Zemana AntiMalware:
3x spuštění, vždy vyskočila modrá obrazovka se šklebíkem V počítači došlo k problému a je třeba jej restartovat. Právě shromažďujeme data a restarujeme.
Nebo něco takového.
Prosím o kontrolu a děkuji Vyřešeno
Re: Prosím o kontrolu a děkuji
nový HJT log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:30:23, on 6.9.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\WINDOWS\system32\DllHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x86__kzf8qxf38zg5c\SkypeHost.exe
C:\Windows\System32\smartscreen.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x86__8wekyb3d8bbwe\Video.UI.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.0_x86__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
C:\Program Files\Zemana AntiMalware\ZAM.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Users\Maruška\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Users\Maruška\Downloads\HijackThis.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\splwow64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe" -s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [ZAM] "C:\Program Files\Zemana AntiMalware\ZAM.exe" /minimized
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Maruška\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [AvastBrowserAutoLaunch_B7D18BAEAA6C45B2BFD92EF9BC894536] "C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --onboarding-at-startup
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files\Zemana AntiMalware\ZAM.exe
--
End of file - 6322 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:30:23, on 6.9.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\WINDOWS\system32\DllHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x86__kzf8qxf38zg5c\SkypeHost.exe
C:\Windows\System32\smartscreen.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x86__8wekyb3d8bbwe\Video.UI.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.0_x86__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
C:\Program Files\Zemana AntiMalware\ZAM.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Users\Maruška\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Users\Maruška\Downloads\HijackThis.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\splwow64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe" -s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [ZAM] "C:\Program Files\Zemana AntiMalware\ZAM.exe" /minimized
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Maruška\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [AvastBrowserAutoLaunch_B7D18BAEAA6C45B2BFD92EF9BC894536] "C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --onboarding-at-startup
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files\Zemana AntiMalware\ZAM.exe
--
End of file - 6322 bytes
Re: Prosím o kontrolu a děkuji
a ještě před skenováním HJT vyplivl tuto hlášku - viz příloha
- Přílohy
-
- hjt hláška.pdf
- (209.02 KiB) Staženo 9 x
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43061
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu a děkuji
Zkoušel si Zemana v nouz. režimu?
HJT , to je OK , máš spouštět HJT jako správce.
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt
Další odkazy:
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/
co problémy?
HJT , to je OK , máš spouštět HJT jako správce.
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Kód: Vybrat vše
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt
Další odkazy:
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/
co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu a děkuji
Při pokusu Zemana v nouzovém režimu to napsalo: Zemana AntiMalware currently does not work in Safe Mode.
HJT: fixla jsem, co bylo psáno a poté znovu provedla sken
Položky
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
tam byly znovu.
Log mi smáznul DelFix
DelFix log:
# DelFix v1.013 - Logfile created 07/09/2018 at 20:53:36
# Updated 17/04/2016 by Xplode
# Username : Maruška - PC-AMD
# Operating System : Windows 10 Home (32 bits)
~ Removing disinfection tools ...
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\Maruška\Desktop\AdwCleaner.exe
Deleted : C:\Users\Maruška\Desktop\JRT.exe
Deleted : C:\Users\Maruška\Desktop\hijackthis.log 070918.txt
Deleted : C:\Users\Maruška\Desktop\hijackthis.log 180907.txt
Deleted : C:\Users\Maruška\Desktop\hjt hláška.docx
Deleted : C:\Users\Maruška\Desktop\hjt hláška.pdf
Deleted : C:\Users\Maruška\Desktop\RogueKiller_portable32.exe
Deleted : C:\Users\Maruška\Downloads\HijackThis.exe
Deleted : C:\Users\Maruška\Downloads\hijackthis.log
Deleted : C:\Users\Maruška\Downloads\TFC.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
~ Cleaning system restore ...
Deleted : RP #12 [Naplánovaný kontrolní bod | 08/13/2018 16:01:44]
Deleted : RP #13 [Naplánovaný kontrolní bod | 08/21/2018 18:05:42]
Deleted : RP #14 [Naplánovaný kontrolní bod | 08/30/2018 13:48:48]
Deleted : RP #15 [JRT Pre-Junkware Removal | 09/04/2018 06:31:18]
New restore point created !
########## - EOF - ##########
Co se týká problémů, které jsem popisovala zde
viewtopic.php?f=47&t=201708
to vysleduju, jestli se zlepšilo a případně se ozvu.
1) připadá mi to stejné
2) problém zmizel
ostatní problémy se objevily samy, takže teď nemůžu posoudit, jestli se znovu objeví nebo ne.
Díky M.
HJT: fixla jsem, co bylo psáno a poté znovu provedla sken
Položky
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
tam byly znovu.
Log mi smáznul DelFix
DelFix log:
# DelFix v1.013 - Logfile created 07/09/2018 at 20:53:36
# Updated 17/04/2016 by Xplode
# Username : Maruška - PC-AMD
# Operating System : Windows 10 Home (32 bits)
~ Removing disinfection tools ...
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\Maruška\Desktop\AdwCleaner.exe
Deleted : C:\Users\Maruška\Desktop\JRT.exe
Deleted : C:\Users\Maruška\Desktop\hijackthis.log 070918.txt
Deleted : C:\Users\Maruška\Desktop\hijackthis.log 180907.txt
Deleted : C:\Users\Maruška\Desktop\hjt hláška.docx
Deleted : C:\Users\Maruška\Desktop\hjt hláška.pdf
Deleted : C:\Users\Maruška\Desktop\RogueKiller_portable32.exe
Deleted : C:\Users\Maruška\Downloads\HijackThis.exe
Deleted : C:\Users\Maruška\Downloads\hijackthis.log
Deleted : C:\Users\Maruška\Downloads\TFC.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
~ Cleaning system restore ...
Deleted : RP #12 [Naplánovaný kontrolní bod | 08/13/2018 16:01:44]
Deleted : RP #13 [Naplánovaný kontrolní bod | 08/21/2018 18:05:42]
Deleted : RP #14 [Naplánovaný kontrolní bod | 08/30/2018 13:48:48]
Deleted : RP #15 [JRT Pre-Junkware Removal | 09/04/2018 06:31:18]
New restore point created !
########## - EOF - ##########
Co se týká problémů, které jsem popisovala zde
viewtopic.php?f=47&t=201708
to vysleduju, jestli se zlepšilo a případně se ozvu.
1) připadá mi to stejné
2) problém zmizel
ostatní problémy se objevily samy, takže teď nemůžu posoudit, jestli se znovu objeví nebo ne.
Díky M.
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43061
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu a děkuji
Stáhni si Memtest:
Políčko , ve kterém je napsáno:
All unused RAM , změň na 2048.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.
poklepej na Memtest , pak znovu a znovu , do políček všech Memtestů napiš 2048 , pak dej u všech Memtestů "Start".
Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..
Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Políčko , ve kterém je napsáno:
All unused RAM , změň na 2048.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.
poklepej na Memtest , pak znovu a znovu , do políček všech Memtestů napiš 2048 , pak dej u všech Memtestů "Start".
Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..
Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu a děkuji
Memtest: šlo spustit pouze, když jsem změnila na 1024. Spustila jsem 2x a nechala skoro 4 hodiny s výsledkem 0 chyb. Ve spodním řádku jsem u jedné verze měla 880% a u druhé 1,1 %.
CrystalDiskInfo:
----------------------------------------------------------------------------
CrystalDiskInfo 7.7.0 (C) 2008-2018 hiyohiyo
Crystal Dew World : https://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 10 [10.0 Build 17134] (x86)
Date : 2018/09/09 11:09:43
-- Controller Map ----------------------------------------------------------
+ AMD SATA Controller [ATA]
- TSSTcorp CDDVDW SH-224DB SATA CdRom Device
- WDC WD10 EZEX-00KUWA0 SATA Disk Device
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(1) WDC WD10EZEX-00KUWA0 : 1000,2 GB [0/0/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD10EZEX-00KUWA0
----------------------------------------------------------------------------
Model : WDC WD10EZEX-00KUWA0
Firmware : 15.01H15
Serial Number : WD-WCC1S5392634
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 7079 hod.
Power On Count : 1353 krát
Temperature : 35 C (95 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
Drive Letter : C: D:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 177 174 _21 00000000083C Čas na roztočení ploten
04 _99 _99 __0 00000000054C Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _91 _91 __0 000000001BA7 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 000000000549 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000005 Počet vypnutí disku
C1 200 200 __0 000000000546 Počet cyklů načítání/vymazání
C2 108 102 __0 000000000023 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4331 5335 3339 3236 3334
020: 0000 0000 0000 3135 2E30 3148 3135 5744 4320 5744
030: 3130 455A 4558 2D30 304B 5557 4130 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 970E 0006 0044 0044
080: 01FE 0000 746B 7D61 4123 7469 BC41 4123 407F 003A
090: 003A 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5001 4EE2
110: B39C 16BF 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 30B5 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E0A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 B1 AE 3C 08 00 00 00 00 00 04 32 00 63 63 4C
020: 05 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 5B 5B A7 1B 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 49 05 00 00 00 00 00 C0 32
070: 00 C8 C8 05 00 00 00 00 00 00 C1 32 00 C8 C8 46
080: 05 00 00 00 00 00 C2 22 00 6C 66 23 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 88 2C 01 7B
170: 03 00 01 00 02 7D 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 94
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D
CrystalDiskInfo:
----------------------------------------------------------------------------
CrystalDiskInfo 7.7.0 (C) 2008-2018 hiyohiyo
Crystal Dew World : https://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 10 [10.0 Build 17134] (x86)
Date : 2018/09/09 11:09:43
-- Controller Map ----------------------------------------------------------
+ AMD SATA Controller [ATA]
- TSSTcorp CDDVDW SH-224DB SATA CdRom Device
- WDC WD10 EZEX-00KUWA0 SATA Disk Device
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(1) WDC WD10EZEX-00KUWA0 : 1000,2 GB [0/0/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD10EZEX-00KUWA0
----------------------------------------------------------------------------
Model : WDC WD10EZEX-00KUWA0
Firmware : 15.01H15
Serial Number : WD-WCC1S5392634
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 7079 hod.
Power On Count : 1353 krát
Temperature : 35 C (95 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
Drive Letter : C: D:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 177 174 _21 00000000083C Čas na roztočení ploten
04 _99 _99 __0 00000000054C Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _91 _91 __0 000000001BA7 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 000000000549 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000005 Počet vypnutí disku
C1 200 200 __0 000000000546 Počet cyklů načítání/vymazání
C2 108 102 __0 000000000023 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4331 5335 3339 3236 3334
020: 0000 0000 0000 3135 2E30 3148 3135 5744 4320 5744
030: 3130 455A 4558 2D30 304B 5557 4130 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 970E 0006 0044 0044
080: 01FE 0000 746B 7D61 4123 7469 BC41 4123 407F 003A
090: 003A 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5001 4EE2
110: B39C 16BF 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 30B5 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E0A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 B1 AE 3C 08 00 00 00 00 00 04 32 00 63 63 4C
020: 05 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 5B 5B A7 1B 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 49 05 00 00 00 00 00 C0 32
070: 00 C8 C8 05 00 00 00 00 00 00 C1 32 00 C8 C8 46
080: 05 00 00 00 00 00 C2 22 00 6C 66 23 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 88 2C 01 7B
170: 03 00 01 00 02 7D 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 94
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43061
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu a děkuji
Ještě jednou CDI.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Máš ještě BSOD , modrou smrt?
