC-45E3-A6C0-52792F15D495} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-14] (Google Inc.)
AlternateDataStreams: C:\ProgramData\TEMP:ADAB671B [151]
SearchScopes: HKU\S-1-5-21-2781758306-2679381193-3636559717-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
U3 aswbdisk; no ImagePath
U3 aswMBR; \??\C:\Users\Otto\AppData\Local\Temp\aswMBR.sys [X] <==== ATTENTION
U3 aswVmm; \??\C:\Users\Otto\AppData\Local\Temp\aswVmm.sys [X] <==== ATTENTION
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Otto\AppData\Roaming\inst.exe

EmptyTemp:
End

*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\AcronisSyncError" => removed successfully
HKLM\Software\Classes\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\AcronisSyncInProgress" => removed successfully
HKLM\Software\Classes\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\AcronisSyncOk" => removed successfully
HKLM\Software\Classes\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\EzCd" => removed successfully
HKLM\Software\Classes\CLSID\[CC]{E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glary Utilities" => removed successfully
HKLM\Software\Classes\CLSID\[CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR" => removed successfully
HKLM\Software\Classes\CLSID\[CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => not found
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Glary Utilities" => removed successfully
HKLM\Software\Classes\CLSID\[CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\EzCd" => removed successfully
HKLM\Software\Classes\CLSID\[CC]{E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ZPShellExt" => removed successfully
HKLM\Software\Classes\CLSID\[CC]{ABE00001-0123-ABED-1248-0248ADFA1909} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Glary Utilities" => removed successfully
HKLM\Software\Classes\CLSID\[CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\RUShellExt" => removed successfully
HKLM\Software\Classes\CLSID\[CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR" => removed successfully
HKLM\Software\Classes\CLSID\[CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32" => removed successfully
HKLM\Software\Classes\CLSID\[CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0E0960DD-44DA-481F-8B18-700CEF473EBF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E0960DD-44DA-481F-8B18-700CEF473EBF}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9DFDC742-049D-4220-B697-E124F7FC87E8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DFDC742-049D-4220-B697-E124F7FC87E8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3FEDB28-0FA3-48CF-BD97-42B9B381865E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3FEDB28-0FA3-48CF-BD97-42B9B381865E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E5D75222-B2EC-45E3-A6C0-52792F15D495}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5D75222-B2EC-45E3-A6C0-52792F15D495}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\ProgramData\TEMP => ":ADAB671B" ADS removed successfully
"HKU\S-1-5-21-2781758306-2679381193-3636559717-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => removed successfully
HKLM\Software\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => not found
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gannpgaobkkhmpomoijebaigcapoeebl" => removed successfully
"HKLM\System\CurrentControlSet\Services\aswbdisk" => removed successfully
aswbdisk => service removed successfully
aswMBR => service not found.
aswVmm => service not found.
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\Otto\AppData\Roaming\inst.exe => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 3693191 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 36554500 B
Firefox => 229376 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33058 B
systemprofile32 => 91389 B
LocalService => 0 B
NetworkService => 0 B
Otto => 855731 B
UpdatusUser => 0 B

RecycleBin => 0 B
EmptyTemp: => 47.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:16:28 ====

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod jaro3 » 23 čer 2018 19:43

Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

OTAS
Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod OTAS » 24 čer 2018 09:05

Dnes jsem musel zase spustit pc v nouzovém režimu.Včera naběhlo windows normálně a dnes už zase ne.


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 18 hostů