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Máš ještě BSOD , modrou smrt?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu a děkuji
Včera jsem odpovídala a nejspíš nestiskla odeslat . Aha, tak stiskla a nevšimla si, že odpověď má moc znaků.
Omlouvala jsem se, že jsem odpověděla tak pozdě, bohužel nějak nebyl čas na stahování + skenování FRST. Je to chvilička, ale nedostala jsem se pořádně k PC.
BSOD od té doby, co jsem ji popisovala, už nebyla.
Ani hláška v Chrome, aplikace nebyla řádně ukončena.
Tady jsou logy z FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15.09.2018
Ran by Maruška (administrator) on PC-AMD (15-09-2018 20:53:14)
Running from C:\Users\Maruška\Desktop
Loaded Profiles: Maruška & (Available Profiles: Maruška)
Platform: Microsoft Windows 10 Home Version 1803 17134.285 (X86) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe
(Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(AVAST Software) C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Users\Maruška\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.16.1007.0_x86__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.281_none_8ebbd5a66523d188\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [486816 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [6323928 2013-06-27] (Realtek Semiconductor)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-09-03] (AVAST Software)
HKLM\...\Run: [ZAM] => C:\Program Files\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [13594584 2018-06-24] (Piriform Ltd)
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\Run: [AvastBrowserAutoLaunch_B7D18BAEAA6C45B2BFD92EF9BC894536] => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1727312 2018-08-13] (AVAST Software)
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Maruška\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Maruška\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-2347499873-1906944113-3954040329-1005\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-2347499873-1906944113-3954040329-1005\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{804C0DF9-1727-4099-B10D-7680D0B9E9EE}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-2347499873-1906944113-3954040329-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2347499873-1906944113-3954040329-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR Profile: C:\Users\Maruška\AppData\Local\Google\Chrome\User Data\Default [2018-09-15]
CHR Extension: (Dokumenty) - C:\Users\Maruška\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-06]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Maruška\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-09-09]
CHR Extension: (Avast Online Security) - C:\Users\Maruška\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Maruška\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-06]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Maruška\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-09-09]
CHR Extension: (Chrome Media Router) - C:\Users\Maruška\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-06]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-05-04] (Advanced Micro Devices, Inc.) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6488376 2018-09-03] (AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-03] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-09-03] (AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-03] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-09-03] (AVAST Software)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4753104 2018-05-09] (Malwarebytes)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software) [File not signed]
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [353792 2018-03-19] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3287728 2018-09-06] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [91648 2018-09-06] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [70784 2011-12-12] (Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [34944 2011-12-12] (Advanced Micro Devices)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [167552 2018-09-03] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriverx.sys [188336 2018-09-03] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidshx.sys [164944 2018-09-03] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblogx.sys [284320 2018-09-03] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbunivx.sys [57968 2018-09-03] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [14840 2018-07-01] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [196008 2018-09-03] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [42808 2018-09-03] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [135376 2018-09-11] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [101056 2018-09-03] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [73264 2018-09-03] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [784112 2018-09-03] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [396536 2018-09-05] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [165928 2018-09-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [311328 2018-09-03] (AVAST Software)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [228960 2018-09-04] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_x86_f75c0b1bb78ca832\nvlddmkm.sys [14774384 2017-11-09] (NVIDIA Corporation)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [504832 2018-04-11] (Realtek )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [38904 2018-09-06] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [279592 2018-09-06] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [46120 2018-09-06] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [189952 2018-04-11] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam32.sys [181496 2018-09-06] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard32.sys [181496 2018-09-06] (Zemana Ltd.)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-15 20:53 - 2018-09-15 20:53 - 000000000 ____D C:\Users\Maruška\Desktop\FRST-OlderVersion
2018-09-14 20:23 - 2018-09-14 20:29 - 000037735 _____ C:\Users\Maruška\Desktop\Addition.txt
2018-09-14 20:22 - 2018-09-15 20:53 - 000013950 _____ C:\Users\Maruška\Desktop\FRST.txt
2018-09-14 20:21 - 2018-09-15 20:53 - 000000000 ____D C:\FRST
2018-09-14 20:20 - 2018-09-15 20:53 - 001774080 _____ (Farbar) C:\Users\Maruška\Desktop\FRST.exe
2018-09-13 17:48 - 2018-08-31 05:28 - 006570040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-09-13 17:48 - 2018-08-31 05:21 - 022008320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-09-13 17:48 - 2018-08-31 05:16 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-09-13 17:48 - 2018-08-09 06:09 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-09-13 17:47 - 2018-08-31 08:54 - 001466816 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-09-13 17:47 - 2018-08-31 08:54 - 000458024 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-09-13 17:47 - 2018-08-31 08:53 - 001327504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-09-13 17:47 - 2018-08-31 08:51 - 000316224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-09-13 17:47 - 2018-08-31 08:41 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-09-13 17:47 - 2018-08-31 08:41 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-09-13 17:47 - 2018-08-31 08:41 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2018-09-13 17:47 - 2018-08-31 08:40 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2018-09-13 17:47 - 2018-08-31 08:39 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-09-13 17:47 - 2018-08-31 08:37 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-09-13 17:47 - 2018-08-31 08:37 - 001082880 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-09-13 17:47 - 2018-08-31 08:37 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-09-13 17:47 - 2018-08-31 08:37 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-09-13 17:47 - 2018-08-31 08:37 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-09-13 17:47 - 2018-08-31 08:36 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-09-13 17:47 - 2018-08-31 05:29 - 000622424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-09-13 17:47 - 2018-08-31 05:29 - 000541216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-09-13 17:47 - 2018-08-31 05:29 - 000143656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-09-13 17:47 - 2018-08-31 05:28 - 006686192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-09-13 17:47 - 2018-08-31 05:28 - 006043680 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-09-13 17:47 - 2018-08-31 05:28 - 002354672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-09-13 17:47 - 2018-08-31 05:28 - 002144224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-09-13 17:47 - 2018-08-31 05:28 - 001989496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-09-13 17:47 - 2018-08-31 05:28 - 001514352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-09-13 17:47 - 2018-08-31 05:28 - 001190680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-09-13 17:47 - 2018-08-31 05:28 - 001050672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-09-13 17:47 - 2018-08-31 05:28 - 000950040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-09-13 17:47 - 2018-08-31 05:28 - 000831696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-09-13 17:47 - 2018-08-31 05:28 - 000679816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-09-13 17:47 - 2018-08-31 05:28 - 000453104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpx.dll
2018-09-13 17:47 - 2018-08-31 05:28 - 000135768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2018-09-13 17:47 - 2018-08-31 05:16 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-09-13 17:47 - 2018-08-31 05:14 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-09-13 17:47 - 2018-08-31 05:12 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\netevent.dll
2018-09-13 17:47 - 2018-08-31 05:11 - 003254784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-09-13 17:47 - 2018-08-31 05:11 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-09-13 17:47 - 2018-08-31 05:10 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-09-13 17:47 - 2018-08-31 05:10 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-09-13 17:47 - 2018-08-31 05:10 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-09-13 17:47 - 2018-08-31 05:10 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-09-13 17:47 - 2018-08-31 05:10 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-09-13 17:47 - 2018-08-31 05:10 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-09-13 17:47 - 2018-08-31 05:09 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-09-13 17:47 - 2018-08-31 05:09 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-09-13 17:47 - 2018-08-31 05:09 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-09-13 17:47 - 2018-08-31 05:09 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-09-13 17:47 - 2018-08-31 05:08 - 001173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-09-13 17:47 - 2018-08-31 05:08 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-09-13 17:47 - 2018-08-31 05:07 - 001755136 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-09-13 17:47 - 2018-08-31 05:07 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-09-13 17:47 - 2018-08-31 05:07 - 001414144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-09-13 17:47 - 2018-08-31 05:07 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-09-13 17:47 - 2018-08-31 05:07 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-09-13 17:47 - 2018-08-31 05:07 - 000493056 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-09-13 17:47 - 2018-08-31 05:06 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-09-13 17:47 - 2018-08-31 05:06 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-09-13 17:47 - 2018-08-31 05:06 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-09-13 17:47 - 2018-08-28 07:44 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-09-13 17:47 - 2018-08-28 07:41 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2018-09-13 17:47 - 2018-08-14 04:14 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet40.dll
2018-09-13 17:47 - 2018-08-14 04:14 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msexcl40.dll
2018-09-13 17:47 - 2018-08-09 10:37 - 001363960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-09-13 17:47 - 2018-08-09 10:36 - 000660896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-09-13 17:47 - 2018-08-09 10:36 - 000288104 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-09-13 17:47 - 2018-08-09 10:36 - 000221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-09-13 17:47 - 2018-08-09 10:24 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-09-13 17:47 - 2018-08-09 10:24 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2018-09-13 17:47 - 2018-08-09 10:24 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsExt.dll
2018-09-13 17:47 - 2018-08-09 10:24 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2018-09-13 17:47 - 2018-08-09 10:23 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-09-13 17:47 - 2018-08-09 10:23 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-09-13 17:47 - 2018-08-09 10:23 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollUI.dll
2018-09-13 17:47 - 2018-08-09 10:22 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-09-13 17:47 - 2018-08-09 10:22 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-09-13 17:47 - 2018-08-09 10:22 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-09-13 17:47 - 2018-08-09 10:22 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2018-09-13 17:47 - 2018-08-09 10:22 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-09-13 17:47 - 2018-08-09 10:21 - 002894848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-09-13 17:47 - 2018-08-09 10:21 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-09-13 17:47 - 2018-08-09 10:21 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2018-09-13 17:47 - 2018-08-09 10:21 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-09-13 17:47 - 2018-08-09 10:20 - 002401792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-09-13 17:47 - 2018-08-09 10:20 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-09-13 17:47 - 2018-08-09 10:20 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-09-13 17:47 - 2018-08-09 10:20 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2018-09-13 17:47 - 2018-08-09 10:20 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2018-09-13 17:47 - 2018-08-09 10:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-09-13 17:47 - 2018-08-09 06:40 - 000290088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-09-13 17:47 - 2018-08-09 06:40 - 000187296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-09-13 17:47 - 2018-08-09 06:35 - 000995792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-09-13 17:47 - 2018-08-09 06:35 - 000731760 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2018-09-13 17:47 - 2018-08-09 06:30 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-09-13 17:47 - 2018-08-09 06:30 - 000183992 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-09-13 17:47 - 2018-08-09 06:29 - 002253584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-09-13 17:47 - 2018-08-09 06:29 - 001618280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-09-13 17:47 - 2018-08-09 06:29 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-09-13 17:47 - 2018-08-09 06:29 - 000802200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-09-13 17:47 - 2018-08-09 06:29 - 000099208 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptxml.dll
2018-09-13 17:47 - 2018-08-09 06:13 - 002807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-09-13 17:47 - 2018-08-09 06:13 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-09-13 17:47 - 2018-08-09 06:13 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-09-13 17:47 - 2018-08-09 06:13 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2018-09-13 17:47 - 2018-08-09 06:12 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-09-13 17:47 - 2018-08-09 06:12 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2018-09-13 17:47 - 2018-08-09 06:12 - 000434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-09-13 17:47 - 2018-08-09 06:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2018-09-13 17:47 - 2018-08-09 06:12 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-09-13 17:47 - 2018-08-09 06:11 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-09-13 17:47 - 2018-08-09 06:11 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-09-13 17:47 - 2018-08-09 06:11 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-09-13 17:47 - 2018-08-09 06:11 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2018-09-13 17:47 - 2018-08-09 06:11 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-09-13 17:47 - 2018-08-09 06:11 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-09-13 17:47 - 2018-08-09 06:11 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsAuth.dll
2018-09-13 17:47 - 2018-08-09 06:11 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsCfg.dll
2018-09-13 17:47 - 2018-08-09 06:11 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-09-13 17:47 - 2018-08-09 06:10 - 002893824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2018-09-13 17:47 - 2018-08-09 06:10 - 002412544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-09-13 17:47 - 2018-08-09 06:10 - 001751552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-09-13 17:47 - 2018-08-09 06:10 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-09-13 17:47 - 2018-08-09 06:10 - 000738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-09-13 17:47 - 2018-08-09 06:10 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-09-13 17:47 - 2018-08-09 06:10 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-09-13 17:47 - 2018-08-09 06:09 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-09-13 17:47 - 2018-08-09 06:09 - 001272832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-09-13 17:47 - 2018-08-09 06:08 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2018-09-13 17:47 - 2018-08-09 04:55 - 000806416 _____ C:\WINDOWS\system32\locale.nls
2018-09-09 11:09 - 2018-09-09 11:09 - 000002013 _____ C:\Users\Maruška\Desktop\CrystalDiskInfo.lnk
2018-09-09 11:09 - 2018-09-09 11:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2018-09-09 11:09 - 2018-09-09 11:09 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2018-09-08 20:36 - 2018-09-08 20:36 - 000000000 _____ C:\WINDOWS\system32\last.dump
2018-09-08 19:55 - 2018-09-08 19:55 - 000000000 ____D C:\Users\Maruška\Desktop\MemTest
2018-09-08 19:42 - 2018-09-08 19:42 - 015352536 _____ C:\Users\Maruška\Desktop\CrystalDiskInfo7_7_0.exe
2018-09-08 19:42 - 2018-09-08 19:42 - 000016850 _____ C:\Users\Maruška\Desktop\MemTest.zip
2018-09-07 20:53 - 2018-09-07 20:54 - 000001309 _____ C:\DelFix.txt
2018-09-07 20:45 - 2018-09-07 20:47 - 000000000 ____D C:\Users\Maruška\Downloads\backups
2018-09-07 20:20 - 2018-09-07 20:28 - 000154300 _____ C:\WINDOWS\ntbtlog.txt
2018-09-07 20:20 - 2018-09-07 20:20 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-09-06 22:02 - 2018-09-15 20:53 - 000232039 _____ C:\WINDOWS\ZAM.krnl.trace
2018-09-06 22:02 - 2018-09-15 20:53 - 000211084 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-09-06 22:02 - 2018-09-06 22:02 - 000181496 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard32.sys
2018-09-06 22:02 - 2018-09-06 22:02 - 000181496 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam32.sys
2018-09-06 22:02 - 2018-09-06 22:02 - 000001961 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2018-09-06 22:02 - 2018-09-06 22:02 - 000000000 ____D C:\Users\Maruška\AppData\Local\Zemana
2018-09-06 22:02 - 2018-09-06 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2018-09-06 22:02 - 2018-09-06 22:02 - 000000000 ____D C:\Program Files\Zemana AntiMalware
2018-09-06 21:55 - 2018-09-06 21:55 - 000000000 ____D C:\Users\Maruška\AppData\Local\DBG
2018-09-06 21:54 - 2018-09-06 22:07 - 000000000 ____D C:\Users\Maruška\AppData\Local\AVAST Software
2018-09-06 21:50 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2018-09-06 20:15 - 2018-09-06 20:15 - 006625600 _____ (Zemana Ltd. ) C:\Users\Maruška\Downloads\Zemana.AntiMalware.Setup (1).exe
2018-09-06 20:15 - 2018-09-06 20:15 - 006625600 _____ (Zemana Ltd. ) C:\Users\Maruška\Desktop\Zemana.AntiMalware.Setup.exe
2018-09-06 17:29 - 2018-09-06 17:29 - 000000000 ____D C:\Users\Maruška\Downloads\prilohy_25573
2018-09-06 17:28 - 2018-09-06 17:28 - 000200859 _____ C:\Users\Maruška\Downloads\prilohy_25573.zip
2018-09-04 09:38 - 2018-09-06 16:47 - 000024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-09-04 09:37 - 2018-09-04 10:14 - 000000000 ____D C:\ProgramData\RogueKiller
2018-09-04 08:50 - 2018-09-04 08:50 - 000002763 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2018-09-04 08:50 - 2018-09-04 08:50 - 000000000 ____D C:\ProgramData\Sophos
2018-09-04 08:50 - 2018-09-04 08:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2018-09-04 08:50 - 2018-09-04 08:50 - 000000000 ____D C:\Program Files\Sophos
2018-09-03 21:29 - 2018-09-03 21:29 - 000000000 ____D C:\Users\Maruška\AppData\Local\mbam
2018-09-03 21:28 - 2018-09-04 08:19 - 000228960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-09-03 21:28 - 2018-09-03 21:28 - 000002097 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-09-03 21:28 - 2018-09-03 21:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-09-03 21:28 - 2018-09-03 21:28 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-09-03 21:28 - 2018-09-03 21:28 - 000000000 ____D C:\Program Files\Malwarebytes
2018-09-03 21:28 - 2018-07-12 08:42 - 000129248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae.sys
2018-09-03 21:08 - 2018-09-03 21:08 - 000002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-09-03 21:08 - 2018-09-03 21:08 - 000002485 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-09-03 21:05 - 2018-09-08 19:06 - 000000000 ____D C:\WINDOWS\Minidump
2018-09-03 20:44 - 2018-09-03 20:44 - 000323288 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-09-02 00:28 - 2018-09-02 00:28 - 002545720 _____ (Kaspersky Lab) C:\Users\Maruška\Downloads\kfa19.0.0.1088cs_14125 (1).exe
2018-09-01 11:40 - 2018-09-01 11:40 - 000000000 ____D C:\Users\Maruška\Desktop\stereogram
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-15 20:52 - 2015-12-26 11:39 - 000000000 ____D C:\Users\Maruška\AppData\Roaming\Seznam.cz
2018-09-15 20:49 - 2018-04-11 22:25 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-09-15 20:46 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-15 20:46 - 2018-04-11 22:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-09-14 23:37 - 2013-10-09 20:34 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-14 20:48 - 2018-05-27 18:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-09-14 20:25 - 2018-04-11 22:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-14 20:24 - 2018-05-27 18:14 - 000000000 ____D C:\Users\Maruška\AppData\Local\Packages
2018-09-14 20:23 - 2018-04-11 22:31 - 000000000 ____D C:\WINDOWS\INF
2018-09-14 20:06 - 2018-05-27 18:03 - 000394304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-09-14 20:05 - 2018-05-27 18:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-09-13 18:19 - 2018-04-11 14:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-09-13 18:18 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\TextInput
2018-09-13 18:18 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-09-13 18:18 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-09-13 18:18 - 2018-04-11 14:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-09-12 20:31 - 2018-06-08 12:29 - 000165928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-09-11 21:05 - 2013-10-10 20:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-09-11 21:02 - 2013-10-10 20:03 - 136114104 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-09-11 20:57 - 2018-06-08 12:29 - 000135376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-09-11 20:57 - 2018-05-27 19:55 - 000000000 ___RD C:\Users\Maruška\OneDrive
2018-09-11 20:57 - 2018-05-27 18:08 - 000002433 _____ C:\Users\Maruška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-10 18:47 - 2018-06-08 12:28 - 000000000 ____D C:\Program Files\CCleaner
2018-09-09 07:18 - 2018-05-27 18:08 - 000000000 ____D C:\Users\UpdatusUser.PC-AMD
2018-09-09 07:17 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-09-08 21:49 - 2018-05-27 18:08 - 000000000 ____D C:\Users\Maruška
2018-09-07 20:56 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-09-06 22:31 - 2018-05-27 18:07 - 000006404 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-09-06 22:31 - 2018-04-12 06:53 - 000776458 _____ C:\WINDOWS\system32\perfh005.dat
2018-09-06 22:31 - 2018-04-12 06:53 - 000172992 _____ C:\WINDOWS\system32\perfc005.dat
2018-09-06 21:37 - 2009-07-14 04:37 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-09-06 20:31 - 2018-05-27 18:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-09-06 20:21 - 2013-10-09 20:10 - 000480888 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-09-05 14:27 - 2018-06-08 12:29 - 000396536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-09-05 01:04 - 2018-04-11 22:39 - 000835144 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2018-09-05 01:04 - 2018-04-11 22:39 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2018-09-04 10:22 - 2013-10-11 20:19 - 000000000 ____D C:\Users\Maruška\Desktop\Instalátory
2018-09-04 08:17 - 2013-10-11 18:18 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-04 08:17 - 2013-10-11 18:18 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-09-03 21:08 - 2018-06-08 12:28 - 000000000 ____D C:\Program Files\AVAST Software
2018-09-03 20:44 - 2018-06-08 12:29 - 000784112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-09-03 20:44 - 2018-06-08 12:29 - 000311328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-09-03 20:44 - 2018-06-08 12:29 - 000284320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblogx.sys
2018-09-03 20:44 - 2018-06-08 12:29 - 000196008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-09-03 20:44 - 2018-06-08 12:29 - 000188336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriverx.sys
2018-09-03 20:44 - 2018-06-08 12:29 - 000167552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-09-03 20:44 - 2018-06-08 12:29 - 000164944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidshx.sys
2018-09-03 20:44 - 2018-06-08 12:29 - 000101056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-09-03 20:44 - 2018-06-08 12:29 - 000073264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-09-03 20:44 - 2018-06-08 12:29 - 000057968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbunivx.sys
2018-09-03 20:44 - 2018-06-08 12:29 - 000042808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-09-03 20:44 - 2018-04-11 22:36 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-09-02 00:29 - 2018-07-15 11:24 - 000000000 ____D C:\Users\Maruška\AppData\Local\CrashDumps
2018-08-19 14:06 - 2013-10-09 20:10 - 000090688 _____ C:\Users\Maruška\AppData\Local\GDIPFONTCACHEV1.DAT
2018-08-16 18:01 - 2015-11-09 20:46 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories =======
2013-10-13 18:47 - 2013-10-13 18:46 - 000098534 _____ () C:\Users\Maruška\AppData\Roaming\7go.ico
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-27 18:03
==================== End of FRST.txt ============================
Omlouvala jsem se, že jsem odpověděla tak pozdě, bohužel nějak nebyl čas na stahování + skenování FRST. Je to chvilička, ale nedostala jsem se pořádně k PC.
BSOD od té doby, co jsem ji popisovala, už nebyla.
Ani hláška v Chrome, aplikace nebyla řádně ukončena.
Tady jsou logy z FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15.09.2018
Ran by Maruška (administrator) on PC-AMD (15-09-2018 20:53:14)
Running from C:\Users\Maruška\Desktop
Loaded Profiles: Maruška & (Available Profiles: Maruška)
Platform: Microsoft Windows 10 Home Version 1803 17134.285 (X86) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe
(Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(AVAST Software) C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Users\Maruška\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.16.1007.0_x86__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.281_none_8ebbd5a66523d188\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [486816 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [6323928 2013-06-27] (Realtek Semiconductor)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-09-03] (AVAST Software)
HKLM\...\Run: [ZAM] => C:\Program Files\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [13594584 2018-06-24] (Piriform Ltd)
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\Run: [AvastBrowserAutoLaunch_B7D18BAEAA6C45B2BFD92EF9BC894536] => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1727312 2018-08-13] (AVAST Software)
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Maruška\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Maruška\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-2347499873-1906944113-3954040329-1005\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-2347499873-1906944113-3954040329-1005\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{804C0DF9-1727-4099-B10D-7680D0B9E9EE}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-2347499873-1906944113-3954040329-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2347499873-1906944113-3954040329-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR Profile: C:\Users\Maruška\AppData\Local\Google\Chrome\User Data\Default [2018-09-15]
CHR Extension: (Dokumenty) - C:\Users\Maruška\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-06]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Maruška\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-09-09]
CHR Extension: (Avast Online Security) - C:\Users\Maruška\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Maruška\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-06]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Maruška\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-09-09]
CHR Extension: (Chrome Media Router) - C:\Users\Maruška\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-06]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-05-04] (Advanced Micro Devices, Inc.) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6488376 2018-09-03] (AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-03] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-09-03] (AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-03] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-09-03] (AVAST Software)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4753104 2018-05-09] (Malwarebytes)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software) [File not signed]
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [353792 2018-03-19] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3287728 2018-09-06] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [91648 2018-09-06] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [70784 2011-12-12] (Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [34944 2011-12-12] (Advanced Micro Devices)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [167552 2018-09-03] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriverx.sys [188336 2018-09-03] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidshx.sys [164944 2018-09-03] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblogx.sys [284320 2018-09-03] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbunivx.sys [57968 2018-09-03] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [14840 2018-07-01] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [196008 2018-09-03] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [42808 2018-09-03] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [135376 2018-09-11] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [101056 2018-09-03] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [73264 2018-09-03] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [784112 2018-09-03] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [396536 2018-09-05] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [165928 2018-09-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [311328 2018-09-03] (AVAST Software)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [228960 2018-09-04] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_x86_f75c0b1bb78ca832\nvlddmkm.sys [14774384 2017-11-09] (NVIDIA Corporation)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [504832 2018-04-11] (Realtek )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [38904 2018-09-06] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [279592 2018-09-06] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [46120 2018-09-06] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [189952 2018-04-11] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam32.sys [181496 2018-09-06] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard32.sys [181496 2018-09-06] (Zemana Ltd.)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-15 20:53 - 2018-09-15 20:53 - 000000000 ____D C:\Users\Maruška\Desktop\FRST-OlderVersion
2018-09-14 20:23 - 2018-09-14 20:29 - 000037735 _____ C:\Users\Maruška\Desktop\Addition.txt
2018-09-14 20:22 - 2018-09-15 20:53 - 000013950 _____ C:\Users\Maruška\Desktop\FRST.txt
2018-09-14 20:21 - 2018-09-15 20:53 - 000000000 ____D C:\FRST
2018-09-14 20:20 - 2018-09-15 20:53 - 001774080 _____ (Farbar) C:\Users\Maruška\Desktop\FRST.exe
2018-09-13 17:48 - 2018-08-31 05:28 - 006570040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-09-13 17:48 - 2018-08-31 05:21 - 022008320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-09-13 17:48 - 2018-08-31 05:16 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-09-13 17:48 - 2018-08-09 06:09 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-09-13 17:47 - 2018-08-31 08:54 - 001466816 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-09-13 17:47 - 2018-08-31 08:54 - 000458024 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-09-13 17:47 - 2018-08-31 08:53 - 001327504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-09-13 17:47 - 2018-08-31 08:51 - 000316224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-09-13 17:47 - 2018-08-31 08:41 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-09-13 17:47 - 2018-08-31 08:41 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-09-13 17:47 - 2018-08-31 08:41 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2018-09-13 17:47 - 2018-08-31 08:40 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2018-09-13 17:47 - 2018-08-31 08:39 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-09-13 17:47 - 2018-08-31 08:37 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-09-13 17:47 - 2018-08-31 08:37 - 001082880 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-09-13 17:47 - 2018-08-31 08:37 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-09-13 17:47 - 2018-08-31 08:37 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-09-13 17:47 - 2018-08-31 08:37 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-09-13 17:47 - 2018-08-31 08:36 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-09-13 17:47 - 2018-08-31 05:29 - 000622424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-09-13 17:47 - 2018-08-31 05:29 - 000541216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-09-13 17:47 - 2018-08-31 05:29 - 000143656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-09-13 17:47 - 2018-08-31 05:28 - 006686192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-09-13 17:47 - 2018-08-31 05:28 - 006043680 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-09-13 17:47 - 2018-08-31 05:28 - 002354672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-09-13 17:47 - 2018-08-31 05:28 - 002144224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-09-13 17:47 - 2018-08-31 05:28 - 001989496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-09-13 17:47 - 2018-08-31 05:28 - 001514352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-09-13 17:47 - 2018-08-31 05:28 - 001190680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-09-13 17:47 - 2018-08-31 05:28 - 001050672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-09-13 17:47 - 2018-08-31 05:28 - 000950040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-09-13 17:47 - 2018-08-31 05:28 - 000831696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-09-13 17:47 - 2018-08-31 05:28 - 000679816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-09-13 17:47 - 2018-08-31 05:28 - 000453104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpx.dll
2018-09-13 17:47 - 2018-08-31 05:28 - 000135768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2018-09-13 17:47 - 2018-08-31 05:16 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-09-13 17:47 - 2018-08-31 05:14 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-09-13 17:47 - 2018-08-31 05:12 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\netevent.dll
2018-09-13 17:47 - 2018-08-31 05:11 - 003254784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-09-13 17:47 - 2018-08-31 05:11 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-09-13 17:47 - 2018-08-31 05:10 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-09-13 17:47 - 2018-08-31 05:10 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-09-13 17:47 - 2018-08-31 05:10 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-09-13 17:47 - 2018-08-31 05:10 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-09-13 17:47 - 2018-08-31 05:10 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-09-13 17:47 - 2018-08-31 05:10 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-09-13 17:47 - 2018-08-31 05:09 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-09-13 17:47 - 2018-08-31 05:09 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-09-13 17:47 - 2018-08-31 05:09 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-09-13 17:47 - 2018-08-31 05:09 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-09-13 17:47 - 2018-08-31 05:08 - 001173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-09-13 17:47 - 2018-08-31 05:08 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-09-13 17:47 - 2018-08-31 05:07 - 001755136 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-09-13 17:47 - 2018-08-31 05:07 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-09-13 17:47 - 2018-08-31 05:07 - 001414144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-09-13 17:47 - 2018-08-31 05:07 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-09-13 17:47 - 2018-08-31 05:07 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-09-13 17:47 - 2018-08-31 05:07 - 000493056 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-09-13 17:47 - 2018-08-31 05:06 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-09-13 17:47 - 2018-08-31 05:06 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-09-13 17:47 - 2018-08-31 05:06 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-09-13 17:47 - 2018-08-28 07:44 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-09-13 17:47 - 2018-08-28 07:41 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2018-09-13 17:47 - 2018-08-14 04:14 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet40.dll
2018-09-13 17:47 - 2018-08-14 04:14 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msexcl40.dll
2018-09-13 17:47 - 2018-08-09 10:37 - 001363960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-09-13 17:47 - 2018-08-09 10:36 - 000660896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-09-13 17:47 - 2018-08-09 10:36 - 000288104 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-09-13 17:47 - 2018-08-09 10:36 - 000221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-09-13 17:47 - 2018-08-09 10:24 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-09-13 17:47 - 2018-08-09 10:24 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2018-09-13 17:47 - 2018-08-09 10:24 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsExt.dll
2018-09-13 17:47 - 2018-08-09 10:24 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2018-09-13 17:47 - 2018-08-09 10:23 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-09-13 17:47 - 2018-08-09 10:23 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-09-13 17:47 - 2018-08-09 10:23 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollUI.dll
2018-09-13 17:47 - 2018-08-09 10:22 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-09-13 17:47 - 2018-08-09 10:22 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-09-13 17:47 - 2018-08-09 10:22 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-09-13 17:47 - 2018-08-09 10:22 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2018-09-13 17:47 - 2018-08-09 10:22 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-09-13 17:47 - 2018-08-09 10:21 - 002894848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-09-13 17:47 - 2018-08-09 10:21 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-09-13 17:47 - 2018-08-09 10:21 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2018-09-13 17:47 - 2018-08-09 10:21 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-09-13 17:47 - 2018-08-09 10:20 - 002401792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-09-13 17:47 - 2018-08-09 10:20 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-09-13 17:47 - 2018-08-09 10:20 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-09-13 17:47 - 2018-08-09 10:20 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2018-09-13 17:47 - 2018-08-09 10:20 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2018-09-13 17:47 - 2018-08-09 10:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-09-13 17:47 - 2018-08-09 06:40 - 000290088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-09-13 17:47 - 2018-08-09 06:40 - 000187296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-09-13 17:47 - 2018-08-09 06:35 - 000995792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-09-13 17:47 - 2018-08-09 06:35 - 000731760 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2018-09-13 17:47 - 2018-08-09 06:30 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-09-13 17:47 - 2018-08-09 06:30 - 000183992 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-09-13 17:47 - 2018-08-09 06:29 - 002253584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-09-13 17:47 - 2018-08-09 06:29 - 001618280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-09-13 17:47 - 2018-08-09 06:29 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-09-13 17:47 - 2018-08-09 06:29 - 000802200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-09-13 17:47 - 2018-08-09 06:29 - 000099208 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptxml.dll
2018-09-13 17:47 - 2018-08-09 06:13 - 002807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-09-13 17:47 - 2018-08-09 06:13 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-09-13 17:47 - 2018-08-09 06:13 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-09-13 17:47 - 2018-08-09 06:13 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2018-09-13 17:47 - 2018-08-09 06:12 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-09-13 17:47 - 2018-08-09 06:12 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2018-09-13 17:47 - 2018-08-09 06:12 - 000434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-09-13 17:47 - 2018-08-09 06:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2018-09-13 17:47 - 2018-08-09 06:12 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-09-13 17:47 - 2018-08-09 06:11 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-09-13 17:47 - 2018-08-09 06:11 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-09-13 17:47 - 2018-08-09 06:11 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-09-13 17:47 - 2018-08-09 06:11 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2018-09-13 17:47 - 2018-08-09 06:11 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-09-13 17:47 - 2018-08-09 06:11 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-09-13 17:47 - 2018-08-09 06:11 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsAuth.dll
2018-09-13 17:47 - 2018-08-09 06:11 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsCfg.dll
2018-09-13 17:47 - 2018-08-09 06:11 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-09-13 17:47 - 2018-08-09 06:10 - 002893824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2018-09-13 17:47 - 2018-08-09 06:10 - 002412544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-09-13 17:47 - 2018-08-09 06:10 - 001751552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-09-13 17:47 - 2018-08-09 06:10 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-09-13 17:47 - 2018-08-09 06:10 - 000738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-09-13 17:47 - 2018-08-09 06:10 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-09-13 17:47 - 2018-08-09 06:10 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-09-13 17:47 - 2018-08-09 06:09 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-09-13 17:47 - 2018-08-09 06:09 - 001272832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-09-13 17:47 - 2018-08-09 06:08 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2018-09-13 17:47 - 2018-08-09 04:55 - 000806416 _____ C:\WINDOWS\system32\locale.nls
2018-09-09 11:09 - 2018-09-09 11:09 - 000002013 _____ C:\Users\Maruška\Desktop\CrystalDiskInfo.lnk
2018-09-09 11:09 - 2018-09-09 11:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2018-09-09 11:09 - 2018-09-09 11:09 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2018-09-08 20:36 - 2018-09-08 20:36 - 000000000 _____ C:\WINDOWS\system32\last.dump
2018-09-08 19:55 - 2018-09-08 19:55 - 000000000 ____D C:\Users\Maruška\Desktop\MemTest
2018-09-08 19:42 - 2018-09-08 19:42 - 015352536 _____ C:\Users\Maruška\Desktop\CrystalDiskInfo7_7_0.exe
2018-09-08 19:42 - 2018-09-08 19:42 - 000016850 _____ C:\Users\Maruška\Desktop\MemTest.zip
2018-09-07 20:53 - 2018-09-07 20:54 - 000001309 _____ C:\DelFix.txt
2018-09-07 20:45 - 2018-09-07 20:47 - 000000000 ____D C:\Users\Maruška\Downloads\backups
2018-09-07 20:20 - 2018-09-07 20:28 - 000154300 _____ C:\WINDOWS\ntbtlog.txt
2018-09-07 20:20 - 2018-09-07 20:20 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-09-06 22:02 - 2018-09-15 20:53 - 000232039 _____ C:\WINDOWS\ZAM.krnl.trace
2018-09-06 22:02 - 2018-09-15 20:53 - 000211084 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-09-06 22:02 - 2018-09-06 22:02 - 000181496 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard32.sys
2018-09-06 22:02 - 2018-09-06 22:02 - 000181496 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam32.sys
2018-09-06 22:02 - 2018-09-06 22:02 - 000001961 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2018-09-06 22:02 - 2018-09-06 22:02 - 000000000 ____D C:\Users\Maruška\AppData\Local\Zemana
2018-09-06 22:02 - 2018-09-06 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2018-09-06 22:02 - 2018-09-06 22:02 - 000000000 ____D C:\Program Files\Zemana AntiMalware
2018-09-06 21:55 - 2018-09-06 21:55 - 000000000 ____D C:\Users\Maruška\AppData\Local\DBG
2018-09-06 21:54 - 2018-09-06 22:07 - 000000000 ____D C:\Users\Maruška\AppData\Local\AVAST Software
2018-09-06 21:50 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2018-09-06 20:15 - 2018-09-06 20:15 - 006625600 _____ (Zemana Ltd. ) C:\Users\Maruška\Downloads\Zemana.AntiMalware.Setup (1).exe
2018-09-06 20:15 - 2018-09-06 20:15 - 006625600 _____ (Zemana Ltd. ) C:\Users\Maruška\Desktop\Zemana.AntiMalware.Setup.exe
2018-09-06 17:29 - 2018-09-06 17:29 - 000000000 ____D C:\Users\Maruška\Downloads\prilohy_25573
2018-09-06 17:28 - 2018-09-06 17:28 - 000200859 _____ C:\Users\Maruška\Downloads\prilohy_25573.zip
2018-09-04 09:38 - 2018-09-06 16:47 - 000024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-09-04 09:37 - 2018-09-04 10:14 - 000000000 ____D C:\ProgramData\RogueKiller
2018-09-04 08:50 - 2018-09-04 08:50 - 000002763 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2018-09-04 08:50 - 2018-09-04 08:50 - 000000000 ____D C:\ProgramData\Sophos
2018-09-04 08:50 - 2018-09-04 08:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2018-09-04 08:50 - 2018-09-04 08:50 - 000000000 ____D C:\Program Files\Sophos
2018-09-03 21:29 - 2018-09-03 21:29 - 000000000 ____D C:\Users\Maruška\AppData\Local\mbam
2018-09-03 21:28 - 2018-09-04 08:19 - 000228960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-09-03 21:28 - 2018-09-03 21:28 - 000002097 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-09-03 21:28 - 2018-09-03 21:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-09-03 21:28 - 2018-09-03 21:28 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-09-03 21:28 - 2018-09-03 21:28 - 000000000 ____D C:\Program Files\Malwarebytes
2018-09-03 21:28 - 2018-07-12 08:42 - 000129248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae.sys
2018-09-03 21:08 - 2018-09-03 21:08 - 000002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-09-03 21:08 - 2018-09-03 21:08 - 000002485 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-09-03 21:05 - 2018-09-08 19:06 - 000000000 ____D C:\WINDOWS\Minidump
2018-09-03 20:44 - 2018-09-03 20:44 - 000323288 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-09-02 00:28 - 2018-09-02 00:28 - 002545720 _____ (Kaspersky Lab) C:\Users\Maruška\Downloads\kfa19.0.0.1088cs_14125 (1).exe
2018-09-01 11:40 - 2018-09-01 11:40 - 000000000 ____D C:\Users\Maruška\Desktop\stereogram
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-15 20:52 - 2015-12-26 11:39 - 000000000 ____D C:\Users\Maruška\AppData\Roaming\Seznam.cz
2018-09-15 20:49 - 2018-04-11 22:25 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-09-15 20:46 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-15 20:46 - 2018-04-11 22:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-09-14 23:37 - 2013-10-09 20:34 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-14 20:48 - 2018-05-27 18:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-09-14 20:25 - 2018-04-11 22:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-14 20:24 - 2018-05-27 18:14 - 000000000 ____D C:\Users\Maruška\AppData\Local\Packages
2018-09-14 20:23 - 2018-04-11 22:31 - 000000000 ____D C:\WINDOWS\INF
2018-09-14 20:06 - 2018-05-27 18:03 - 000394304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-09-14 20:05 - 2018-05-27 18:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-09-13 18:19 - 2018-04-11 14:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-09-13 18:18 - 2018-04-12 06:54 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-09-13 18:18 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\TextInput
2018-09-13 18:18 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-09-13 18:18 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-09-13 18:18 - 2018-04-11 14:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-09-12 20:31 - 2018-06-08 12:29 - 000165928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-09-11 21:05 - 2013-10-10 20:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-09-11 21:02 - 2013-10-10 20:03 - 136114104 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-09-11 20:57 - 2018-06-08 12:29 - 000135376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-09-11 20:57 - 2018-05-27 19:55 - 000000000 ___RD C:\Users\Maruška\OneDrive
2018-09-11 20:57 - 2018-05-27 18:08 - 000002433 _____ C:\Users\Maruška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-10 18:47 - 2018-06-08 12:28 - 000000000 ____D C:\Program Files\CCleaner
2018-09-09 07:18 - 2018-05-27 18:08 - 000000000 ____D C:\Users\UpdatusUser.PC-AMD
2018-09-09 07:17 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-09-08 21:49 - 2018-05-27 18:08 - 000000000 ____D C:\Users\Maruška
2018-09-07 20:56 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-09-06 22:31 - 2018-05-27 18:07 - 000006404 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-09-06 22:31 - 2018-04-12 06:53 - 000776458 _____ C:\WINDOWS\system32\perfh005.dat
2018-09-06 22:31 - 2018-04-12 06:53 - 000172992 _____ C:\WINDOWS\system32\perfc005.dat
2018-09-06 21:37 - 2009-07-14 04:37 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-09-06 20:31 - 2018-05-27 18:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-09-06 20:21 - 2013-10-09 20:10 - 000480888 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-09-05 14:27 - 2018-06-08 12:29 - 000396536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-09-05 01:04 - 2018-04-11 22:39 - 000835144 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2018-09-05 01:04 - 2018-04-11 22:39 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2018-09-04 10:22 - 2013-10-11 20:19 - 000000000 ____D C:\Users\Maruška\Desktop\Instalátory
2018-09-04 08:17 - 2013-10-11 18:18 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-04 08:17 - 2013-10-11 18:18 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-09-03 21:08 - 2018-06-08 12:28 - 000000000 ____D C:\Program Files\AVAST Software
2018-09-03 20:44 - 2018-06-08 12:29 - 000784112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-09-03 20:44 - 2018-06-08 12:29 - 000311328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-09-03 20:44 - 2018-06-08 12:29 - 000284320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblogx.sys
2018-09-03 20:44 - 2018-06-08 12:29 - 000196008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-09-03 20:44 - 2018-06-08 12:29 - 000188336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriverx.sys
2018-09-03 20:44 - 2018-06-08 12:29 - 000167552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-09-03 20:44 - 2018-06-08 12:29 - 000164944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidshx.sys
2018-09-03 20:44 - 2018-06-08 12:29 - 000101056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-09-03 20:44 - 2018-06-08 12:29 - 000073264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-09-03 20:44 - 2018-06-08 12:29 - 000057968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbunivx.sys
2018-09-03 20:44 - 2018-06-08 12:29 - 000042808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-09-03 20:44 - 2018-04-11 22:36 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-09-02 00:29 - 2018-07-15 11:24 - 000000000 ____D C:\Users\Maruška\AppData\Local\CrashDumps
2018-08-19 14:06 - 2013-10-09 20:10 - 000090688 _____ C:\Users\Maruška\AppData\Local\GDIPFONTCACHEV1.DAT
2018-08-16 18:01 - 2015-11-09 20:46 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories =======
2013-10-13 18:47 - 2013-10-13 18:46 - 000098534 _____ () C:\Users\Maruška\AppData\Roaming\7go.ico
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-27 18:03
==================== End of FRST.txt ============================
Re: Prosím o kontrolu a děkuji
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15.09.2018
Ran by Maruška (15-09-2018 20:54:31)
Running from C:\Users\Maruška\Desktop
Microsoft Windows 10 Home Version 1803 17134.285 (X86) (2018-05-27 16:14:06)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2347499873-1906944113-3954040329-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2347499873-1906944113-3954040329-503 - Limited - Disabled)
Guest (S-1-5-21-2347499873-1906944113-3954040329-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2347499873-1906944113-3954040329-1004 - Limited - Enabled)
Maruška (S-1-5-21-2347499873-1906944113-3954040329-1000 - Administrator - Enabled) => C:\Users\Maruška
WDAGUtilityAccount (S-1-5-21-2347499873-1906944113-3954040329-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\uTorrent) (Version: 3.3.2.30180 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Catalyst Install Manager (HKLM\...\{5C085A19-B4A1-6686-0103-E9E6F7B2831A}) (Version: 3.0.864.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Avast Secure Browser (HKLM\...\Avast Secure Browser) (Version: 68.0.746.60 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Codec Pack - All In 1 6.0.3.0 (HKLM\...\Cool's_Codec_pack_4.12) (Version: - )
Combined Community Codec Pack 2014-07-13 (HKLM\...\Combined Community Codec Pack_is1) (Version: 2014.07.13.0 - CCCP Project)
CrystalDiskInfo 7.7.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.7.0 - Crystal Dew World)
FormatFactory 3.7.5.0 (HKLM\...\FormatFactory) (Version: 3.7.5.0 - Free Time)
Google Chrome (HKLM\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
K-Lite Mega Codec Pack 10.0.5 (HKLM\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\OneDriveSetup.exe) (Version: 18.151.0729.0006 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
OpenAL (HKLM\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony PC Companion 2.10.303 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.50 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zemana AntiMalware (HKLM\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-09-03] (AVAST Software)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files\Zemana AntiMalware\ZAMShellExt32.dll [2018-09-06] ()
ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-09-03] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-09-03] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files\Zemana AntiMalware\ZAMShellExt32.dll [2018-09-06] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-09-03] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0356FCC3-0FB1-4F80-8AED-95D3A0103261} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {05643AE3-1CA3-4DBC-96A2-3DCAAE745FFC} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0C239F0E-9E32-4397-8BE4-8E1892C6A524} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {192BBE1D-1FC3-469D-806F-9BBCD81F9E31} - System32\Tasks\S-1-5-21-2347499873-1906944113-3954040329-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-11] (Microsoft Corporation)
Task: {2966D7C4-A23B-4F69-BC26-733760CD5896} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {2AEACDBE-8BCC-4237-8C0C-4DEEE4E9073D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {2DB802E3-5E24-4269-8148-23CDEE5DB33D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3A50841F-7B0F-4627-A884-A2CCB4309B29} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {44786D61-30B5-4AAC-8082-5B53D6D37AB6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-09-11] (AVAST Software)
Task: {453691B5-9C6E-4970-B1A9-D4AC75AE43C8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {498108EB-790A-4EB5-9FFD-8DA3C50E0E9E} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6116EB57-9542-4F96-936A-1509FC617961} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {613F3566-4160-4604-B949-3849B9C50525} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {61E2EEFE-9EBD-4F82-9E1E-4B9ECA788DF2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-09-06] (Microsoft Corporation)
Task: {6369D985-4FF2-4297-B22B-297D9EE171CD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {66B1AD6C-E6FD-4B74-A56B-1C51DF783EF2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-12] (Adobe Systems Incorporated)
Task: {744EB6A9-221E-40A5-B759-E6BD9659840A} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B0C85B1-D264-48F9-A103-4A4DDFDD374B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {82BBFAC0-4D60-4AA2-98C6-4538123466F3} - System32\Tasks\GoogleUpdateTaskMachineUA1d1e956e4af232b => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {83DFE16E-ED52-4A29-B693-0B5E28D31413} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {91D5FD80-D6DE-48D5-8075-40AFE29CEB84} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-09-03] (AVAST Software)
Task: {99445FC7-A46D-4964-9D33-0A61D00BCCD5} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {994DFEBE-5D24-46D1-A0FE-C7B017DB8851} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {99AE44F5-3EB2-486D-9282-596E6770E80E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {A72E485B-CCCB-4FA9-BBDC-A6C3E97740B3} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B4E8401E-6730-4D9A-A76E-7EBCBB371868} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {B6F9A936-1260-4623-AE66-CF7C2F977DA9} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {B7C6DC95-19FD-46D6-BD76-DDBFCEF8EE21} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-09-06] (Microsoft Corporation)
Task: {B8891CD3-4540-4694-BAC4-92B5689100ED} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B8DACB05-5278-4009-AAA3-D07A9F85D8A5} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BCAAC435-E1F7-4397-A6FF-4DD21F75827B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-09-06] (Microsoft Corporation)
Task: {BE392AE4-1ABF-4108-9EF2-57DF361E2D73} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C080ED82-5330-46DE-9F90-D4B9CC35692C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C213EF7B-5958-4F69-B15B-D4F929D4FE7C} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {CC482B6B-115E-4E49-8842-333BAC8F8D34} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-09-06] (Microsoft Corporation)
Task: {D04ED98D-E741-44C8-BFD3-A75B59B9D9D1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {D48B11AD-C4EF-4CBC-952D-D7DDFE6D877F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D7CF3C25-DB43-4C74-AE1D-9282FB906EFA} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E93AD753-8BC7-4BF2-95AD-03BF3C057A24} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e956e4844a66 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {F1A9BA23-01DA-4D3D-BDCA-768C5379191F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {F4581F10-2B58-4BDB-AE41-87E59B1293E9} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FCB7FA1B-DE42-4E4A-BB03-72F957502C59} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-04-11 22:29 - 2018-04-11 22:29 - 000364200 _____ () C:\Windows\System32\InputHost.dll
2018-04-11 22:29 - 2018-04-11 22:29 - 000308224 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 22:29 - 2018-04-11 22:29 - 001670656 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-09 11:10 - 2017-11-13 16:49 - 000085200 _____ () C:\Users\Maruška\AppData\Roaming\Seznam.cz\bin\9275libfoxloader.dll
2018-09-06 22:02 - 2018-09-06 22:02 - 000131952 _____ () C:\Program Files\Zemana AntiMalware\ZAMShellExt32.dll
2018-09-13 17:47 - 2018-08-31 05:08 - 001609216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-08 12:30 - 2018-06-08 12:30 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-09-03 20:44 - 2018-09-03 20:44 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-09-09 11:09 - 2017-11-13 16:38 - 000506064 _____ () C:\Users\Maruška\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2018-09-09 11:09 - 2018-02-21 11:36 - 000869584 _____ () C:\Users\Maruška\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2018-08-30 15:38 - 2018-08-30 15:38 - 003197440 _____ () C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.16.1007.0_x86__8wekyb3d8bbwe\GameBar.exe
2018-07-10 21:28 - 2018-06-15 17:02 - 001075712 _____ () C:\WINDOWS\system32\FaceProcessor.dll
2018-07-10 21:28 - 2018-06-15 17:42 - 000439040 _____ () C:\WINDOWS\system32\FaceProcessorCore.dll
2018-04-11 22:29 - 2018-04-11 22:29 - 001137904 _____ () C:\WINDOWS\system32\FaceTrackerInternal.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2018-09-07 20:45 - 000000813 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\Control Panel\Desktop\\Wallpaper -> c:\users\maruška\appdata\roaming\microsoft\windows photo viewer\tapeta programu windows prohlížeč fotografií.jpg
HKU\S-1-5-21-2347499873-1906944113-3954040329-1005\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "seznam-listicka-distribuce"
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\StartupApproved\Run: => "Sony PC Companion"
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{2754B620-0ABD-4BC6-B42C-BBA2ED726E57}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe
FirewallRules: [{BDDEEE82-53A5-4DB1-8C09-1BB6E7D142FC}] => (Allow) C:\Program Files\FormatFactory\FFModules\Package\PFInstOnline.exe
FirewallRules: [UDP Query User{7B41B591-F330-4179-A452-7F21FD89B73A}C:\program files\nordic games\painkiller hell & damnation\binaries\win32\pkhdgame-win32-shipping.exe] => (Allow) C:\program files\nordic games\painkiller hell & damnation\binaries\win32\pkhdgame-win32-shipping.exe
FirewallRules: [TCP Query User{8AC13EF1-3E25-43D8-A7C6-8ABF6C33BDEE}C:\program files\nordic games\painkiller hell & damnation\binaries\win32\pkhdgame-win32-shipping.exe] => (Allow) C:\program files\nordic games\painkiller hell & damnation\binaries\win32\pkhdgame-win32-shipping.exe
FirewallRules: [{21AFB98B-2DD9-4580-9183-BEED5961DFE0}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{AE595881-C54A-4814-A0A6-E74DCDEA7E1D}C:\users\maruška\appdata\roaming\utorrent\updates\3.3.2_30303.exe] => (Allow) C:\users\maruška\appdata\roaming\utorrent\updates\3.3.2_30303.exe
FirewallRules: [TCP Query User{23F9F5AB-F804-49F7-B2C3-B24647349FB0}C:\users\maruška\appdata\roaming\utorrent\updates\3.3.2_30303.exe] => (Allow) C:\users\maruška\appdata\roaming\utorrent\updates\3.3.2_30303.exe
FirewallRules: [{37254C01-2324-420E-A964-D52D5DD15697}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{9823D2A0-DCB1-4105-8522-EA6E956342BE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{3DBE646C-5F3E-4C50-BDA5-633E220449B7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{8ABD73A8-100D-47C7-942F-9C8FFD977F65}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{AC3D7362-8030-4114-A8FF-FF7F87F9365C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{CF26E1D1-2FED-49D2-8B64-BB4E7911CCD0}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{4618FCC7-6ABC-420D-BFBA-2919E7FFA1D8}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe
==================== Restore Points =========================
08-09-2018 19:03:58 Naplánovaný kontrolní bod
11-09-2018 21:02:02 Windows Update
14-09-2018 20:07:56 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/14/2018 11:16:49 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (09/14/2018 10:16:49 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (09/14/2018 09:16:50 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (09/14/2018 08:17:12 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (09/14/2018 08:11:15 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (09/14/2018 08:09:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (09/11/2018 09:06:58 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (09/11/2018 09:02:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
System errors:
=============
Error: (09/15/2018 08:51:55 PM) (Source: DCOM) (EventID: 10016) (User: PC-AMD)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli PC-AMD\Maruška (SID: S-1-5-21-2347499873-1906944113-3954040329-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/15/2018 08:49:12 PM) (Source: DCOM) (EventID: 10016) (User: PC-AMD)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli PC-AMD\Maruška (SID: S-1-5-21-2347499873-1906944113-3954040329-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/15/2018 08:49:11 PM) (Source: DCOM) (EventID: 10016) (User: PC-AMD)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli PC-AMD\Maruška (SID: S-1-5-21-2347499873-1906944113-3954040329-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/15/2018 08:49:08 PM) (Source: DCOM) (EventID: 10016) (User: PC-AMD)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli PC-AMD\Maruška (SID: S-1-5-21-2347499873-1906944113-3954040329-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/15/2018 08:47:18 PM) (Source: DCOM) (EventID: 10016) (User: PC-AMD)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli PC-AMD\Maruška (SID: S-1-5-21-2347499873-1906944113-3954040329-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/14/2018 08:59:26 PM) (Source: DCOM) (EventID: 10016) (User: PC-AMD)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli PC-AMD\Maruška (SID: S-1-5-21-2347499873-1906944113-3954040329-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/14/2018 08:29:55 PM) (Source: DCOM) (EventID: 10016) (User: PC-AMD)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli PC-AMD\Maruška (SID: S-1-5-21-2347499873-1906944113-3954040329-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/14/2018 08:24:21 PM) (Source: DCOM) (EventID: 10016) (User: PC-AMD)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli PC-AMD\Maruška (SID: S-1-5-21-2347499873-1906944113-3954040329-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2018-09-06 21:58:47.218
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Maruška\Downloads\zoek.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: PC-AMD\Maruška
Název procesu: C:\Windows\System32\RuntimeBroker.exe
Verze podpisu: AV: 1.275.852.0, AS: 1.275.852.0, NIS: 1.275.852.0
Verze modulu: AM: 1.1.15200.1, NIS: 1.1.15200.1
Date: 2018-09-06 21:58:07.744
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Maruška\Downloads\zoek.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: PC-AMD\Maruška
Název procesu: C:\Windows\System32\RuntimeBroker.exe
Verze podpisu: AV: 1.275.852.0, AS: 1.275.852.0, NIS: 1.275.852.0
Verze modulu: AM: 1.1.15200.1, NIS: 1.1.15200.1
Date: 2018-09-06 21:57:57.721
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Maruška\Downloads\zoek.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: PC-AMD\Maruška
Název procesu: C:\Windows\System32\RuntimeBroker.exe
Verze podpisu: AV: 1.275.852.0, AS: 1.275.852.0, NIS: 1.275.852.0
Verze modulu: AM: 1.1.15200.1, NIS: 1.1.15200.1
Date: 2018-09-06 21:55:37.629
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Maruška\Desktop\zoek.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: PC-AMD\Maruška
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.275.852.0, AS: 1.275.852.0, NIS: 1.275.852.0
Verze modulu: AM: 1.1.15200.1, NIS: 1.1.15200.1
Date: 2018-09-09 07:17:12.514
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2018-09-08 20:29:25.944
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.275.948.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15200.1
Kód chyby: 0x80240438
Popis chyby ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2018-09-07 20:20:23.094
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.
CodeIntegrity:
===================================
Date: 2018-09-14 20:42:54.822
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-14 20:42:54.736
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-14 20:42:54.661
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-14 20:42:54.437
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-14 20:42:54.257
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-14 20:42:54.066
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-14 20:42:51.464
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-14 20:42:50.094
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: AMD A10-5800K APU with Radeon(tm) HD Graphics
Percentage of memory in use: 64%
Total physical RAM: 1998.99 MB
Available physical RAM: 701.82 MB
Total Virtual: 3470.99 MB
Available Virtual: 1684.72 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:204.54 GB) (Free:91.46 GB) NTFS
\\?\Volume{ef4bdd4e-3109-11e3-bce2-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS
\\?\Volume{26b49777-0000-0000-0000-d02833000000}\ () (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 26B49777)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=204.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=726.4 GB) - (Type=06)
==================== End of Addition.txt ============================
Ran by Maruška (15-09-2018 20:54:31)
Running from C:\Users\Maruška\Desktop
Microsoft Windows 10 Home Version 1803 17134.285 (X86) (2018-05-27 16:14:06)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2347499873-1906944113-3954040329-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2347499873-1906944113-3954040329-503 - Limited - Disabled)
Guest (S-1-5-21-2347499873-1906944113-3954040329-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2347499873-1906944113-3954040329-1004 - Limited - Enabled)
Maruška (S-1-5-21-2347499873-1906944113-3954040329-1000 - Administrator - Enabled) => C:\Users\Maruška
WDAGUtilityAccount (S-1-5-21-2347499873-1906944113-3954040329-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\uTorrent) (Version: 3.3.2.30180 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Catalyst Install Manager (HKLM\...\{5C085A19-B4A1-6686-0103-E9E6F7B2831A}) (Version: 3.0.864.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Avast Secure Browser (HKLM\...\Avast Secure Browser) (Version: 68.0.746.60 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Codec Pack - All In 1 6.0.3.0 (HKLM\...\Cool's_Codec_pack_4.12) (Version: - )
Combined Community Codec Pack 2014-07-13 (HKLM\...\Combined Community Codec Pack_is1) (Version: 2014.07.13.0 - CCCP Project)
CrystalDiskInfo 7.7.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.7.0 - Crystal Dew World)
FormatFactory 3.7.5.0 (HKLM\...\FormatFactory) (Version: 3.7.5.0 - Free Time)
Google Chrome (HKLM\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
K-Lite Mega Codec Pack 10.0.5 (HKLM\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\OneDriveSetup.exe) (Version: 18.151.0729.0006 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
OpenAL (HKLM\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony PC Companion 2.10.303 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.50 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zemana AntiMalware (HKLM\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-09-03] (AVAST Software)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files\Zemana AntiMalware\ZAMShellExt32.dll [2018-09-06] ()
ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-09-03] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-09-03] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files\Zemana AntiMalware\ZAMShellExt32.dll [2018-09-06] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-09-03] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0356FCC3-0FB1-4F80-8AED-95D3A0103261} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {05643AE3-1CA3-4DBC-96A2-3DCAAE745FFC} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0C239F0E-9E32-4397-8BE4-8E1892C6A524} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {192BBE1D-1FC3-469D-806F-9BBCD81F9E31} - System32\Tasks\S-1-5-21-2347499873-1906944113-3954040329-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-11] (Microsoft Corporation)
Task: {2966D7C4-A23B-4F69-BC26-733760CD5896} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {2AEACDBE-8BCC-4237-8C0C-4DEEE4E9073D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {2DB802E3-5E24-4269-8148-23CDEE5DB33D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3A50841F-7B0F-4627-A884-A2CCB4309B29} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {44786D61-30B5-4AAC-8082-5B53D6D37AB6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-09-11] (AVAST Software)
Task: {453691B5-9C6E-4970-B1A9-D4AC75AE43C8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {498108EB-790A-4EB5-9FFD-8DA3C50E0E9E} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6116EB57-9542-4F96-936A-1509FC617961} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {613F3566-4160-4604-B949-3849B9C50525} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {61E2EEFE-9EBD-4F82-9E1E-4B9ECA788DF2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-09-06] (Microsoft Corporation)
Task: {6369D985-4FF2-4297-B22B-297D9EE171CD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {66B1AD6C-E6FD-4B74-A56B-1C51DF783EF2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-12] (Adobe Systems Incorporated)
Task: {744EB6A9-221E-40A5-B759-E6BD9659840A} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B0C85B1-D264-48F9-A103-4A4DDFDD374B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {82BBFAC0-4D60-4AA2-98C6-4538123466F3} - System32\Tasks\GoogleUpdateTaskMachineUA1d1e956e4af232b => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {83DFE16E-ED52-4A29-B693-0B5E28D31413} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {91D5FD80-D6DE-48D5-8075-40AFE29CEB84} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-09-03] (AVAST Software)
Task: {99445FC7-A46D-4964-9D33-0A61D00BCCD5} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {994DFEBE-5D24-46D1-A0FE-C7B017DB8851} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {99AE44F5-3EB2-486D-9282-596E6770E80E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {A72E485B-CCCB-4FA9-BBDC-A6C3E97740B3} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B4E8401E-6730-4D9A-A76E-7EBCBB371868} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {B6F9A936-1260-4623-AE66-CF7C2F977DA9} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {B7C6DC95-19FD-46D6-BD76-DDBFCEF8EE21} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-09-06] (Microsoft Corporation)
Task: {B8891CD3-4540-4694-BAC4-92B5689100ED} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B8DACB05-5278-4009-AAA3-D07A9F85D8A5} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BCAAC435-E1F7-4397-A6FF-4DD21F75827B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-09-06] (Microsoft Corporation)
Task: {BE392AE4-1ABF-4108-9EF2-57DF361E2D73} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C080ED82-5330-46DE-9F90-D4B9CC35692C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C213EF7B-5958-4F69-B15B-D4F929D4FE7C} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {CC482B6B-115E-4E49-8842-333BAC8F8D34} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-09-06] (Microsoft Corporation)
Task: {D04ED98D-E741-44C8-BFD3-A75B59B9D9D1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {D48B11AD-C4EF-4CBC-952D-D7DDFE6D877F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D7CF3C25-DB43-4C74-AE1D-9282FB906EFA} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E93AD753-8BC7-4BF2-95AD-03BF3C057A24} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e956e4844a66 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {F1A9BA23-01DA-4D3D-BDCA-768C5379191F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {F4581F10-2B58-4BDB-AE41-87E59B1293E9} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FCB7FA1B-DE42-4E4A-BB03-72F957502C59} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-04-11 22:29 - 2018-04-11 22:29 - 000364200 _____ () C:\Windows\System32\InputHost.dll
2018-04-11 22:29 - 2018-04-11 22:29 - 000308224 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 22:29 - 2018-04-11 22:29 - 001670656 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-09 11:10 - 2017-11-13 16:49 - 000085200 _____ () C:\Users\Maruška\AppData\Roaming\Seznam.cz\bin\9275libfoxloader.dll
2018-09-06 22:02 - 2018-09-06 22:02 - 000131952 _____ () C:\Program Files\Zemana AntiMalware\ZAMShellExt32.dll
2018-09-13 17:47 - 2018-08-31 05:08 - 001609216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-08 12:30 - 2018-06-08 12:30 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-09-03 20:44 - 2018-09-03 20:44 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-09-09 11:09 - 2017-11-13 16:38 - 000506064 _____ () C:\Users\Maruška\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2018-09-09 11:09 - 2018-02-21 11:36 - 000869584 _____ () C:\Users\Maruška\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2018-08-30 15:38 - 2018-08-30 15:38 - 003197440 _____ () C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.16.1007.0_x86__8wekyb3d8bbwe\GameBar.exe
2018-07-10 21:28 - 2018-06-15 17:02 - 001075712 _____ () C:\WINDOWS\system32\FaceProcessor.dll
2018-07-10 21:28 - 2018-06-15 17:42 - 000439040 _____ () C:\WINDOWS\system32\FaceProcessorCore.dll
2018-04-11 22:29 - 2018-04-11 22:29 - 001137904 _____ () C:\WINDOWS\system32\FaceTrackerInternal.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2018-09-07 20:45 - 000000813 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\Control Panel\Desktop\\Wallpaper -> c:\users\maruška\appdata\roaming\microsoft\windows photo viewer\tapeta programu windows prohlížeč fotografií.jpg
HKU\S-1-5-21-2347499873-1906944113-3954040329-1005\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "seznam-listicka-distribuce"
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\StartupApproved\Run: => "Sony PC Companion"
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{2754B620-0ABD-4BC6-B42C-BBA2ED726E57}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe
FirewallRules: [{BDDEEE82-53A5-4DB1-8C09-1BB6E7D142FC}] => (Allow) C:\Program Files\FormatFactory\FFModules\Package\PFInstOnline.exe
FirewallRules: [UDP Query User{7B41B591-F330-4179-A452-7F21FD89B73A}C:\program files\nordic games\painkiller hell & damnation\binaries\win32\pkhdgame-win32-shipping.exe] => (Allow) C:\program files\nordic games\painkiller hell & damnation\binaries\win32\pkhdgame-win32-shipping.exe
FirewallRules: [TCP Query User{8AC13EF1-3E25-43D8-A7C6-8ABF6C33BDEE}C:\program files\nordic games\painkiller hell & damnation\binaries\win32\pkhdgame-win32-shipping.exe] => (Allow) C:\program files\nordic games\painkiller hell & damnation\binaries\win32\pkhdgame-win32-shipping.exe
FirewallRules: [{21AFB98B-2DD9-4580-9183-BEED5961DFE0}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{AE595881-C54A-4814-A0A6-E74DCDEA7E1D}C:\users\maruška\appdata\roaming\utorrent\updates\3.3.2_30303.exe] => (Allow) C:\users\maruška\appdata\roaming\utorrent\updates\3.3.2_30303.exe
FirewallRules: [TCP Query User{23F9F5AB-F804-49F7-B2C3-B24647349FB0}C:\users\maruška\appdata\roaming\utorrent\updates\3.3.2_30303.exe] => (Allow) C:\users\maruška\appdata\roaming\utorrent\updates\3.3.2_30303.exe
FirewallRules: [{37254C01-2324-420E-A964-D52D5DD15697}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{9823D2A0-DCB1-4105-8522-EA6E956342BE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{3DBE646C-5F3E-4C50-BDA5-633E220449B7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{8ABD73A8-100D-47C7-942F-9C8FFD977F65}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{AC3D7362-8030-4114-A8FF-FF7F87F9365C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{CF26E1D1-2FED-49D2-8B64-BB4E7911CCD0}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{4618FCC7-6ABC-420D-BFBA-2919E7FFA1D8}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe
==================== Restore Points =========================
08-09-2018 19:03:58 Naplánovaný kontrolní bod
11-09-2018 21:02:02 Windows Update
14-09-2018 20:07:56 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/14/2018 11:16:49 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (09/14/2018 10:16:49 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (09/14/2018 09:16:50 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (09/14/2018 08:17:12 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (09/14/2018 08:11:15 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (09/14/2018 08:09:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (09/11/2018 09:06:58 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (09/11/2018 09:02:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
System errors:
=============
Error: (09/15/2018 08:51:55 PM) (Source: DCOM) (EventID: 10016) (User: PC-AMD)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli PC-AMD\Maruška (SID: S-1-5-21-2347499873-1906944113-3954040329-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/15/2018 08:49:12 PM) (Source: DCOM) (EventID: 10016) (User: PC-AMD)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli PC-AMD\Maruška (SID: S-1-5-21-2347499873-1906944113-3954040329-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/15/2018 08:49:11 PM) (Source: DCOM) (EventID: 10016) (User: PC-AMD)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli PC-AMD\Maruška (SID: S-1-5-21-2347499873-1906944113-3954040329-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/15/2018 08:49:08 PM) (Source: DCOM) (EventID: 10016) (User: PC-AMD)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli PC-AMD\Maruška (SID: S-1-5-21-2347499873-1906944113-3954040329-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/15/2018 08:47:18 PM) (Source: DCOM) (EventID: 10016) (User: PC-AMD)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli PC-AMD\Maruška (SID: S-1-5-21-2347499873-1906944113-3954040329-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/14/2018 08:59:26 PM) (Source: DCOM) (EventID: 10016) (User: PC-AMD)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli PC-AMD\Maruška (SID: S-1-5-21-2347499873-1906944113-3954040329-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/14/2018 08:29:55 PM) (Source: DCOM) (EventID: 10016) (User: PC-AMD)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli PC-AMD\Maruška (SID: S-1-5-21-2347499873-1906944113-3954040329-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/14/2018 08:24:21 PM) (Source: DCOM) (EventID: 10016) (User: PC-AMD)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli PC-AMD\Maruška (SID: S-1-5-21-2347499873-1906944113-3954040329-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2018-09-06 21:58:47.218
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Maruška\Downloads\zoek.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: PC-AMD\Maruška
Název procesu: C:\Windows\System32\RuntimeBroker.exe
Verze podpisu: AV: 1.275.852.0, AS: 1.275.852.0, NIS: 1.275.852.0
Verze modulu: AM: 1.1.15200.1, NIS: 1.1.15200.1
Date: 2018-09-06 21:58:07.744
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Maruška\Downloads\zoek.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: PC-AMD\Maruška
Název procesu: C:\Windows\System32\RuntimeBroker.exe
Verze podpisu: AV: 1.275.852.0, AS: 1.275.852.0, NIS: 1.275.852.0
Verze modulu: AM: 1.1.15200.1, NIS: 1.1.15200.1
Date: 2018-09-06 21:57:57.721
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Maruška\Downloads\zoek.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: PC-AMD\Maruška
Název procesu: C:\Windows\System32\RuntimeBroker.exe
Verze podpisu: AV: 1.275.852.0, AS: 1.275.852.0, NIS: 1.275.852.0
Verze modulu: AM: 1.1.15200.1, NIS: 1.1.15200.1
Date: 2018-09-06 21:55:37.629
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Maruška\Desktop\zoek.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: PC-AMD\Maruška
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.275.852.0, AS: 1.275.852.0, NIS: 1.275.852.0
Verze modulu: AM: 1.1.15200.1, NIS: 1.1.15200.1
Date: 2018-09-09 07:17:12.514
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2018-09-08 20:29:25.944
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.275.948.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15200.1
Kód chyby: 0x80240438
Popis chyby ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2018-09-07 20:20:23.094
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.
CodeIntegrity:
===================================
Date: 2018-09-14 20:42:54.822
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-14 20:42:54.736
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-14 20:42:54.661
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-14 20:42:54.437
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-14 20:42:54.257
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-14 20:42:54.066
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-14 20:42:51.464
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-14 20:42:50.094
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: AMD A10-5800K APU with Radeon(tm) HD Graphics
Percentage of memory in use: 64%
Total physical RAM: 1998.99 MB
Available physical RAM: 701.82 MB
Total Virtual: 3470.99 MB
Available Virtual: 1684.72 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:204.54 GB) (Free:91.46 GB) NTFS
\\?\Volume{ef4bdd4e-3109-11e3-bce2-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS
\\?\Volume{26b49777-0000-0000-0000-d02833000000}\ () (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 26B49777)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=204.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=726.4 GB) - (Type=06)
==================== End of Addition.txt ============================
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43061
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu a děkuji
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
Kód: Vybrat vše
Start
CloseProcesses:
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Maruška\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Maruška\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
SearchScopes: HKU\S-1-5-21-2347499873-1906944113-3954040329-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2347499873-1906944113-3954040329-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
C:\Users\Maruška\AppData\Roaming\7go.ico
ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
Task: {82BBFAC0-4D60-4AA2-98C6-4538123466F3} - System32\Tasks\GoogleUpdateTaskMachineUA1d1e956e4af232b => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {99AE44F5-3EB2-486D-9282-596E6770E80E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C080ED82-5330-46DE-9F90-D4B9CC35692C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {E93AD753-8BC7-4BF2-95AD-03BF3C057A24} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e956e4844a66 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Users\Maruška\AppData\Roaming\Seznam.cz\bin\9275libfoxloader.dll
EmptyTemp:
End
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu a děkuji
Fix result of Farbar Recovery Scan Tool (x86) Version: 15.09.2018
Ran by Maruška (17-09-2018 14:39:23) Run:1
Running from C:\Users\Maruška\Desktop
Loaded Profiles: Maruška & (Available Profiles: Maruška)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Maru�ka\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Maru�ka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
SearchScopes: HKU\S-1-5-21-2347499873-1906944113-3954040329-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2347499873-1906944113-3954040329-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
C:\Users\Maru�ka\AppData\Roaming\7go.ico
ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
Task: {82BBFAC0-4D60-4AA2-98C6-4538123466F3} - System32\Tasks\GoogleUpdateTaskMachineUA1d1e956e4af232b => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {99AE44F5-3EB2-486D-9282-596E6770E80E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C080ED82-5330-46DE-9F90-D4B9CC35692C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {E93AD753-8BC7-4BF2-95AD-03BF3C057A24} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e956e4844a66 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Users\Maru�ka\AppData\Roaming\Seznam.cz\bin\9275libfoxloader.dll
EmptyTemp:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate" => removed successfully.
"HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop" => removed successfully.
"HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => removed successfully.
HKLM\Software\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => not found
"HKLM\SOFTWARE\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj" => removed successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => removed successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => removed successfully.
"HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\SOFTWARE\Google\Chrome\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig" => removed successfully.
"HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\SOFTWARE\Google\Chrome\Extensions\olfeabkoenfaoljndfecamgilllcpiak" => removed successfully.
"HKLM\System\CurrentControlSet\Services\idsvc" => removed successfully.
idsvc => service removed successfully.
"HKLM\System\CurrentControlSet\Services\wpcsvc" => removed successfully.
wpcsvc => service removed successfully.
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
"C:\Users\Maru�ka\AppData\Roaming\7go.ico" => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++" => removed successfully.
HKLM\Software\Classes\CLSID\{00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets" => removed successfully.
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{82BBFAC0-4D60-4AA2-98C6-4538123466F3}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82BBFAC0-4D60-4AA2-98C6-4538123466F3}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d1e956e4af232b => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d1e956e4af232b" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{99AE44F5-3EB2-486D-9282-596E6770E80E}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99AE44F5-3EB2-486D-9282-596E6770E80E}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C080ED82-5330-46DE-9F90-D4B9CC35692C}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C080ED82-5330-46DE-9F90-D4B9CC35692C}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E93AD753-8BC7-4BF2-95AD-03BF3C057A24}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E93AD753-8BC7-4BF2-95AD-03BF3C057A24}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d1e956e4844a66 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d1e956e4844a66" => removed successfully.
"C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job" => not found
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
"C:\Users\Maru�ka\AppData\Roaming\Seznam.cz\bin\9275libfoxloader.dll" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 117247423 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 21888 B
Edge => 3584 B
Chrome => 183577737 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 0 B
NetworkService => 17136 B
Maruška => 31731776 B
UpdatusUser.PC-AMD => 0 B
RecycleBin => 3944596 B
EmptyTemp: => 331 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:40:23 ====
Ran by Maruška (17-09-2018 14:39:23) Run:1
Running from C:\Users\Maruška\Desktop
Loaded Profiles: Maruška & (Available Profiles: Maruška)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Maru�ka\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Maru�ka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
SearchScopes: HKU\S-1-5-21-2347499873-1906944113-3954040329-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2347499873-1906944113-3954040329-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
C:\Users\Maru�ka\AppData\Roaming\7go.ico
ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
Task: {82BBFAC0-4D60-4AA2-98C6-4538123466F3} - System32\Tasks\GoogleUpdateTaskMachineUA1d1e956e4af232b => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {99AE44F5-3EB2-486D-9282-596E6770E80E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C080ED82-5330-46DE-9F90-D4B9CC35692C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {E93AD753-8BC7-4BF2-95AD-03BF3C057A24} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e956e4844a66 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Users\Maru�ka\AppData\Roaming\Seznam.cz\bin\9275libfoxloader.dll
EmptyTemp:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate" => removed successfully.
"HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop" => removed successfully.
"HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => removed successfully.
HKLM\Software\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => not found
"HKLM\SOFTWARE\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj" => removed successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => removed successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => removed successfully.
"HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\SOFTWARE\Google\Chrome\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig" => removed successfully.
"HKU\S-1-5-21-2347499873-1906944113-3954040329-1000\SOFTWARE\Google\Chrome\Extensions\olfeabkoenfaoljndfecamgilllcpiak" => removed successfully.
"HKLM\System\CurrentControlSet\Services\idsvc" => removed successfully.
idsvc => service removed successfully.
"HKLM\System\CurrentControlSet\Services\wpcsvc" => removed successfully.
wpcsvc => service removed successfully.
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
"C:\Users\Maru�ka\AppData\Roaming\7go.ico" => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++" => removed successfully.
HKLM\Software\Classes\CLSID\{00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets" => removed successfully.
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{82BBFAC0-4D60-4AA2-98C6-4538123466F3}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82BBFAC0-4D60-4AA2-98C6-4538123466F3}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d1e956e4af232b => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d1e956e4af232b" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{99AE44F5-3EB2-486D-9282-596E6770E80E}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99AE44F5-3EB2-486D-9282-596E6770E80E}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C080ED82-5330-46DE-9F90-D4B9CC35692C}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C080ED82-5330-46DE-9F90-D4B9CC35692C}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E93AD753-8BC7-4BF2-95AD-03BF3C057A24}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E93AD753-8BC7-4BF2-95AD-03BF3C057A24}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d1e956e4844a66 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d1e956e4844a66" => removed successfully.
"C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job" => not found
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
"C:\Users\Maru�ka\AppData\Roaming\Seznam.cz\bin\9275libfoxloader.dll" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 117247423 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 21888 B
Edge => 3584 B
Chrome => 183577737 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 0 B
NetworkService => 17136 B
Maruška => 31731776 B
UpdatusUser.PC-AMD => 0 B
RecycleBin => 3944596 B
EmptyTemp: => 331 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:40:23 ====
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 11 hostů